Category: Cyber Security
-
A new AgingFly malware campaign is targeting government entities and hospitals in Ukraine. The operation focuses on stealing authentication data and gaining persistent access, highlighting ongoing cyber threats against critical infrastructure. Phishing emails initiate the attack The campaign begins with phishing emails disguised as humanitarian or official communication. These messages prompt victims to open links…
-
A Cookeville medical center ransomware incident has exposed sensitive data of more than 337,000 patients. The breach stems from a 2025 cyberattack and shows how healthcare organizations continue to deal with long-term consequences after initial intrusions. Attack timeline reveals delayed notification The incident began in July 2025, when attackers gained unauthorized access to internal systems…
-
An Adobe zero-day vulnerability has been fixed after attackers actively exploited it through malicious PDF files. The flaw allowed code execution with minimal user interaction, exposing systems to malware and data theft. Malicious PDFs triggered the attack The Adobe zero-day vulnerability allowed attackers to embed harmful code inside specially crafted PDF files. Once opened, the…
-
A WordPress plugin hack has exposed thousands of websites after attackers injected malicious code into widely used tools. The incident shows how supply chain attacks can quietly compromise trusted plugins and spread malware at scale. Attackers abused plugin ownership The WordPress plugin hack targeted several plugins developed by Essential Plugin. Attackers acquired control of these…
-
Microsoft has introduced new safeguards to reduce a growing security risk. Malicious RDP file protection is now included in recent Windows updates, targeting abuse of Remote Desktop connection files. These files are widely used in enterprise environments, but attackers have begun using them in phishing campaigns. The update focuses on limiting automatic access and increasing…
-
A small oversight has exposed a large number of systems to risk. The adware supply chain hijack affected more than 25,000 devices through a weak software update mechanism. Researchers found that the entire update process relied on an unprotected domain, creating an easy entry point for attackers. The case shows how simple misconfigurations can turn…
-
A new wave of cyber activity shows that old threats rarely disappear. The Black Basta campaign has resurfaced through actors who continue to use and refine the group’s original tactics. This time, the focus has shifted toward senior business leaders, increasing both the precision and impact of the attacks. The campaign highlights how proven methods…
-
A newly surfaced dataset is raising serious concerns across the financial ecosystem. The credit card leak dataset, listed on a hacker forum, allegedly contains thousands of payment records tied to major providers. Early analysis confirms that the data includes sensitive financial details, creating immediate risks for fraud. Even without full verification, the exposed sample shows…
-
A new cyber incident has pushed a major US rail operator into the spotlight. The Amtrak data leak threat surfaced after hackers claimed they had stolen millions of records and issued a ransom demand. The group warned that it would release the data publicly if the company refused to pay. The case highlights how data…
-
Browser extensions are meant to improve productivity, but a recent discovery shows how easily they can be weaponized. Chrome extension data theft has come into focus after researchers identified a large network of malicious add-ons operating inside the official Chrome Web Store. These tools appeared legitimate but quietly collected sensitive user data in the background.…