19-Year-Old Admits to PowerSchool Data Breach Extortion
A 19-year-old college student faces charges after pleading guilty to cyber extortion targeting PowerSchool, exposing data of 60…
Cyber Attack
Hackers Targets Coinbase Users Targeted in Advanced Social Engineering Hack
Coinbase users have become the prime targets of an intricate social engineering campaign since early 2025. Reports from on-chain investigator Zach reveal that over $300 million is stolen annually through these meticulously coordinated attacks, with a s…
Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains
Microsoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners.
Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up
Threat actor ‘ByteBreaker’ claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts.
Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees
ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate payroll fraud against a manufacturing sector customer. This deceptive strategy involves crafting fake authentication portals that mirror legiti…
New Scan Uncovers 150K Industrial Systems Worldwide Vulnerable to Cyberattacks
A groundbreaking study leveraging advanced application-layer scanning has exposed approximately 150,000 industrial control systems (ICS) worldwide that are directly accessible on the public internet, posing severe risks of catastrophic cyberattacks. Co…
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
KrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices.
IBM Warns: One-Third of Cyber Attacks Use Advanced Tactics to Steal Login Credentials
IBM X-Force’s 2024 cybersecurity report, nearly one-third of cyber intrusions now rely on identity-based attacks, exploiting valid login credentials to breach systems. This alarming trend, continuing for the second consecutive year, highlights a …
Scammers Use Fake Kling AI Ads to Spread Malware
Scammers impersonate Kling AI (AI-powered video generation tool) using fake ads and websites to spread malware. Check Point Research details how the attack tricks users into downloading RATs.
New Phishing Attack Uses AES & Malicious npm Packages to Office 365 Login Credentials
Fortra’s Suspicious Email Analysis (SEA) team uncovered a highly sophisticated phishing campaign targeting Microsoft Office 365 (O365) credentials. Unlike typical phishing attempts, this attack stood out due to its intricate use of modern technologies …