Information Security News Blog
-
Attackers have begun creating fake ChatGPT workspaces dressed up as real companies. Then they invite employees through genuine OpenAI emails. The scheme is dangerous precisely because it does not look like ordinary phishing. The...
-
Researchers have uncovered a network of malicious extensions inside the official Microsoft Edge store. These add-ons masqueraded as useful tools and operated for years alongside legitimate extensions. Disguised as ad blockers, weather widgets, video...
-
A popular ad-blocking extension on YouTube proves far more perilous than its Chrome Web Store page suggests. Researchers from Island dismantled Adblock for YouTube recently. Consequently, they discovered an architecture capable of transforming this...
The Linux kernel has expanded to a scale that is difficult to imagine for an open-source project. Following a week of intense merges for Linux 7.2, the source tree surpassed 43 million lines. Moreover,...
Cyberattack infrastructure often outlives the domains and IP addresses it depends on. Indeed, a new report from Hunt.io reveals just how densely such nodes have clustered across Eastern Europe. From 12 March to 12...
The more stealthy a malicious software remains, the longer its capacity to endure within a compromised system. This guiding philosophy drives the North Korean-linked Lazarus group in its latest offensive against banking institutions and...
Cyberattacks against critical infrastructure increasingly resemble strategic positioning rather than isolated breaches. Consequently, threat actors prepare for future disruptions. The Australian Security Intelligence Organisation (ASIO) recently reported a severe incident. Foreign Advanced Persistent Threat...
With the arrival of digitalization, waterworks and treatment plants have become prime targets for APT hackers. Yet they are not random victims. Rather, attackers deliberately choose them as pressure points within a broader strategy,...
Security researchers have uncovered a Linux flaw that elevates an ordinary local user to root. Remarkably, it does so without altering a single file on disk. Integrity checks may therefore reveal nothing, because the...
The Windows 11 anniversary has officially arrived, marking five years since its turbulent debut. However, this milestone serves primarily as an occasion to reflect upon why the operating system perpetually irritated its user base...
Cryptocurrency bridges remain the most enticing targets for cyberattacks. These digital conduits transfer assets between blockchains. They often represent the most vulnerable link in the ecosystem. The recent breach of the Taiko network perfectly...
Cryptocurrency scam schemes rarely rest on people alone. They need infrastructure to receive, move, and disguise money. Now the U.S. Department of Justice says it has seized a cloud account that served the Huione...
A city transit system rarely sits at the center of a criminal trial. Yet the attack on Transport for London (TfL) caused months of disruption, hit millions of passengers, and ended in guilty pleas...
Threat actors have initiated attempts to exploit the CVE-2026-20230 vulnerability within Cisco Unified servers used for corporate telephony. This critical error allows an unauthenticated, remote attacker to force file creation within the operating system....
A recent ransomware investigation by Microsoft yielded an astonishing revelation. Two entirely distinct and unassociated hacking syndicates were operating concurrently within the victim organization’s network. The primary group entrenched itself within the infrastructure, meticulously...