This week, we will explore how malware disguised as security tools is stealing credit card information and how hackers are initiating customer support scams. From supermarket delays to SIM data leaks, it’s been anything but quiet on the cyber front. We will also examine Microsoft’s internal misstep, which resulted in the locking out of thousands. Here’s what you need to know before you click, tap, or swipe again.
Tycoon2FA Bypasses Microsoft, European Espionage Campaign, ResolverRAT Global Threat – Cybersecurity News [April 14, 2025]
by DuoCircle
This week’s cybersecurity news roundup isn’t just another string of breaches and exploits but a blueprint of how far threat actors have come and how swiftly they are advancing and increasing their attack surface. From phishing kits outsmarting MFA to malware operating entirely in memory, attackers are sharpening their tools and aiming at high-value Sharks and industry giants, even preying upon global healthcare providers and diplomatic channels. Let’s dig into what happened and how we can leverage our defenses and stay safe online!
From crypto-mining malware hiding in Office tools to ransomware attacks shaking up ports and pension funds, this week’s cybersecurity bulletin has it all. Whether you use WhatsApp on Windows or manage your retirement savings online, these incidents are a reminder of how quickly threats evolve—and how easy it is to become a target.
Cyber threats are evolving, and this week has been no exception. From a dangerous CrushFTP vulnerability under active attack to a sophisticated phishing platform preying on mobile users, cyber criminals are refining their tactics. Hackers are also exploiting WordPress features to stay hidden, while a new Android malware is after crypto wallets. With attackers moving fast, staying informed is more critical than ever—here’s everything you need to know.
From hackers targeting Hyper-V servers to fake file converters spreading malware, there’s plenty to watch out for. There’s also news of Counter-Strike 2 players being tricked into handing over their Steam accounts, and a new ransomware strain is hitting multiple operating systems at once. Even npm packages aren’t safe, with attackers sneaking in backdoors through open-source libraries. Stay ahead of these risks with our latest cybersecurity bulletin—because knowing what’s out there is the first step to staying secure.
The internet never sleeps and halts, and neither do cyber threats and its malicious actors. This week, sneaky apps tricked millions, hackers pulled off a clever email scam, and a big ransomware attack hit critical systems. Meanwhile, Google is making a massive security move, and Telegram’s CEO is caught up in legal trouble. Here’s everything you need to know about the latest in cybersecurity!(more…)
This week’s bulletin highlights some serious incidents that could impact individuals and businesses alike. From hackers spreading malware through NPM packages to cryptocurrency-stealing schemes, cybercriminals are finding new ways to trick people and exploit vulnerabilities. You can stay informed, stay cautious, and take action to protect yourself from these threats with our detailed coverage.
Your wait is over as we’re back with cybersecurity’s latest this week! We’ll discuss about a data breach impacting policyholders of a significant insurance organization, a notorious malware spam host resurfacing under a new provider, a new scam targeting US executives using deceptive postal mail; experts recently uncovered a new botnet that is infecting thousands and a concerning discovery of sensitive API keys within AI training datasets. Let’s not wait further and dive in!
State-sponsored hacktivism is on the rise. Script kiddies use pre-existing scripts while others employ highly sophisticated tactics using diverse tools and resources. Attackers are scouring GitHub for sensitive information on GitHub and trying to steal critical information from repositories. Security breaches happen when they gain unauthorized access to the source code. This week, we’re reviewing a series of the latest cybersecurity incidents by closely analyzing their attack trends and threat vectors. We’ll also discuss how a significant cryptocurrency exchange organization was the victim of a massive crypto attack and explore how the FatalRAT malware targeted organizations across APAC. Below is a summary of the latest findings.
Cybersecurity threats are rapidly evolving at an unprecedented rate, making cybersecurity more critical than ever. This week, we uncovered a new malware targeting macOS users through fake browser updates and a stealthy cyberattack exploiting Windows utilities to evade detection. We will also explore how hackers deploy payment skimmers using hidden image tags, as well as discover how the latest cyber espionage campaigns target big industries and international corporations. Lastly, we will cover the news highlighting recent data breaches affecting thousands of individuals and organizations across the globe.
