Blogs

Cybercriminals have devised an alarming new tactic by hiding malware in Google Calendar invites using invisible Unicode characters. This stealthy technique enables the delivery of malicious payloads through trusted platforms—bypassing traditional security mechanisms with a single deceptive character.

Marks & Spencer (M&S), one of the UK’s most trusted retail brands, has confirmed a significant cybersecurity breach following a ransomware attack that has disrupted its operations since Easter weekend. The attack, attributed to the DragonForce ransomware group, resulted in the theft of personal information belonging to millions of customers and has caused widespread outages across its digital infrastructure.

Cybercriminals are now leveraging steganography to hide ransomware in ordinary JPG image files, deploying Fully Undetectable (FUD) malware that bypasses traditional security solutions. These advanced tactics exploit metadata and pixel data to deliver multi-stage attacks — silently and effectively.

Ascension, one of the largest private healthcare providers in the U.S., has confirmed a significant data breach affecting 437,329 patients, linked to a former business partner’s software vulnerability. This marks yet another serious blow to the healthcare sector’s cybersecurity posture, coming less than a year after Ascension's systems were crippled by ransomware.

As tensions escalate in the wake of the Pahalgam attack, India’s digital frontline is now under coordinated cyber assault. The government’s Computer Emergency Response Team (CERT-In) has issued urgent advisories, calling for heightened vigilance across banks, strategic sectors, and private enterprises. The increased threat environment has prompted a nationwide effort—public and private—to fortify cyber defenses under Operation Sindoor.

A deeply embedded backdoor in Magento extensions has surfaced after six years, affecting 500 to 1,000 e-commerce websites—including a $40 billion multinational. The long-dormant malware has now been activated, compromising sensitive customer data in a widespread supply chain attack.

In a chilling example of cyber exploitation, threat actors are leveraging the tragic Pahalgam attack to deceive Indian government personnel into opening malicious documents. These phishing campaigns aim to install Remote Access Trojans (RATs) and extract sensitive intelligence data from highly sensitive departments.

A new wave of subscription-based scams is flooding the internet, using fake online stores, deceptive pricing, and social media ads to steal users’ credit card details and charge them repeatedly — all under the guise of “exclusive memberships.”

In a recent high-impact ransomware incident, a reputed biopharmaceutical company in Pune’s Hinjawadi IT hub has fallen victim to a crippling cyberattack. The attackers have demanded a ransom of $80,000 (₹68 lakh) in exchange for unlocking sensitive encrypted data, effectively halting the firm's operations for over 48 hours.

A newly surfaced ransomware group, RansomHub, is aggressively targeting corporate environments using an advanced, multi-stage infection chain that combines initial access malware with strategic network infiltration tactics. Cybersecurity researchers warn that this Ransomware-as-a-Service (RaaS) group poses a serious threat to global organizations by leveraging deceptive update prompts and stealthy backdoors.

A stealthy new cyberattack campaign is using steganography and a legacy Microsoft Office vulnerability to deliver AsyncRAT — a powerful remote access trojan capable of full system compromise. This multi-stage campaign cleverly embeds malicious code in innocent-looking image files, using advanced evasion tactics to bypass traditional security solutions.

Cyber attackers are now weaponizing Google Forms—an otherwise legitimate tool—to craft highly convincing phishing campaigns that evade email security filters and steal user logins. Trusted domains and smart obfuscation tactics make these threats harder to detect and more dangerous than ever.

A newly uncovered Magecart campaign is compromising online shopping platforms using stealthy JavaScript to silently harvest customers' credit card data. This multi-phase attack uses advanced obfuscation, real-time data exfiltration, and persistent backdoor access to remain undetected and devastatingly effective.

A 28-year-old man from Maharashtra fell victim to a stealthy and advanced cyberattack after downloading a seemingly innocent image on WhatsApp. The scam, which didn't involve any suspicious links or OTPs, highlights a disturbing new threat vector that exploits hidden malware embedded in image files.

A sophisticated phishing technique has been uncovered where attackers abuse Google’s OAuth system and DKIM verification to send emails that appear to come from no-reply@google.com, but actually lead users to fake support portals aimed at credential theft.

A highly advanced Android spyware operation has surfaced, posing as the official app of the Chinese Prosecutor’s Office. Dubbed SpyMax, this malware is part of the SpyNote family and is capable of hijacking nearly every aspect of an Android device—using deceptive UI tactics and exploiting accessibility services.

A massive cybercrime operation is targeting Indian investors with fake stock and crypto schemes. Hackers are using Telegram groups, fake mobile apps, and even compromised college websites to trick users, steal financial data, and siphon off crores in hard-earned money. With losses already crossing ₹50 crore, it's clear this is not just a scam—it’s a full-scale cyberattack.

Data poisoning is the new and silent evolution of ransomware that doesn’t lock your files — it changes them. From financial fraud to medical disasters, this dangerous cyberattack is designed to manipulate critical data, leaving businesses, hospitals, and governments confused, vulnerable, and unprepared.

A hacker identified as @303 has allegedly breached an Indian software company on December 19, 2024, leaking a massive dataset of sensitive policyholder and admin data from companies like HDFC Ergo, Bajaj Allianz, ICICI Lombard, and more. This breach adds to the growing wave of cyberattacks targeting India’s insurance industry.

Cybersecurity experts have uncovered a dangerous malware campaign where hackers mimic the Google Chrome install page to trick Android users into downloading a powerful spying tool called SpyNote. These fake pages look nearly identical to the real Google Play Store and are hosted on newly registered shady domains. When users fall for the trick and install the app, they unknowingly give hackers full control of their device.