Cybersecurity News

The Federal Bureau of Investigation (FBI) has issued an urgent advisory regarding a widespread cybercrime operation where threat actors impersonate Internet Crime Complaint Center (IC3) officials. The campaign, which has affected over 100 victims between December 2023 and February 2024, specifically targets individuals who have previously fallen victim to online fraud schemes. Multi-Channel Social Engineering … Read more

Cybersecurity researchers at Human Security have uncovered a sophisticated ad fraud operation codenamed “Scallywag” that exploits specialized WordPress plugins to monetize pirated content at an unprecedented scale. The operation generates an astounding 1.4 billion fraudulent ad requests daily through a network of 407 compromised domains, marking one of the largest discovered ad fraud schemes in … Read more

Cybersecurity researchers at Eclypsium have uncovered a severe security vulnerability (CVE-2024-54085) affecting ASUS server hardware that could enable attackers to gain complete remote control over affected systems. The vulnerability resides in the MegaRAC Baseboard Management Controller (BMC) firmware developed by American Megatrends International (AMI), a widely-adopted solution across multiple server hardware manufacturers. Understanding the Security … Read more

Google’s latest Ad Safety Report reveals a dramatic escalation in advertising security measures, with the tech giant blocking an unprecedented 39.2 million advertiser accounts in 2024. This represents a threefold increase from 2023’s 12.7 million blocked accounts, highlighting the growing sophistication of cyber threats, particularly those leveraging generative AI technologies. Proactive Defense Against AI-Powered Advertising … Read more

Cybersecurity researchers have documented a significant escalation in sophisticated phishing attacks leveraging SVG (Scalable Vector Graphics) files to compromise Google and Microsoft user credentials. The latest threat intelligence reports indicate a 600% increase in SVG-based phishing incidents between February and March 2025, with over 4,000 cases detected globally. Understanding SVG-Based Attack Vectors SVG files present … Read more

A significant cybersecurity breach has been reported at SK Telecom, South Korea’s leading mobile carrier serving over 34 million subscribers. The incident, detected on April 19, 2025, resulted in unauthorized access to sensitive USIM module data, potentially compromising the security of millions of customers’ mobile communications. Attack Vector and Initial Response The sophisticated cyber attack … Read more

Cybersecurity researchers at Cleafy have uncovered a sophisticated new threat to mobile payment security: SuperCard X, a Malware-as-a-Service (MaaS) platform specifically designed to execute relay attacks on Android devices through NFC interfaces. This advanced malware enables criminals to conduct unauthorized transactions at point-of-sale terminals and ATMs using compromised banking card data. Technical Architecture and Origins … Read more

A groundbreaking investigation by Positive Technologies has uncovered compelling evidence linking two notorious advanced persistent threat (APT) groups, Team46 and TaxOff, suggesting they may be operating as a single sophisticated cyber operation. The research provides detailed technical analysis of their attack patterns, infrastructure, and malware deployment methods. Zero-Day Chrome Vulnerability Exploitation Unveils Complex Attack Pattern … Read more

A groundbreaking report from Imperva reveals a pivotal moment in internet history: automated bot traffic has overtaken human-generated activity, now accounting for 51% of all internet traffic. This unprecedented shift presents significant challenges for cybersecurity, with malicious bots comprising 37% of total traffic, while legitimate automated systems represent only 14%. AI Technology Fuels Surge in … Read more

Microsoft has significantly enhanced its bug bounty program, offering rewards of up to $30,000 for discovering critical security vulnerabilities in AI components within Dynamics 365 and Power Platform. This strategic expansion reflects the growing importance of securing enterprise-grade artificial intelligence systems and demonstrates Microsoft’s commitment to maintaining robust security across its AI-enabled business solutions. Enhanced … Read more