Tata Technologies Limited confirmed a ransomware incident that temporarily affected its IT infrastructure, but services have since been restored while the company investigates the breach and enhances its cybersecurity measures.
View full story…

PayPal has been fined $2 million by New York’s Department of Financial Services due to significant cybersecurity lapses that exposed sensitive customer information, including Social Security numbers, for nearly seven weeks.
View full story…

Threat actors are increasingly targeting unpatched public-facing applications and utilizing web shells and remote access tools to gain initial access, marking a significant shift in attack tactics.
View full story…

Recent vulnerabilities in China’s DeepSeek AI model, including susceptibility to jailbreaking tactics and potential reliance on OpenAI’s technology, raise significant ethical and legal concerns regarding AI security and data integrity.
View full story…

Operation Talent, led by Germany’s BKA and supported by international partners, successfully shut down the prominent cybercrime forums Cracked.io and Nulled.to, seizing critical infrastructure and arresting key individuals involved in the illegal activities.
View full story…

Security researchers have identified a novel attack method called “browser syncjacking,” which allows malicious browser extensions to take complete control of a user’s browser and device with minimal user interaction by exploiting permissions typically granted to extensions.
View full story…

Chinese generative AI platform DeepSeek suffered a significant security breach due to an exposed backend database, leaking sensitive information including user chat histories and API keys to the internet.
View full story…

New York Blood Center Enterprises is facing significant service disruptions due to a ransomware attack, exacerbating existing blood supply shortages and prompting urgent calls for donations.
View full story…

In 2024, Google significantly improved security for the Android ecosystem by blocking over 2.36 million risky apps and implementing AI-assisted reviews, while introducing new fraud prevention strategies to protect users from malicious applications and unauthorized data access.
View full story…

Cybercriminals are increasingly using legitimate HTTP client tools, such as Axios and Node-fetch, to execute account takeover attacks on Microsoft 365 environments, achieving notable success rates and leveraging sophisticated techniques to bypass security measures.
View full story…

The 2025 API ThreatStats Report by Wallarm reveals a staggering 1,205% increase in AI-driven API vulnerabilities, with nearly all AI-related flaws linked to insecure APIs, emphasizing the urgent need for enhanced security measures.
View full story…

In 2024, threat actors reduced the average breakout time to 48 minutes, with a notable 142% increase in initial access broker listings and a concerning reliance on valid credentials for network infiltration.
View full story…

Ransomware attacks in 2023 have increasingly focused on backup systems, resulting in over $1 billion in cryptocurrency extorted from victims, highlighting the urgent need for advanced data protection strategies.
View full story…