Google Associates Newly Discovered LostKeys Data Theft Malware with Russian Cyber Espionage Actors
Google Associates New LostKeys Malware with Russian Cyber Espionage

Since the beginning of 2025, the Russian state-backed ColdRiver hacking group has employed the newly identified LostKeys malware to conduct…

Over 38,000 FreeDrain Subdomains Identified Engaging in SEO Exploitation for Crypto Wallet Seed Phrase Theft
Cybersecurity researchers have revealed an extensive global cryptocurrency phishing operation known as FreeDrain, which has been exploiting digital assets from cryptocurrency wallets over several years. The campaign…

Leak of 60,000 BTC Wallets Associated with LockBit Ransomware Collective
In a striking turn of events, a recent breach has led to the public exposure of approximately 60,000 Bitcoin wallet addresses associated with the notorious LockBit ransomware group, which…

UK Legal Aid Agency Experiences Cybersecurity Incident
The Ministry of Justice (MoJ) has initiated an investigation into a data breach, collaborating closely with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC). This…

Impersonation of Payroll, HR, and Benefits Platforms by Cyber Criminals: A Growing Threat to Data and Financial Security
The ongoing struggle against online fraud is an ever-evolving challenge, characterized by a continuous adaptation between security teams and threat actors. The sophistication of these attacks increasingly blurs the…

Malicious PyPi Package Conceals RAT Malware Targeting Discord Developers Since 2022
A malicious Python package designed to target Discord developers with remote access trojan (RAT) malware has been discovered on the Python Package Index (PyPI) after being active for over…

Decline in UK Cyber Essentials Certification Numbers – Infosecurity Magazine
Over a decade after the establishment of the UK’s Cyber Essentials scheme, the government recognizes that the current number of certified UK organizations falls significantly short of expectations. Approximately…

Maximizing Control Effectiveness: The Key to Comprehensive Security Beyond Tools Alone
Recent surveys reveal that a significant 61% of cybersecurity leaders have experienced breaches due to poorly configured security controls within the past year, despite the deployment of an average…

Google Deploys On-Device AI Security Measures to Identify Scams in Chrome and Android Platforms
Google has announced the rollout of new artificial intelligence (AI)-powered measures designed to combat scams across its platforms, specifically Chrome, Search, and Android. The company will utilize Gemini Nano,…

Cisco Addresses Critical IOS XE Vulnerability Allowing Potential Device Hijacking
Cisco has addressed a high-severity vulnerability in IOS XE Software affecting Wireless LAN Controllers. This flaw, identified as CVE-2025-20188, involves a hard-coded JSON Web Token (JWT) which enables unauthenticated…

FBI Issues Warning Regarding Malicious Services Aiming at Outdated Router Systems
Edge devices, particularly routers that no longer receive security updates, have become prime targets for cyber threat actors. Recently, reports from law enforcement have indicated that known vulnerabilities in…

PowerSchool Pays Ransom; Cybercriminals Shift Focus to Educators for Additional Exploitation
In response to a significant data breach, PowerSchool has opted to meet the demands of ransomware perpetrators. This decision has resulted in heightened scrutiny concerning the security protocols of…

Elevating Security Posture: A Comprehensive Approach Beyond Vulnerability Management
The reactive nature of vulnerability management, along with the delays introduced by policy and process constraints, places considerable strain on security teams. Capacities are often limited, making immediate patching…

Pearson Experiences Cybersecurity Breach Resulting in Compromised Customer Data
Education provider Pearson has been compromised in a recent cyberattack that has exposed sensitive corporate and customer data. The company, which is based in the United Kingdom and serves…

UN Introduces Comprehensive Cyber-Attack Assessment Framework
The United Nations has introduced a new cyber-attack assessment framework to complement existing cybersecurity models like the MITRE ATT&CK framework. The United Nations Institute for Disarmament Research (UNIDR) Intrusion…

Targeting Brazilian Executives: Initial Access Brokers Exploit NF-e Spam and Authorized RMM Trials
Cybersecurity experts have raised alarms over a new campaign aimed at Portuguese-speaking users in Brazil, distributing trial versions of commercial remote monitoring and management (RMM) software since January 2025.…

Supply Chain Compromise Targets npm Package with 45,000 Weekly Downloads
An npm package, ‘rand-user-agent’, has been affected by a supply chain attack that resulted in the injection of obfuscated code designed to activate a remote access trojan (RAT) on…

Google Implements On-Device AI to Combat Scams on Chrome and Android
Google has initiated the integration of Gemini Nano, its on-device large language model (LLM), within the latest version of Chrome to enhance defenses against online spam, scams, and phishing…

Exploitation of Legacy Login in Microsoft Entra ID Compromises Cloud Account Security
A vulnerability identified in Microsoft Entra ID’s legacy authentication mechanism has raised significant concerns regarding the security of multi-factor authentication (MFA) for administrative accounts, particularly within the financial sector.…

Pearson Corporation Suffers Cybersecurity Breach compromising Customer Information
Education giant Pearson has experienced a significant cyberattack, resulting in the compromise of corporate data and personal information pertaining to customers. Based in the United Kingdom, Pearson is recognized…

Securing AI Agents: Proactive Measures to Protect Your Business from Cyber Threats
AI agents are significantly transforming business operations by enabling tasks such as answering queries, automating processes, and enhancing user experiences. However, this powerful capability introduces substantial security vulnerabilities, including…