Blogs

FIN6 cybercrime group uses fake resumes hosted on AWS to deliver More_eggs malware via LinkedIn. Learn how they target recruiters and evade detection.

Discover how a China-linked cyber espionage group, including APT15 and UNC5174, targeted over 70 organizations across government, media, and other sectors. Learn about the malware used, including ShadowPad and GoReShell, and the exploited vulnerabilities.

Learn about the ransomware attack on Sensata Technologies, a leading industrial tech firm. Discover how the breach impacted operations, compromised customer data, and the company's response, including credit monitoring for affected individuals.

Learn about a critical vulnerability in Google's account recovery system that allowed attackers to access any user's phone number through a brute-force attack, highlighting the importance of security audits for legacy systems.

Discover how two separate botnets exploit the critical Wazuh Server vulnerability (CVE-2025-24016) to launch Mirai-based DDoS attacks, targeting IoT devices and highlighting the urgency of cybersecurity measures.

Cybersecurity experts reveal a significant supply chain attack affecting npm and PyPI ecosystems, compromising numerous packages and exposing millions of users to malware. Learn about the affected packages and how to protect yourself.

Business Email Compromise (BEC) attacks are stealthy, effective, and devastating. With no malware involved, these attacks bypass traditional security filters, trick employees, and siphon sensitive data or funds. But with real-time visibility through interactive sandboxing and endpoint protection like Net Protector, businesses can stay one step ahead.

Quick commerce startup KiranaPro suffers a devastating cyberattack, resulting in deletion of app code and exposure of sensitive user data via AWS and GitHub breach. KiranaPro, the voice-enabled AI-powered grocery delivery platform, has fallen victim to a severe cyberattack that wiped out its application code and compromised personal user data. The breach has halted order processing on the platform, exposing glaring vulnerabilities in cloud security and account access control.

Luxury under threat: Cartier, the prestigious fashion house, has revealed a data breach following a cyberattack that compromised personal customer data. The breach is part of a broader wave of cyber threats hitting global fashion brands, raising concerns about how high-end retail is being exploited for customer data.

Google’s trusted scripting platform is the latest weapon in phishing arsenals, helping attackers craft convincing credential-stealing campaigns that evade traditional email filters. Cybercriminals are leveraging Google Apps Script, a legitimate tool in Google’s Workspace suite, to host phishing pages that appear trustworthy to both users and security systems. According to research by Cofense, attackers are disguising these pages as authentic login portals to trick users into submitting their credentials — all while operating under the umbrella of a trusted Google domain.

A major cyber intrusion has taken down the Uttar Haryana Bijli Vitran Nigam Limited (UHBVNL) website, halting critical services like new electricity connections and online bill payments for thousands of consumers across the state. A targeted cyberattack on May 7, 2025, has paralyzed UHBVNL’s digital operations, leaving over 50,000 consumers unable to access vital power utility services. The breach marks yet another alarming example of the vulnerability of India's critical infrastructure to cyber threats.

Fraudsters are using fake Aadhaar update messages to steal your personal and banking data. Don’t fall for it. A new scam is spreading rapidly through WhatsApp groups, where users receive a fake notice claiming their Bank of Maharashtra account will be blocked if Aadhaar isn’t updated within 24 hours. The message urges users to download a malicious “Bank of Maharashtra.APK” — a clear trap designed to compromise your data and finances.

A new phishing campaign weaponizes malformed URLs to bypass email filters and steal Microsoft 365 credentials—even bypassing two-factor authentication. Researchers have linked the attack to Tycoon2FA, a notorious Phishing-as-a-Service (PhaaS) operation that enables adversary-in-the-middle (AitM) interception of login sessions. The threat actors behind this campaign are using subtle but dangerous techniques to trick both users and security systems.

The latest variant of DarkCloud Stealer uses AutoIt scripting and advanced evasion techniques to target financial, healthcare, and e-commerce sectors. With over 120,000 accounts compromised since March 2025, this malware showcases a dangerous blend of legacy scripting abuse and stealthy credential theft.

Cybercriminals have devised an alarming new tactic by hiding malware in Google Calendar invites using invisible Unicode characters. This stealthy technique enables the delivery of malicious payloads through trusted platforms—bypassing traditional security mechanisms with a single deceptive character.

Marks & Spencer (M&S), one of the UK’s most trusted retail brands, has confirmed a significant cybersecurity breach following a ransomware attack that has disrupted its operations since Easter weekend. The attack, attributed to the DragonForce ransomware group, resulted in the theft of personal information belonging to millions of customers and has caused widespread outages across its digital infrastructure.

Cybercriminals are now leveraging steganography to hide ransomware in ordinary JPG image files, deploying Fully Undetectable (FUD) malware that bypasses traditional security solutions. These advanced tactics exploit metadata and pixel data to deliver multi-stage attacks — silently and effectively.

Ascension, one of the largest private healthcare providers in the U.S., has confirmed a significant data breach affecting 437,329 patients, linked to a former business partner’s software vulnerability. This marks yet another serious blow to the healthcare sector’s cybersecurity posture, coming less than a year after Ascension's systems were crippled by ransomware.