Massive Cyber Attack, ClickFix Deploys RAT, Hacker Group Attacks – Cybersecurity News [February 10, 2025]
by DuoCircle
Cybercriminals nowadays are getting smarter and adapting social engineering and ransomware techniques to attack their targets. This week, we’re covering a series of critical attacks that smartly leveraged the use of BotNet, affecting around 2.8 million devices. Also, we will uncover how social engineering attacks were executed to run unintended malicious PowerShell commands.
Zip Flaw Exploited, Meta Confirms Spyware, ENGlobal Ransomware Outage – Cybersecurity News [February 03, 2025]
by DuoCircle
Cyber threats are becoming more sophisticated with each day passing by, attacking individuals and businesses unpredictably. This week’s security news covers news pieces directly curated from authentic sources. We will discuss how a new exploit in 7-Zip allowed attackers to bypass Windows security and how Meta identified a spyware attack on 90 journalists and activists.
DeepSeek AI Cyberattacks, Health Provider Breached, Telecom Data Impact – Cybersecurity News [January 27, 2025]
by DuoCircle
This week we are back with recent cybersecurity news pieces that highlight an exponential surge in cybersecurity threats proving to redefine the digital realm. Ranging from a leading AI platform limiting signups after a series of targeted cyberattacks, to a healthcare data breach that exposed millions of sensitive information.
This week, in our ongoing coverage of cybersecurity news, we take a closer look at recent cybersecurity news, threats, and innovative solutions impacting the virtual landscape. We tried covering everything ranging from coordinated cyberattacks on municipalities and banks to growing national security fears as we examined the vulnerabilities that threaten critical sectors. We’ll also cover why ransomware is such a growing threat to critical infrastructure and how co-opetition is becoming a major theme in cybersecurity. We will conclude with a highlight of the strategic alliance between Cognizant and CrowdStrike that enhances enterprise defense against emerging cyber threats.
Cybercriminals are enhancing their capabilities, as evidenced by the latest PhishPWP phishing threat. Similarly, this week’s cybersecurity bulletin highlights the latest ransomware attack on AWS servers, making recovery impossible without the attacker’s key. We also look at how cybercriminals use popular social media channels like Telegram. Zero-day attacks are the most dangerous of all, as they emerge from practically nowhere. This week’s news highlights one such attack on Fortinet FortiGate firewall users. Finally, we round off a reputed university shutting off classes, fearing a cyber-attack on its network.
Microsoft Alerts Millions, War Expands Globally, Salt Typhoon Surge – Cybersecurity News [January 06, 2025]
by DuoCircle
Ensuring proper cybersecurity is at the top of every organization’s agenda this year. That explains why Microsoft cautions its Windows 10 users and asks them to upgrade their PC’s OS before the 14 October 2025 deadline. However, even the most robust cybersecurity strategies might seem inadequate, especially as three more telecoms become victims of the Salt Typhoon.
The New Year is the time for resolutions. Individuals and organizations must focus on cybersecurity and resolve to take proactive steps to prevent cybercrime. Data breaches have become increasingly frequent. With people increasingly using smartphones to access the internet, securing these instruments should be paramount. In the face of rising cyber threats, ensuring robust email security on your devices, such as conducting security checks on Android and iPhones, is a vital step to safeguarding your personal and organizational data from breaches and attacks.
Microsoft Cybersecurity Transparency, Chrome Update Required, Google Calendar Phishing – Cybersecurity News [December 23, 2024]
by DuoCircle
The year 2024 is ending, but unfortunately, cybercrime never ends. Criminals are always on the look out for innovative ways to scam user accounts and steal data. So, service providers have their tasks cut out and keep users in the loop about the various security measures they initiate. Microsoft has taken the lead in adopting greater transparency in cybersecurity matters. This week, we shall also discuss the various Google Support Services criminals use to launch cyberattacks. Finally, we round off 2024 and welcome the new year 2025 by listing cybersecurity trends users must watch out for to secure their credentials and prevent them from being compromised.
Cybercriminals are intelligent and innovative, proactively searching for notorious ideas to launch their cyberattacks. This week’s news article discusses two innovative methods that threat actors consider, the crypto-romance scammers and the digital arrest scam. Nowadays cyber attackers are willing to target almost anything, we will learn about the two attacks that targeted on an online doughnut chain and an auto parts company. Hence, efforts are being made on grounds of user awareness and system updates that should help prevent such attacks. But downloading and installing updates can also be confusing so we have also discussed whether to download the latest Microsoft system update or not. Read on to learn more.
