Cyber threats are evolving, and this week has been no exception. From a dangerous CrushFTP vulnerability under active attack to a sophisticated phishing platform preying on mobile users, cyber criminals are refining their tactics. Hackers are also exploiting WordPress features to stay hidden, while a new Android malware is after crypto wallets. With attackers moving fast, staying informed is more critical than ever—here’s everything you need to know.
From hackers targeting Hyper-V servers to fake file converters spreading malware, there’s plenty to watch out for. There’s also news of Counter-Strike 2 players being tricked into handing over their Steam accounts, and a new ransomware strain is hitting multiple operating systems at once. Even npm packages aren’t safe, with attackers sneaking in backdoors through open-source libraries. Stay ahead of these risks with our latest cybersecurity bulletin—because knowing what’s out there is the first step to staying secure.
The internet never sleeps and halts, and neither do cyber threats and its malicious actors. This week, sneaky apps tricked millions, hackers pulled off a clever email scam, and a big ransomware attack hit critical systems. Meanwhile, Google is making a massive security move, and Telegram’s CEO is caught up in legal trouble. Here’s everything you need to know about the latest in cybersecurity!(more…)
This week’s bulletin highlights some serious incidents that could impact individuals and businesses alike. From hackers spreading malware through NPM packages to cryptocurrency-stealing schemes, cybercriminals are finding new ways to trick people and exploit vulnerabilities. You can stay informed, stay cautious, and take action to protect yourself from these threats with our detailed coverage.
Your wait is over as we’re back with cybersecurity’s latest this week! We’ll discuss about a data breach impacting policyholders of a significant insurance organization, a notorious malware spam host resurfacing under a new provider, a new scam targeting US executives using deceptive postal mail; experts recently uncovered a new botnet that is infecting thousands and a concerning discovery of sensitive API keys within AI training datasets. Let’s not wait further and dive in!
State-sponsored hacktivism is on the rise. Script kiddies use pre-existing scripts while others employ highly sophisticated tactics using diverse tools and resources. Attackers are scouring GitHub for sensitive information on GitHub and trying to steal critical information from repositories. Security breaches happen when they gain unauthorized access to the source code. This week, we’re reviewing a series of the latest cybersecurity incidents by closely analyzing their attack trends and threat vectors. We’ll also discuss how a significant cryptocurrency exchange organization was the victim of a massive crypto attack and explore how the FatalRAT malware targeted organizations across APAC. Below is a summary of the latest findings.
Cybersecurity threats are rapidly evolving at an unprecedented rate, making cybersecurity more critical than ever. This week, we uncovered a new malware targeting macOS users through fake browser updates and a stealthy cyberattack exploiting Windows utilities to evade detection. We will also explore how hackers deploy payment skimmers using hidden image tags, as well as discover how the latest cyber espionage campaigns target big industries and international corporations. Lastly, we will cover the news highlighting recent data breaches affecting thousands of individuals and organizations across the globe.
Massive Cyber Attack, ClickFix Deploys RAT, Hacker Group Attacks – Cybersecurity News [February 10, 2025]
by DuoCircle
Cybercriminals nowadays are getting smarter and adapting social engineering and ransomware techniques to attack their targets. This week, we’re covering a series of critical attacks that smartly leveraged the use of BotNet, affecting around 2.8 million devices. Also, we will uncover how social engineering attacks were executed to run unintended malicious PowerShell commands.
Zip Flaw Exploited, Meta Confirms Spyware, ENGlobal Ransomware Outage – Cybersecurity News [February 03, 2025]
by DuoCircle
Cyber threats are becoming more sophisticated with each day passing by, attacking individuals and businesses unpredictably. This week’s security news covers news pieces directly curated from authentic sources. We will discuss how a new exploit in 7-Zip allowed attackers to bypass Windows security and how Meta identified a spyware attack on 90 journalists and activists.
DeepSeek AI Cyberattacks, Health Provider Breached, Telecom Data Impact – Cybersecurity News [January 27, 2025]
by DuoCircle
This week we are back with recent cybersecurity news pieces that highlight an exponential surge in cybersecurity threats proving to redefine the digital realm. Ranging from a leading AI platform limiting signups after a series of targeted cyberattacks, to a healthcare data breach that exposed millions of sensitive information.
This week, in our ongoing coverage of cybersecurity news, we take a closer look at recent cybersecurity news, threats, and innovative solutions impacting the virtual landscape. We tried covering everything ranging from coordinated cyberattacks on municipalities and banks to growing national security fears as we examined the vulnerabilities that threaten critical sectors. We’ll also cover why ransomware is such a growing threat to critical infrastructure and how co-opetition is becoming a major theme in cybersecurity. We will conclude with a highlight of the strategic alliance between Cognizant and CrowdStrike that enhances enterprise defense against emerging cyber threats.
