Featured
International Police Operation Takes Down Massive CSAM Platform with Over 70,000 Illicit Videos
In a groundbreaking operation spanning 38 countries, Europol successfully dismantled Kidflix, one of the largest online CSAM distribution platforms. The operation led to 79 arrests, identified nearly 1,400 suspects, and rescued 39 children from exploitation.
Hackers Target Online Stores Using Stripe API Vulnerability for Card Theft
Cybercriminals have compromised 49 online merchants by exploiting Stripe's legacy API to steal customer payment data through sophisticated JavaScript skimmers. The ongoing campaign uses fake payment forms and card validation techniques to efficiently harvest financial credentials while evading detection.
Social Security Website Faces Major Outages Amid DOGE Controversy
The Social Security Administration is grappling with widespread website disruptions affecting millions of Americans' access to online accounts. The crisis deepens as critics question the role of Elon Musk's DOGE in recent policy changes and potential office closures.
Royal Mail Data Breach: 144GB Leak Tied to Samsung Hacker Through 2021 Infostealer
A massive 144GB data breach at Royal Mail Group exposed sensitive customer data and internal documents through a third-party provider compromise. The incident, linked to the same threat actor behind the Samsung Tickets leak, stems from a 2021 Infostealer malware infection at service provider Spectos.
Browser-Based Ransomware: The Invisible Threat Targeting Cloud Data
Modern ransomware attacks have evolved beyond traditional file encryption to target cloud and SaaS applications through sophisticated browser-based techniques. Organizations face increasing risks from OAuth vulnerabilities, malicious extensions, and advanced social engineering that bypass conventional security tools.
North Korean IT Workers Infiltrate European Companies Through Deceptive Freelancing
North Korean operatives are expanding their presence across Europe by posing as foreign IT specialists on freelance platforms, targeting companies in multiple countries. The sophisticated operation enables fund generation for North Korea while creating security risks through potential data breaches and extortion attempts.
Massive Cryptocurrency Mining Operation Hijacks Over 1,500 PostgreSQL Servers
A sophisticated cyberattack campaign has compromised more than 1,500 PostgreSQL database servers for illicit cryptocurrency mining. The fileless attack, attributed to threat actor JINX-0126, employs advanced evasion techniques and targets internet-exposed instances with weak security.
Massive Scanning Campaign Targets Palo Alto VPN Portals, Raising Security Concerns
Security researchers have detected an extensive scanning operation targeting Palo Alto Networks GlobalProtect VPN portals, with nearly 24,000 IP addresses probing systems. The coordinated campaign, primarily focused on US targets, suggests systematic reconnaissance potentially preceding future exploitation attempts.
Oracle Faces Scrutiny Over Massive Data Breach Affecting 144,000 Clients
A major security breach at Oracle has exposed sensitive data of over 144,000 clients, including SSO credentials and personal information, while the company maintains silence. Security researchers have confirmed the breach's authenticity, raising concerns about corporate transparency and incident response practices.