Latest Cybersecurity News and Articles

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google's Quick Share data transfer utility for Windows that could be exploited to achieve DoS or send arbitrary files to a target's device without their approval.

Over 500 Phishing Domains Emerge Following Bybit Heist

A large number of phishing campaigns emerged in the aftermath of the Bybit heist, designed to siphon cryptocurrency from its customers. There were instances of popular crypto keywords, and the use of free hosting and subdomain registration services.

Over Half of Attacks on Electricity and Water Firms Are Destructive

Over three-fifths of US and British water and electricity firms were targeted by cyber-attacks in the past year, with a majority suffering serious disruption. 59% revealed that the attack had disrupted normal operations.

RolandSkimmer: Silent Credit Card Thief Uncovered

FortiGuard Labs recently observed a sophisticated campaign dubbed RolandSkimmer. This threat actor targets users in Bulgaria, leveraging malicious browser extensions across Chrome, Edge, and Firefox.

Hackers Exploit Cloudflare for Advanced Phishing Attacks

A sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes.

Hacker Leaks 144GB of Royal Mail Group Data, Blames Supplier Spectos

Royal Mail Group, the UK’s centuries-old postal institution, has allegedly suffered a massive data breach resulting in the leak of 144GB of internal files, customer information, and marketing data.

Verizon Call Filter API flaw exposed customers' incoming call history

A vulnerability in Verizon's Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request. The payload includes phone number of the logged-in user.

Malicious PyPI Package Targets WooCommerce Stores with Autom...

The Socket research team recently discovered a malicious Python package on PyPI named disgrasya, which contains a fully automated carding script targeting WooCommerce stores.

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream

In January 2025, a phishing email targeting an MSP administrator led to a ransomware attack, with the Qilin ransomware group gaining access to the administrator's credentials and attacking the MSP's customers.

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags