Bybit, a major cryptocurrency exchange, experienced a significant security breach on February 21, 2025, resulting in the theft of approximately $1.4 billion in digital assets, attributed to North Korea’s Lazarus Group.
Health Net Federal Services has agreed to pay $11.25 million to settle allegations of submitting false cybersecurity compliance certifications under a Department of Defense contract for the TRICARE health benefits program.
AI-driven cyber attacks, particularly from Russian groups, are targeting the upcoming German election through disinformation campaigns and fake social media accounts to manipulate public opinion and discredit political opponents.
Microsoft’s introduction of the Majorana 1 quantum chip signals a pivotal shift in quantum computing that could render existing encryption methods vulnerable, prompting a call for organizations to adopt post-quantum cryptography to safeguard against future threats.
Chinese state-sponsored hackers known as Salt Typhoon have been conducting a sophisticated cyberespionage campaign against US telecommunications infrastructure since 2019, exploiting vulnerabilities and stolen credentials to gain access to major telecom companies and networks.
A significant leak of internal communications from the BlackBasta ransomware gang reveals their strategies, internal conflicts, and operations, including details on key members and various exploits used in their attacks.
The DeceptiveDevelopment malware campaign, linked to North Korean cybercriminals, exploits freelance software developers in the cryptocurrency sector through fake job offers and sophisticated phishing tactics.
A critical authentication bypass vulnerability in Palo Alto Networks’ PAN-OS, CVE-2025-0108, has been discovered and is being actively exploited, allowing attackers to gain root access to affected systems.
The “Ghost” ransomware group, also known as Cring and Crypt3r, has been conducting widespread cyberattacks since 2021, targeting critical infrastructure and exploiting vulnerabilities in software such as Fortinet FortiOS and Microsoft Exchange.
Mobile phishing attacks, or “mishing,” have surged significantly, exploiting the unique vulnerabilities of mobile devices and targeting both personal and corporate users through advanced social engineering techniques.
