Featured
Royal Mail Data Breach: 144GB Leak Tied to Samsung Hacker Through 2021 Infostealer
A massive 144GB data breach at Royal Mail Group exposed sensitive customer data and internal documents through a third-party provider compromise. The incident, linked to the same threat actor behind the Samsung Tickets leak, stems from a 2021 Infostealer malware infection at service provider Spectos.
Browser-Based Ransomware: The Invisible Threat Targeting Cloud Data
Modern ransomware attacks have evolved beyond traditional file encryption to target cloud and SaaS applications through sophisticated browser-based techniques. Organizations face increasing risks from OAuth vulnerabilities, malicious extensions, and advanced social engineering that bypass conventional security tools.
North Korean IT Workers Infiltrate European Companies Through Deceptive Freelancing
North Korean operatives are expanding their presence across Europe by posing as foreign IT specialists on freelance platforms, targeting companies in multiple countries. The sophisticated operation enables fund generation for North Korea while creating security risks through potential data breaches and extortion attempts.
Massive Cryptocurrency Mining Operation Hijacks Over 1,500 PostgreSQL Servers
A sophisticated cyberattack campaign has compromised more than 1,500 PostgreSQL database servers for illicit cryptocurrency mining. The fileless attack, attributed to threat actor JINX-0126, employs advanced evasion techniques and targets internet-exposed instances with weak security.
Massive Scanning Campaign Targets Palo Alto VPN Portals, Raising Security Concerns
Security researchers have detected an extensive scanning operation targeting Palo Alto Networks GlobalProtect VPN portals, with nearly 24,000 IP addresses probing systems. The coordinated campaign, primarily focused on US targets, suggests systematic reconnaissance potentially preceding future exploitation attempts.
Oracle Faces Scrutiny Over Massive Data Breach Affecting 144,000 Clients
A major security breach at Oracle has exposed sensitive data of over 144,000 clients, including SSO credentials and personal information, while the company maintains silence. Security researchers have confirmed the breach's authenticity, raising concerns about corporate transparency and incident response practices.
Government Officials Suspended After Resisting DOGE Access to Federal Payroll Systems
High-ranking Department of Interior officials were placed on administrative leave for denying unprecedented system access to Department of Government Efficiency representatives. The controversial request sought extensive control over federal payroll and HR systems managing data for over 275,000 government workers.
Microsoft Unleashes AI Army: 11 New Security Copilots to Combat Cyber Threats
Microsoft's groundbreaking expansion introduces 11 autonomous AI agents to revolutionize cybersecurity defense across phishing, data protection, and threat analysis. Launching in 2025, this strategic initiative addresses rising cyber threats and enterprise AI security challenges, including the growing concern of 'shadow AI'.
Chinese AI Startup DeepSeek Overtakes ChatGPT in Monthly Growth, Signals Shifting AI Landscape
DeepSeek has emerged as the fastest-growing AI tool globally, surpassing ChatGPT with 524.7 million new visits in February 2025. The Chinese startup's cost-effective approach and rapid market share growth signals increasing global acceptance of Chinese AI solutions.