UK Government Sets Timeline to Replace Passwords With Passkeys
The UK government has unveiled plans to roll out passkey technology across its digital services as it seeks to reduce the risk of cyber-attacks to…
Category: CyberSecurityNews
Lampion Banking Malware Employs ClickFix Lures To Steal Banking Information
A sophisticated banking trojan known as Lampion has resurfaced with an evolved attack strategy, now exploiting fake ClickFix utility lures to harvest sensitive banking credentials…
DPRK’s Largest Cryptocurrency Heist via a Compromised macOS Developer and AWS Pivots
North Korean state-sponsored hackers have executed what security experts are calling the largest cryptocurrency theft operation to date, successfully stealing an estimated $625 million through…
Healthcare Sector Emerges as a Prime Target for Cyber Attacks in 2025
The healthcare industry has become increasingly vulnerable to sophisticated cyber threats in 2025, with malicious actors specifically targeting medical institutions’ growing cloud infrastructure and digital…
Critical Open Source Easyjson Library Under Full Control of Russian Company
A critical security revelation has sent shockwaves through the cybersecurity community as researchers uncovered that easyjson, a widely adopted open-source Go package central to JSON…
Windows 0-Day Vulnerability Exploited in Wild to Deploy Play ransomware
Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability,…
CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
CISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, identified…
UDP Vulnerability in Windows Deployment Services Allows 0-Click System Crashes
A newly discovered vulnerability in Microsoft’s Windows Deployment Services (WDS) allows attackers to remotely crash servers with zero user interaction or authentication. The flaw, which…
Darcula (PhaaS) Stolen 884,000 Credit Card Details on 13 Million Clicks from Users Worldwide
Security researchers have uncovered one of the largest credit card theft operations in recent history, with a sophisticated Phishing-as-a-Service (PhaaS) platform called “Darcula” responsible for…
The New Breed Of Layer 7 Attacks And How SMEs
When most people think of DDoS attacks, they envision tsunami-like floods of traffic overwhelming servers. That’s the classic Layer 3/4 strategy brute force attacks meant…
PCI Compliance Is Not Just A Checkbox It’s A Live-Fire Security Test
Most executives still treat PCI DSS like paperwork something to file away after a quarterly scan. But that mindset is dangerous. PCI compliance isn’t just…
New T1555.003 Technique Let Attackers Steal Passwords From Web Browsers
A sophisticated credential theft technique, identified as T1555.003 in the MITRE ATT&CK framework, has emerged as a significant threat to organizations worldwide. This technique enables…