A sophisticated one-click phishing campaign has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter) to promote fraudulent cryptocurrency schemes, with attackers employing various tactics to hijack accounts and mislead users.
In 2024, the number of actively exploited vulnerabilities rose to 768, marking a 20% increase from the previous year, highlighting ongoing challenges in cybersecurity.
The US Justice Department has indicted several individuals, including North Korean and Mexican nationals, for orchestrating a fraudulent scheme that secured remote IT work with American companies to generate revenue for North Korea, involving identity deception and unauthorized access to corporate finances.
DeepSeek, a Chinese Large Language Model, has encountered critical vulnerabilities in detecting malicious prompts and has been targeted by multiple Distributed Denial of Service attacks, raising concerns about its security in the gig economy.
Chief Information Security Officers are reallocating budgets to enhance crisis simulation capabilities in 2025, driven by increasing cyber attack frequencies and the need for improved incident response planning.
The 2024 report *Common Challenges in Cybercrime* by Europol and Eurojust highlights significant obstacles for European police, including data access issues, skill shortages, and legal constraints, which hinder effective cybercrime investigations.
Tata Technologies Limited confirmed a ransomware incident that temporarily affected its IT infrastructure, but services have since been restored while the company investigates the breach and enhances its cybersecurity measures.
PayPal has been fined $2 million by New York’s Department of Financial Services due to significant cybersecurity lapses that exposed sensitive customer information, including Social Security numbers, for nearly seven weeks.
Threat actors are increasingly targeting unpatched public-facing applications and utilizing web shells and remote access tools to gain initial access, marking a significant shift in attack tactics.
Recent vulnerabilities in China’s DeepSeek AI model, including susceptibility to jailbreaking tactics and potential reliance on OpenAI’s technology, raise significant ethical and legal concerns regarding AI security and data integrity.
