cyber attack

A vulnerability in Instagram's Meta AI-powered account recovery system allegedly allowed attackers to obtain password reset codes and hijack high-value accounts by bypassing identity verification checks.

CERT-In has issued new guidelines requiring organizations to patch critical internet-facing vulnerabilities within 12 hours, warning that AI-powered cyberattacks are drastically reducing exploitation timeframes and increasing cyber risk.

The Megalodon supply chain attack compromised over 5,500 GitHub repositories within six hours by injecting malicious GitHub Actions workflows designed to steal cloud credentials, API keys, SSH keys, and CI/CD secrets.

Microsoft warns of a new Microsoft Teams Android vulnerability that could allow spoofing attacks on local devices. Update immediately to stay protected.

Hackers compromised official DAEMON Tools installers with malware in a major supply chain attack affecting users worldwide. Learn how to stay protected.

Oracle has confirmed a major data breach targeting its older Gen 1 servers, exposing sensitive authentication data, usernames, and hashed passwords. The attacker gained access using an old Java exploit and demanded a $20 million ransom.

Raymond Limited, a well-known textile and clothing company, has confirmed a cyber attack on its IT systems. The breach impacted some internal infrastructure, but the company's retail stores, supply chain, and digital services continue to operate normally. The attack was detected during routine security monitoring, and immediate action was taken to isolate affected systems.

Casio, the renowned Japanese tech company, has confirmed that a ransomware attack earlier this month compromised personal and confidential data of employees, job candidates, business partners, and some customers. The Underground ransomware group has claimed responsibility for the attack, leaking sensitive documents. Casio is urging affected individuals to remain cautious as they continue to investigate the breach.

MoneyGram has revealed that hackers accessed their network in a September 2024 cyberattack, stealing sensitive customer information, including personal and transaction data. The breach led to a five-day service outage and exposed crucial details such as social security numbers, government IDs, and bank account information. The attack was reportedly initiated through a social engineering attempt on MoneyGram's IT help desk.