Latest News: Cybersecurity

Researchers from SentinelLABS, the threat intelligence and research division of cybersecurity firm SentinelOne, have uncovered a China-linked cyber espionage group. The hackers have been targeting over 70 organizations and cybersecurity companies worldwide since July 2024. According to the

Researchers at Oasis Security revealed last week that a flaw in Microsoft’s OneDrive File Picker was allowing external apps, such as Zoom, ChatGPT, Trello, Slack, and ClickUp, access to users’ content. The experts warn that millions of users could be affected, with potential risks of data leakage

Researchers from the cybersecurity firm GreyNoise reported this week that an ongoing exploitation campaign is targeting over 9,000 internet-exposed ASUS routers. Cybercriminals gained long-term access by exploiting an undisclosed vulnerability. Experts suggest that attackers were planning on

The FBI issued a warning about the cybercriminal group Silent Ransom Group (SRG) and its recent social engineering calls and callback phishing emails targeting law firms in the United States. The government agency noted that while the group has historically targeted multiple industries, it has

Google has agreed to pay a record $1.375 billion to the state of Texas to resolve lawsuits accusing the tech giant of unauthorized data tracking and biometric data collection. It marks the largest privacy settlement ever obtained by a US state. Texas’s payout surpasses all previous state-level

A federal jury has ordered NSO Group, the Israeli spyware firm behind Pegasus, to pay over $167 million in damages to WhatsApp for illegally hacking more than 1,400 users. The decision caps a six-year legal battle and marks the largest penalty ever levied against a spyware company. First

Cybercriminals behind StealC, a popular information-stealing malware, released a major update in March 2025, introducing new stealth capabilities and data theft tools. The update, detailed in a new report by Zscaler researchers, enhances the malware’s ability to avoid detection and steal sensitive

A hacker has breached TeleMessage, a messaging platform used by US government officials to archive encrypted chats — compromising sensitive data and prompting the service to suspend operations. The platform, developed by an Israeli company and owned by Oregon-based Smarsh, drew scrutiny after a

Marks & Spencer (M&S), one of the UK’s leading retailers, is grappling with the fallout of a major cyberattack that has disrupted its services for over a week. The incident has forced the company to pause online orders, created delays in Click & Collect services, and left visible gaps

A widespread phishing campaign has been targeting WooCommerce administrators globally since April 2025. The operation deceives site owners into installing fraudulent security patches that give attackers full control over their WordPress sites. Researchers at Patchstack uncovered this operation,