Latest News: Cybersecurity

Google has agreed to pay a record $1.375 billion to the state of Texas to resolve lawsuits accusing the tech giant of unauthorized data tracking and biometric data collection. It marks the largest privacy settlement ever obtained by a US state. Texas’s payout surpasses all previous state-level

A federal jury has ordered NSO Group, the Israeli spyware firm behind Pegasus, to pay over $167 million in damages to WhatsApp for illegally hacking more than 1,400 users. The decision caps a six-year legal battle and marks the largest penalty ever levied against a spyware company. First

Cybercriminals behind StealC, a popular information-stealing malware, released a major update in March 2025, introducing new stealth capabilities and data theft tools. The update, detailed in a new report by Zscaler researchers, enhances the malware’s ability to avoid detection and steal sensitive

A hacker has breached TeleMessage, a messaging platform used by US government officials to archive encrypted chats — compromising sensitive data and prompting the service to suspend operations. The platform, developed by an Israeli company and owned by Oregon-based Smarsh, drew scrutiny after a

Marks & Spencer (M&S), one of the UK’s leading retailers, is grappling with the fallout of a major cyberattack that has disrupted its services for over a week. The incident has forced the company to pause online orders, created delays in Click & Collect services, and left visible gaps

A widespread phishing campaign has been targeting WooCommerce administrators globally since April 2025. The operation deceives site owners into installing fraudulent security patches that give attackers full control over their WordPress sites. Researchers at Patchstack uncovered this operation,

For the first time ever, automated bot traffic has overtaken human activity online — now making up 51% of all internet traffic, according to the 2025 Imperva Bad Bot Report. This historic shift marks a pivotal turning point for the digital landscape, as organizations worldwide grapple with the

Recently, cybercriminals exploited a vulnerability in Google’s OAuth system to send phishing emails that appeared legitimate by passing DKIM (DomainKeys Identified Mail) verification. The incident came to light when a fraudulent Google security alert was reported. The attack leveraged Google’s

More than 16,000 Fortinet devices globally have been found to be compromised with a persistent symlink backdoor. It’s a vulnerability that allows read-only access to sensitive configuration files even after patching. Initially reported to affect 14,000 devices, that number has since climbed to over

Security researchers have found that AI’s tendency to hallucinate package names when used to assist with writing code has led to a new software supply chain vulnerability, dubbed “slopsquatting.” The term, introduced by security expert Seth Larson, refers to a variation of typosquatting. While