Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally
A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into…
Month: July 2025
Interview: Vivek Bharadwaj, CIO, Happy Socks
Vivek Bharadwaj, CIO at clothing manufacturer Happy Socks, is an executive with an expansive portfolio. In addition to leading enterprise-wide technology strategy, IT transformation and digital…
Weaponized Chrome Extension Affects 1.7 Million Users Despite Google’s Verified Badges
A sophisticated malware campaign has infected over 1.7 million Chrome users through eleven seemingly legitimate browser extensions, all of which carried Google’s verified badge and…
Infostealers-as-a-Service Push Identity Hacks to Record Highs
According to cybersecurity researchers at eSentire, infostealer malware and advanced phishing toolkits are behind a massive 156% jump in cyberattacks targeting user logins and identity…
RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks
Cybersecurity researchers are calling attention to a malware campaign that’s targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers to rope the…
Google slams claims it’s ‘misleading’ the public with its GHG emissions data
Google has hit back at a report picking holes in its carbon emission reduction claims, saying the analysis carried out by non-profit advocacy group Kairos Fellowship…
PoC Exploits for CitrixBleed2 Flaw Released – Attackers Can Exfiltrate 127 Bytes Per Request
Security researchers have released proof-of-concept exploits for a critical vulnerability dubbed “CitrixBleed2” affecting Citrix NetScaler ADC and Gateway products. The vulnerability, tracked as CVE-2025-5777, allows…
CISA Alerts on Active Exploitation of PHPMailer Command Injection Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding the active exploitation of a long-standing vulnerability in PHPMailer, a widely used…
5 Ways Identity-based Attacks Are Breaching Retail
From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded,…
Jailbreaks, Injections, and Agentic Risks
AI has officially moved out of the novelty phase. What began with people messing around with LLM-powered GenAI tools for content creation has rapidly evolved…
SAP’s July 2025 Patch Day
SAP has released its July 2025 Security Patch Day update, addressing a significant number of vulnerabilities across its enterprise software portfolio. The comprehensive security update…
Call of Duty Gamers Hacked via RCE Exploit Allowing Player-to-Player Attacks
The Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after numerous allegations of a serious…