Critical Vulnerabilities in Widely Used Chrome Extensions: Exposing API Keys and User Data Through HTTP and Hardcoded Credentials
Cybersecurity researchers have identified multiple popular Google Chrome extensions that transmit data using HTTP and contain hard-coded secrets within their code, thereby exposing users to significant privacy and security…

DNS Hijacking: A Significant Cybersecurity Threat to the UK Government
Cyber threat actors, including both nation-state and criminal groups, are increasingly hijacking internet domains to further their malicious agenda.

Nick Woodcraft, Service Owner for Vulnerability Monitoring at the UK…

New Evidence Establishes Connection Between Persistent Hacking Group and Indian Government
Researchers have identified new connections between the persistent threat actor known as Bitter and the Indian government. In a comprehensive two-part investigation published recently, security researchers from Proofpoint, a…

Data Breach: Unsecured Database Compromises Information of 3.6 Million Passion.io Creators
A significant data breach has compromised the personal information of over 3.6 million app developers, influencers, and entrepreneurs. This incident underscores the vulnerabilities present in data management systems and…

Access to Pornhub, RedTube, and YouPorn Restricted in France, Anticipated Surge in VPN Utilization
VPNs have gained significant traction in France, primarily due to the recent accessibility issues of major adult websites such as Pornhub, RedTube, and YouPorn. This surge in interest is…

Allegations of Exceptional Coding Capability Surround Google’s Upcoming Gemini Kingfall
Google continues to push the boundaries of artificial intelligence with the anticipated introduction of a new model, referred to as “Gemini Kingfall.” This development marks an assertive stride in…

Analysis of APT Tactics Evolution and Geographic Expansion
The threat actor identified as Bitter has been assessed as a state-sponsored hacking group tasked with intelligence gathering that aligns with the objectives of the Indian government. This assessment…

Ransomware Victims Encouraged to Actively Engage to Regain Control
Opening lines of communication with ransomware actors is crucial for achieving a favorable resolution during an incident that could significantly disrupt operations, according to Dan Saunders, Director of Incident…

Zaporizhzhia Cyber Police Uncovers Cybercriminal Responsible for Significant Financial Losses Through Cryptocurrency Mining Activities
A 35-year-old individual has been apprehended for unlawfully accessing over 5,000 customer accounts of a renowned global hosting provider to utilize the organization’s server resources for cryptocurrency mining. This…

Approximately 94 Billion Compromised Cookies Discovered on the Dark Web
Cybersecurity experts are sounding the alarm regarding a significant risk of data exposure following a recent investigation that unveiled an alarming prevalence of internet cookies in various online environments.…

Law Enforcement Apprehends 20 Individuals in Connection with Distribution of Child Sexual Abuse Material
Law enforcement agencies from more than a dozen countries have apprehended 20 individuals as part of a coordinated international effort aimed at combatting the production and distribution of child…

Enhancing User Empowerment and Safeguarding Against GenAI Data Loss
With the widespread availability of generative AI tools in late 2022, employees in various sectors quickly recognized the potential of these technologies to enhance productivity, streamline communication, and expedite…

Scattered Spider Leverages Technology Vendor Impersonation to Target Help Desks
Scattered Spider, a ransomware collective implicated in recent retail cyberattacks in the UK, has refined its strategy by implementing more advanced techniques. A recent analysis by ReliaQuest revealed that…

Widespread Chrome Extensions Discovered Exposing Data Through Unencrypted Transmission Channels
Numerous Chrome extensions have been discovered to transmit user data over unencrypted HTTP, significantly raising privacy concerns among users. Analysis has revealed that these extensions potentially expose sensitive information,…

Updating Google Chrome Across All Operating Systems: A Comprehensive Guide
Frequent updates for the widely utilized browser, Google Chrome, are paramount for users. To streamline the process of accessing update instructions for various platforms—including iOS, macOS, Windows, Android, and…

Microsoft Releases Script for Restoring Critical inetpub Folder
Microsoft has introduced a PowerShell script to facilitate the restoration of the ‘inetpub’ folder, which was unintentionally created by the April 2025 Windows security updates, should it be deleted.…

Emerging Atomic macOS Stealer Campaign Leverages ClickFix Exploit to Target Apple Users
Cybersecurity researchers have identified a significant malware campaign utilizing the ClickFix social engineering technique to deceive users into downloading an information-stealing malware identified as Atomic macOS Stealer (AMOS) on…

Cybersecurity 2025: Six Critical Trends for CISOs to Monitor
This year’s Infosecurity Europe 2025 gathered industry experts to discuss the latest trends, challenges, and successes in the cybersecurity domain. The following six key trends emerged from conversations across…

PowerSchool Cybersecurity Incident: Hacker Pleads Guilty and Granted Release on Personal Recognizance Bond
A 19-year-old student from Assumption College has been implicated in a series of cyber extortion activities targeting at least two organizations, including a telecom company and a widely recognized…

Zero-Click iMessage Exploit Targets Key Officials in the US and EU
iVerify has identified a critical zero-click vulnerability in iMessage, referred to as “NICKNAME,” which has been exploited in targeted attacks against high-value individuals in both the United States and…