Cybercriminals are enhancing their capabilities, as evidenced by the latest PhishPWP phishing threat. Similarly, this week’s cybersecurity bulletin highlights the latest ransomware attack on AWS servers, making recovery impossible without the attacker’s key. We also look at how cybercriminals use popular social media channels like Telegram. Zero-day attacks are the most dangerous of all, as they emerge from practically nowhere. This week’s news highlights one such attack on Fortinet FortiGate firewall users. Finally, we round off a reputed university shutting off classes, fearing a cyber-attack on its network.
Microsoft Alerts Millions, War Expands Globally, Salt Typhoon Surge – Cybersecurity News [January 06, 2025]
by DuoCircle
Ensuring proper cybersecurity is at the top of every organization’s agenda this year. That explains why Microsoft cautions its Windows 10 users and asks them to upgrade their PC’s OS before the 14 October 2025 deadline. However, even the most robust cybersecurity strategies might seem inadequate, especially as three more telecoms become victims of the Salt Typhoon.
The New Year is the time for resolutions. Individuals and organizations must focus on cybersecurity and resolve to take proactive steps to prevent cybercrime. Data breaches have become increasingly frequent. With people increasingly using smartphones to access the internet, securing these instruments should be paramount. In the face of rising cyber threats, ensuring robust email security on your devices, such as conducting security checks on Android and iPhones, is a vital step to safeguarding your personal and organizational data from breaches and attacks.
Microsoft Cybersecurity Transparency, Chrome Update Required, Google Calendar Phishing – Cybersecurity News [December 23, 2024]
by DuoCircle
The year 2024 is ending, but unfortunately, cybercrime never ends. Criminals are always on the look out for innovative ways to scam user accounts and steal data. So, service providers have their tasks cut out and keep users in the loop about the various security measures they initiate. Microsoft has taken the lead in adopting greater transparency in cybersecurity matters. This week, we shall also discuss the various Google Support Services criminals use to launch cyberattacks. Finally, we round off 2024 and welcome the new year 2025 by listing cybersecurity trends users must watch out for to secure their credentials and prevent them from being compromised.
Cybercriminals are intelligent and innovative, proactively searching for notorious ideas to launch their cyberattacks. This week’s news article discusses two innovative methods that threat actors consider, the crypto-romance scammers and the digital arrest scam. Nowadays cyber attackers are willing to target almost anything, we will learn about the two attacks that targeted on an online doughnut chain and an auto parts company. Hence, efforts are being made on grounds of user awareness and system updates that should help prevent such attacks. But downloading and installing updates can also be confusing so we have also discussed whether to download the latest Microsoft system update or not. Read on to learn more.
Windows Vulnerability Patched, Gmail Takeover Threat, PIH Health Ransomware – Cybersecurity News [December 09, 2024]
by DuoCircle
Zero-day vulnerabilities are the most critical because no one knows about them unless they are discovered. Therefore, malicious actors have greater chances of exploiting them before corrective measures are initiated. In this week’s news section, we shall discuss some zero-day vulnerabilities and the measures software producers take to mitigate the risks.
Banshee Stealer Unveiled, Corrupted Word Phishing, AI Voice Scams – Cybersecurity News [December 02, 2024]
by DuoCircle
The cybercriminal breed is expanding at a tremendous rate, necessitating urgent remedial measures from the relevant involved parties. Cybercriminals are also upscaling their operations and taking sufficient precautionary measures to prevent getting caught. Unfortunately, the public, who end up as unsuspecting victims, needs to pull up their socks and act responsibly to avoid becoming victims of cybersecurity fraud. This week’s cybersecurity news focuses on these aspects and aims to educate people to become more aware of the ever-evolving cyber threat landscape.
In this week’s cyber update, let’s examine the following case scenarios closely: a significant email data breach affecting multiple healthcare organizations, the discovery of a new Wi-Fi exploit used in targeted attacks, a malware campaign exploiting an outdated Avast driver, a high-profile extortion campaign targeting cloud storage platforms, and recent intrusion attempts on telecom infrastructure. These headlines are followed by matter-expert suggestions highlighting best practices one could follow to mitigate potential risks in the future.
