Featured
Malicious Steam Game 'PirateFi' Caught Stealing User Credentials and Sensitive Data
A free game on Steam was discovered containing dangerous malware designed to steal passwords and sensitive information before being removed by Valve. The Vidar info-stealer malware reportedly compromised hundreds of users' data, prompting urgent security measures.
Google's Digital Fingerprinting Rollout Marks New Era of Inescapable User Tracking
Google has launched a controversial digital fingerprinting system that privacy experts warn is far more invasive than cookies, operating silently without user consent. The technology creates persistent cross-device profiles by collecting multiple data points, marking a dramatic shift from the company's previous stance against such tracking methods.
Critical OpenSSH Vulnerabilities Enable Session Hijacking and System Attacks
Two serious flaws in OpenSSH could allow attackers to intercept communications and trigger system outages through man-in-the-middle and DoS attacks. Security researchers urge administrators to upgrade immediately as the vulnerabilities affect multiple versions of this widely-used networking tool.
Microsoft's DRM Bypass: Hackers Release Advanced Windows Activation Tool
Hacking group Massgrave unveils a groundbreaking method to permanently activate Microsoft products by exploiting the Software Protection Platform. The group's updated toolkit introduces 'TSforge Activation,' capable of bypassing DRM on most modern Windows and Office versions.
Critical SonicWall VPN Vulnerability Puts Enterprise Networks at Risk
Security researchers have uncovered active exploitation of a severe SonicWall firewall vulnerability that allows attackers to hijack VPN connections. With a near-maximum severity rating of 9.8, organizations are urged to patch affected systems immediately as thousands remain exposed.
Google Chrome Rolls Out AI-Powered Security Shield Against Emerging Threats
Chrome's Enhanced Protection feature now leverages artificial intelligence to detect and block malicious websites, downloads, and extensions in real-time across all platforms. This major security upgrade follows successful testing and comes amid recent attacks that compromised multiple Chrome extensions.
Russian Hackers Target Microsoft 365 Using Device Code Authentication Scam
Russian threat actors have launched a sophisticated phishing campaign exploiting Microsoft's device code authentication to compromise Microsoft 365 accounts across government and private sectors. The attacks, conducted by multiple groups including APT29, use social engineering tactics to bypass security measures and gain unauthorized access.
UK Cybersecurity Report Reveals £11.9B Industry Growth Amid Rising Digital Threats
New data shows cyber attacks impacting up to 74% of UK businesses, with ransomware emerging as the leading threat. The cybersecurity sector continues robust growth, generating £11.9 billion in revenue while confronting evolving challenges across energy, technology, and government sectors.
North Korean Hackers Deploy Deceptive 'ClickFix' Social Engineering Tactic
Kimsuky, a sophisticated North Korean hacking group, has been observed using a new social engineering technique called 'ClickFix' to target South Korean users. The attackers trick victims into running malicious PowerShell scripts through fake browser notifications and spear-phishing campaigns.