Npav Lab

MoneyGram has revealed that hackers accessed their network in a September 2024 cyberattack, stealing sensitive customer information, including personal and transaction data. The breach led to a five-day service outage and exposed crucial details such as social security numbers, government IDs, and bank account information. The attack was reportedly initiated through a social engineering attempt on MoneyGram's IT help desk.

LEGO's official website was hacked briefly to promote a fraudulent cryptocurrency token, urging visitors to buy a "LEGO Coin" in exchange for Ethereum. While the breach lasted just over an hour, no user accounts were compromised, but the incident highlights the growing risks of online scams targeting high-profile platforms.

Comcast and Truist Bank customers are the latest to be affected by a massive data breach at Financial Business and Consumer Solutions (FBCS). The breach, initially reported in early 2024, compromised the personal details of millions of individuals, including Social Security numbers and account information, raising concerns about identity theft and data misuse.

A sophisticated cyberattack has crippled Uttarakhand's IT infrastructure, rendering over 90 government websites, including the CM helpline, non-functional. This unprecedented breach has halted essential online services and internal operations across the state, with cybersecurity experts working tirelessly to restore the systems.

A newly discovered malware, Perfctl, is actively exploiting vulnerable Linux servers to install cryptocurrency miners and proxyjacking software. This stealthy malware hides itself by mimicking legitimate processes, evading detection, and persisting even after system reboots.

Cybercriminals have launched a large-scale fraud campaign, using fake trading apps on the Apple App Store and Google Play to defraud victims worldwide. Disguised as legitimate financial applications, these apps lure users into fraudulent investments, resulting in significant financial losses.

A new cybersecurity threat, dubbed CosmicSting, is wreaking havoc on Adobe Commerce and Magento stores. Exploiting a critical vulnerability (CVE-2024-34102), attackers are using remote code execution to infiltrate e-commerce platforms, steal sensitive data, and compromise entire systems.

Robert Westbrook, a 39-year-old U.K. national, has been charged by the U.S. Department of Justice for allegedly orchestrating a hack-to-trade fraud scheme that netted him approximately $3.75 million in illegal profits by exploiting hacked Microsoft 365 executive emails.

Net Protector Total Security has achieved a significant milestone by earning the prestigious AV-Test certification.

Cyber fraudsters have devised a new tactic by misusing the 1930 toll-free helpline number, intended for reporting cybercrimes, to deceive unsuspecting individuals. In a recent case reported in Hyderabad, a complainant was duped of ₹29.55 lakh after being coerced into joining a fraudulent video call by criminals posing as law enforcement officials.