Windows Vulnerability Patched, Gmail Takeover Threat, PIH Health Ransomware – Cybersecurity News [December 09, 2024]
by DuoCircle
Zero-day vulnerabilities are the most critical because no one knows about them unless they are discovered. Therefore, malicious actors have greater chances of exploiting them before corrective measures are initiated. In this week’s news section, we shall discuss some zero-day vulnerabilities and the measures software producers take to mitigate the risks.
![ClickFix Hacking Tactic, Android Credit Scams, Marks Spencer Cyberattack – Cybersecurity News [April 21, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/sender-policy-framework-4674.jpg)
![Tycoon2FA Bypasses Microsoft, European Espionage Campaign, ResolverRAT Global Threat – Cybersecurity News [April 14, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/spf-record-tester-5743.jpg)
![SourceForge Office Malware, Kellogg Clop Breach, Seattle Port Ransomware – Cybersecurity News [April 07, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/spf-validator-4643.jpg)
![CrushFTP Exploit Alert, Lucid Phishing Surge, WordPress Plugin Exploit – Cybersecurity News [March 31, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/sender-policy-framework-5643.jpg)
![RedCurl Ransomware Targets, CS2 Steam Phishing, Fake Converter Cyberattacks – Cybersecurity News [March 24, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/spf-record-tester-5621.jpg)
![Vapor Apps Malware, Coinbase Phishing Scam, Medusa Ransomware Attack – Cybersecurity News [March 17, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/spf-record-check-8904.jpg)
![Lazarus Infects NPM, MassJacker Steals Crypto, CISA Alerts Ivanti – Cybersecurity News [March 10, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/spf-permerror-3428.jpg)
![Life Insurance Breach, Notorious Malware Identified, Fake Ransom Scam – Cybersecurity News [March 03, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/sender-policy-framework-4532.jpg)
![Bybit’s $1.5B Loss, FatalRAT Hits APAC, GitVenom Targets Wallets, – Cybersecurity News [February 24, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/phishing-protection-5643.jpg)
![FrigidStealer Targets macOS, MAVInject Evades Detection, Stealthy Espionage Malware – Cybersecurity News [February 17, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/sender-policy-framework-6542.jpg)
![Massive Cyber Attack, ClickFix Deploys RAT, Hacker Group Attacks – Cybersecurity News [February 10, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/spf-validator-3271.jpg)
![Zip Flaw Exploited, Meta Confirms Spyware, ENGlobal Ransomware Outage – Cybersecurity News [February 03, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/spf-permerror-6464.jpg)
![DeepSeek AI Cyberattacks, Health Provider Breached, Telecom Data Impact – Cybersecurity News [January 27, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/spf-record-tester-5454.jpg)
![Cyberattacks Targeting Institutions, Treasury Security Alarms, Telecom Network Breach – Cybersecurity News [January 20, 2025]](https://www.duocircle.com/wp-content/uploads/2025/01/dkim-selector-2.jpg)
![New PhishWP Threat, Illicit Marketplace Live, Codefinger Targets AWS – Cybersecurity News [January 13, 2025]](https://www.duocircle.com/wp-content/uploads/2025/01/dmarc-report-3.jpg)
![Microsoft Alerts Millions, War Expands Globally, Salt Typhoon Surge – Cybersecurity News [January 06, 2025]](https://www.duocircle.com/wp-content/uploads/2025/01/spf-record-checker-5.jpg)
![Essential Check Secures, Prevention Beats Recovery, Treasury Cyber Breach- Cybersecurity News [December 30, 2024]](https://www.duocircle.com/wp-content/uploads/2025/01/phishing-protection-2.jpg)
![Microsoft Cybersecurity Transparency, Chrome Update Required, Google Calendar Phishing – Cybersecurity News [December 23, 2024]](https://www.duocircle.com/wp-content/uploads/2025/01/spf-permerror.jpg)
![Microsoft Update Dilemma, Cyberattack Disrupts LKQ, Krispy Kreme Breach – Cybersecurity News [December 16, 2024]](https://www.duocircle.com/wp-content/uploads/2024/12/sender-policy-framework-7.jpg)
![Windows Vulnerability Patched, Gmail Takeover Threat, PIH Health Ransomware – Cybersecurity News [December 09, 2024]](https://www.duocircle.com/wp-content/uploads/2024/12/sender-policy-framework-5.jpg)