Pearson Experiences Cybersecurity Breach Resulting in Compromised Customer Data
Education provider Pearson has been compromised in a recent cyberattack that has exposed sensitive corporate and customer data. The company, which is based in the United Kingdom and serves…

UN Introduces Comprehensive Cyber-Attack Assessment Framework
The United Nations has introduced a new cyber-attack assessment framework to complement existing cybersecurity models like the MITRE ATT&CK framework. The United Nations Institute for Disarmament Research (UNIDR) Intrusion…

Targeting Brazilian Executives: Initial Access Brokers Exploit NF-e Spam and Authorized RMM Trials
Cybersecurity experts have raised alarms over a new campaign aimed at Portuguese-speaking users in Brazil, distributing trial versions of commercial remote monitoring and management (RMM) software since January 2025.…

Supply Chain Compromise Targets npm Package with 45,000 Weekly Downloads
An npm package, ‘rand-user-agent’, has been affected by a supply chain attack that resulted in the injection of obfuscated code designed to activate a remote access trojan (RAT) on…

Google Implements On-Device AI to Combat Scams on Chrome and Android
Google has initiated the integration of Gemini Nano, its on-device large language model (LLM), within the latest version of Chrome to enhance defenses against online spam, scams, and phishing…

Exploitation of Legacy Login in Microsoft Entra ID Compromises Cloud Account Security
A vulnerability identified in Microsoft Entra ID’s legacy authentication mechanism has raised significant concerns regarding the security of multi-factor authentication (MFA) for administrative accounts, particularly within the financial sector.…

Pearson Corporation Suffers Cybersecurity Breach compromising Customer Information
Education giant Pearson has experienced a significant cyberattack, resulting in the compromise of corporate data and personal information pertaining to customers. Based in the United Kingdom, Pearson is recognized…

Securing AI Agents: Proactive Measures to Protect Your Business from Cyber Threats
AI agents are significantly transforming business operations by enabling tasks such as answering queries, automating processes, and enhancing user experiences. However, this powerful capability introduces substantial security vulnerabilities, including…

Germany Conducts Operation to Dismantle eXch Cryptocurrency Exchange and Confiscate Servers
The Federal Criminal Police Office of Germany (BKA) has initiated a significant crackdown on the eXch cryptocurrency exchange by dismantling its server infrastructure amid accusations of facilitating money laundering…

PowerSchool Acknowledges Ransom Payment in Response to New Extortion Threats
Education technology provider PowerSchool has confirmed that it paid a ransomware demand to prevent cybercriminals from publishing stolen data belonging to teachers and students in the US and Canada.…

Masimo Manufacturing Facilities Targeted in Cybersecurity Incident
California-based Masimo Corporation, a health technology and consumer electronics firm, has experienced a cyberattack that affected its production facilities. In a disclosure to the Securities and Exchange Commission (SEC),…

Advanced Phishing Attack Exploits Blob URIs to Display Deceptive Login Pages in Browsers
Cofense Intelligence has identified an innovative phishing technique that employs blob URIs to generate fraudulent local login pages, effectively circumventing traditional email security measures. This method allows attackers to…

Security Breach: Over 3,200 Cursor Users Compromised by Malicious npm Packages with Backdoor Threats and Credential Theft
Cybersecurity experts have identified three malicious npm packages aimed specifically at the macOS version of Cursor, a widely used artificial intelligence (AI)-led source code editor. These packages masquerade as…

Chinese Cyber Actors Target SAP NetWeaver Servers in Coordinated Attack
Forescout Vedere Labs security researchers have identified a series of ongoing attacks exploiting a critical vulnerability in SAP NetWeaver servers, attributed to a Chinese threat actor. This unauthenticated file…

Star Health Cybersecurity Incident: Executive Threats Reported by Hacker
The hacker linked to a significant data breach at Star Health and Allied Insurance has purportedly taken responsibility for intimidating the company’s senior management through death threats and dispatched…

Ascension Reports Data Breach Impacting Over 430,000 Patients
Ascension, a leading private healthcare system in the United States, has disclosed that a recent data breach affects the personal and health information of over 430,000 patients. With a…

Important Update: Dismantling of 7,000-Device IoT and EoL System Proxy Botnet in U.S. Executed by Dutch Authorities
A coordinated operation conducted by Dutch and U.S. law enforcement agencies has successfully dismantled a significant criminal proxy network comprised of thousands of compromised Internet of Things (IoT) and…

Google Chrome Implements AI Technology to Combat Tech Support Scam Websites
Google is advancing its efforts to combat tech support scams through the integration of Artificial Intelligence (AI) within the Chrome browser. With the upcoming release of Chrome version 137,…

Google Chrome Integrates On-Device AI for Enhanced Detection of Tech Support Scams
Google is introducing a significant security enhancement for Chrome, utilizing the ‘Gemini Nano’ large-language model (LLM) to better identify and mitigate tech support scams encountered during web browsing.

Tech…

OtterCookie v4 Introduces Enhanced Virtual Machine Detection and Advanced Credential Theft Features for Chrome and MetaMask
The North Korean threat actors behind the Contagious Interview campaign have been observed employing upgraded versions of a cross-platform malware known as OtterCookie. This malware is capable of stealing…