The wait is over! We’re here with this week’s round-up of the most pressing cybersecurity events and developments worldwide. The latest reports shed light on a significant data breach at a fintech giant, Finastra, efforts by the USDA to thwart phishing attacks with advanced authentication measures, a zero-day vulnerability impacting PAN-OS devices, VMware vCenter Server flaws being exploited post-patch, and a critical WordPress plugin vulnerability that puts millions of websites at risk.
![CrushFTP Exploit Alert, Lucid Phishing Surge, WordPress Plugin Exploit – Cybersecurity News [March 31, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/sender-policy-framework-5643.jpg)
![RedCurl Ransomware Targets, CS2 Steam Phishing, Fake Converter Cyberattacks – Cybersecurity News [March 24, 2025]](https://www.duocircle.com/wp-content/uploads/2025/04/spf-record-tester-5621.jpg)
![Vapor Apps Malware, Coinbase Phishing Scam, Medusa Ransomware Attack – Cybersecurity News [March 17, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/spf-record-check-8904.jpg)
![Lazarus Infects NPM, MassJacker Steals Crypto, CISA Alerts Ivanti – Cybersecurity News [March 10, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/spf-permerror-3428.jpg)
![Life Insurance Breach, Notorious Malware Identified, Fake Ransom Scam – Cybersecurity News [March 03, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/sender-policy-framework-4532.jpg)
![Bybit’s $1.5B Loss, FatalRAT Hits APAC, GitVenom Targets Wallets, – Cybersecurity News [February 24, 2025]](https://www.duocircle.com/wp-content/uploads/2025/03/phishing-protection-5643.jpg)
![FrigidStealer Targets macOS, MAVInject Evades Detection, Stealthy Espionage Malware – Cybersecurity News [February 17, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/sender-policy-framework-6542.jpg)
![Massive Cyber Attack, ClickFix Deploys RAT, Hacker Group Attacks – Cybersecurity News [February 10, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/spf-validator-3271.jpg)
![Zip Flaw Exploited, Meta Confirms Spyware, ENGlobal Ransomware Outage – Cybersecurity News [February 03, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/spf-permerror-6464.jpg)
![DeepSeek AI Cyberattacks, Health Provider Breached, Telecom Data Impact – Cybersecurity News [January 27, 2025]](https://www.duocircle.com/wp-content/uploads/2025/02/spf-record-tester-5454.jpg)
![Cyberattacks Targeting Institutions, Treasury Security Alarms, Telecom Network Breach – Cybersecurity News [January 20, 2025]](https://www.duocircle.com/wp-content/uploads/2025/01/dkim-selector-2.jpg)
![New PhishWP Threat, Illicit Marketplace Live, Codefinger Targets AWS – Cybersecurity News [January 13, 2025]](https://www.duocircle.com/wp-content/uploads/2025/01/dmarc-report-3.jpg)
![Microsoft Alerts Millions, War Expands Globally, Salt Typhoon Surge – Cybersecurity News [January 06, 2025]](https://www.duocircle.com/wp-content/uploads/2025/01/spf-record-checker-5.jpg)
![Essential Check Secures, Prevention Beats Recovery, Treasury Cyber Breach- Cybersecurity News [December 30, 2024]](https://www.duocircle.com/wp-content/uploads/2025/01/phishing-protection-2.jpg)
![Microsoft Cybersecurity Transparency, Chrome Update Required, Google Calendar Phishing – Cybersecurity News [December 23, 2024]](https://www.duocircle.com/wp-content/uploads/2025/01/spf-permerror.jpg)
![Microsoft Update Dilemma, Cyberattack Disrupts LKQ, Krispy Kreme Breach – Cybersecurity News [December 16, 2024]](https://www.duocircle.com/wp-content/uploads/2024/12/sender-policy-framework-7.jpg)
![Windows Vulnerability Patched, Gmail Takeover Threat, PIH Health Ransomware – Cybersecurity News [December 09, 2024]](https://www.duocircle.com/wp-content/uploads/2024/12/sender-policy-framework-5.jpg)
![Banshee Stealer Unveiled, Corrupted Word Phishing, AI Voice Scams – Cybersecurity News [December 02, 2024]](https://www.duocircle.com/wp-content/uploads/2024/12/email-smtp-service-1.jpg)
![Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast – Cybersecurity News [November 25, 2024]](https://www.duocircle.com/wp-content/uploads/2024/12/spf-record-tester.jpg)
![Finastra Probes Breach, USDA Adopts FID, PAN-OS Zero-Day – Cybersecurity News [November 18, 2024]](https://www.duocircle.com/wp-content/uploads/2024/11/spf-validator-7.jpg)