The cybergang behind a massive PowerSchool data breach is now attempting to directly extort schools and districts across the US and Canada — despite PowerSchool reportedly paying an undisclosed ransom for the deletion of the stolen data. According to BleepingComputer, PowerSchool was given
Latest News
A federal jury has ordered NSO Group, the Israeli spyware firm behind Pegasus, to pay over $167 million in damages to WhatsApp for illegally hacking more than 1,400 users. The decision caps a six-year legal battle and marks the largest penalty ever levied against a spyware company. First
Cybercriminals behind StealC, a popular information-stealing malware, released a major update in March 2025, introducing new stealth capabilities and data theft tools. The update, detailed in a new report by Zscaler researchers, enhances the malware’s ability to avoid detection and steal sensitive
A hacker has breached TeleMessage, a messaging platform used by US government officials to archive encrypted chats — compromising sensitive data and prompting the service to suspend operations. The platform, developed by an Israeli company and owned by Oregon-based Smarsh, drew scrutiny after a
Ascension Health has begun notifying individuals of yet another data breach that exposed their personally identifiable information (PII) and sensitive health records. Notifications were sent out to patients starting April 30, 2025 — nearly six months after Ascension discovered the breach on
Marks & Spencer (M&S), one of the UK’s leading retailers, is grappling with the fallout of a major cyberattack that has disrupted its services for over a week. The incident has forced the company to pause online orders, created delays in Click & Collect services, and left visible gaps
India’s Karnataka High Court has ordered the central government to block access to the encrypted email service Proton Mail, citing its alleged role in cyber harassment and the company’s refusal to cooperate with Indian authorities. The ruling followed a petition filed by M Moser Design Associates
A widespread phishing campaign has been targeting WooCommerce administrators globally since April 2025. The operation deceives site owners into installing fraudulent security patches that give attackers full control over their WordPress sites. Researchers at Patchstack uncovered this operation,
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained 520,054 records belonging to an event ticket resale platform. The publicly exposed database was not password-protected or encrypted. It contained 520,054
The Pakistan Telecommunications Authority (PTA) announced on April 18, 2025, that it has officially licensed three companies to operate VPN services in the country. It urged other VPN providers to apply for licenses to ensure compliance with government regulations. According to the official