On February 21, 2025, cybersecurity expert Jason Haddix, from Arcanum Information Security, released MSFTRecon—a powerful tool designed to scan Microsoft 365 and Azure for security loopholes, misconfigurations, and attack pathsRead More →
A cybercriminal known as “7****7” is selling a database of 45,000 Chinese women living in the US on a dark web marketplace called Chang’An Sleepless Night for $350. The databaseRead More →
A large-scale malware campaign, dubbed FatBoyPanel, is targeting Android users in India, compromising over 50,000 victims. Security researchers from Zimperium attribute this attack to a single threat actor deploying overRead More →
A new artificial intelligence (AI) tool called GhostGPT is being misused by cybercriminals to create harmful programs, hack systems, and send convincing phishing emails. Security researchers from Abnormal Security foundRead More →
In a critical security disclosure, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have warned healthcare providers and cybersecurity professionals about a high-riskRead More →
Wallarm’s 2025 API ThreatStats Report uncovers a dramatic 1,025% rise in AI-centric security flaws over the past year. Researchers cataloged 439 AI-related CVEs in 2024, and nearly every one—99%—traced backRead More →
There is a secretive online place called Exploit, which is like a dark web forum where hackers and cybercriminals gather to discuss and sell illegal things, like stolen data, hackedRead More →
Recently, cybercriminals launched a phishing attack using fake YouTube links to steal user login credentials. These links were cleverly disguised to look legitimate and used redirections through multiple websites toRead More →
The Federal Trade Commission (FTC) has initiated enforcement actions against General Motors (GM) and its subsidiary OnStar for unauthorized and misleading practices involving the collection and sale of sensitive driverRead More →
Introduction: In recent cyber incidents, attackers have been targeting Microsoft 365 accounts using a sophisticated and fast-paced method. On January 6, 2025, cybercriminals began exploiting a tool called “FastHTTP” toRead More →
