FIN6 hackers are now pretending to be job seekers to hack recruiters. A well-known cybercrime group named FIN6, also known as Skeleton Spider, has come up with a new and clever way to attack companies. This time, instead of directly hacking systems or using ransomware, they are pretending to be job seekers and targeting … Continued
AI-Powered Code Tools Are Creating a “Cybersecurity Powder Keg” The rise of AI-assisted development has transformed the way code is written—faster, more efficient, and increasingly accessible. But there’s a growing concern that this acceleration comes at a cost: security. A recent piece by Dark Reading highlights a growing risk. Developers—especially those new to the field—are … Continued
A newly discovered malware named PathWiper has been used in a cyberattack that seriously impacted a critical infrastructure facility in Ukraine. According to cybersecurity researchers at Cisco Talos, this malware wasn’t launched through traditional hacking techniques but was delivered using a legitimate endpoint management system. This means the attackers likely had administrator-level access, which allowed … Continued
United Natural Foods Inc. (UNFI), the main company that supplies food and goods to Whole Foods Market, was hit by a cyberattack on June 5, 2025. This attack caused major problems in their computer systems, leading to delays in delivering important grocery and pharmacy items to stores across the country. The company found out that … Continued
So, what happened? Researchers found a huge, unsecured database sitting out in the open — 631 gigabytes packed with about 4 billion user records. Yeah, you read that right. Four. Billion. Records. Most of this data comes from Chinese users, and it’s full of sensitive info like names, birthdates, phone numbers, and even financial details … Continued
The FBI has issued a critical cybersecurity alert warning about a sharp increase in infections caused by the BADBOX 2.0 botnet. This sophisticated malware is currently compromising more than one million Android devices, primarily off-brand models, many sourced from Chinese manufacturers. What is BADBOX 2.0? BADBOX 2.0 is an advanced version of the original BADBOX … Continued
Cybersecurity experts have uncovered a fresh malware campaign targeting macOS users through a social engineering technique known as ClickFix. This operation aims to deceive users into downloading a malicious software called Atomic macOS Stealer (AMOS), designed to steal sensitive information from Apple devices. Researchers at CloudSEK report that the attackers exploit lookalike domains mimicking the … Continued
In a move that has raised eyebrows across the global cybersecurity and geopolitical communities, Chinese authorities have publicly accused members of Taiwan’s military of cyberespionage and are offering financial rewards for their capture. 🔍 Public Accusations and Bounty Announcement On June 5, authorities in Guangzhou, a major city in southern China, announced cash rewards exceeding … Continued
Microsoft has unveiled a significant initiative to bolster the cybersecurity defenses of European governments at no cost, addressing the escalating threat landscape, particularly from state-sponsored actors leveraging advanced technologies like AI. On June 4, 2025, Microsoft announced a comprehensive program aimed at enhancing intelligence-sharing on AI-based threats and assisting in the prevention and disruption of … Continued
Hewlett Packard Enterprise (HPE) has rolled out urgent security patches to fix eight separate vulnerabilities in its StoreOnce data backup and deduplication platform. These flaws, if left unaddressed, could enable attackers to bypass authentication measures and execute remote code on affected systems. According to HPE’s official advisory, the vulnerabilities open the door to various attack … Continued
