Cybersecurity News

Have I Been Pwned (HIBP), the leading data breach monitoring service, has significantly expanded its database with the addition of over 284 million compromised accounts discovered in infostealer logs distributed through Telegram channels. This massive update represents one of the most substantial additions to the platform’s repository of compromised credentials. Unprecedented Scale of Compromised Data … Read more

Google’s aggressive implementation of Manifest V3 for Chrome extensions marks a significant shift in browser security architecture, forcing popular security tools, including the widely-used uBlock Origin, to either adapt or cease operations. This transition represents one of the most substantial changes to Chrome’s extension ecosystem in recent years, with far-reaching implications for user privacy and … Read more

In a significant development affecting digital privacy, Apple has announced the discontinuation of its Advanced Data Protection (ADP) feature in the United Kingdom, following governmental demands for encryption backdoor access. This decision marks a crucial turning point in the ongoing debate between national security interests and user privacy protection. Understanding the Regulatory Pressure and Apple’s … Read more

Cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits PayPal’s legitimate gift address functionality to distribute fraudulent purchase notifications. The attack’s unprecedented nature lies in its ability to deliver malicious content through PayPal’s official [email protected] email address, successfully bypassing standard authentication protocols and email security measures. Technical Analysis of the PayPal Gift Address Exploitation … Read more

Cybersecurity researchers have uncovered a sophisticated new ransomware operation named Anubis, which introduces an unprecedented three-tiered approach to cybercrime monetization. This advanced Ransomware-as-a-Service (RaaS) platform represents a significant evolution in the ransomware landscape, offering operators multiple revenue streams through distinct business models. Technical Analysis and Origins of Anubis First detected on the RAMP underground forum … Read more

Security researchers at Positive Technologies have identified a significant security vulnerability in the Veeam Service Provider Console, a widely-deployed platform for backup and disaster recovery services. The vulnerability, tracked as CVE-2024-45206 with a CVSS score of 6.3, enables Server-Side Request Forgery (SSRF) attacks that could potentially compromise organizations’ internal networks. Understanding the Technical Impact The … Read more

Security researchers have discovered a critical vulnerability dubbed “Wallbleed” in the Great Firewall of China (GFW), providing unprecedented insights into the world’s most sophisticated internet filtering system. The vulnerability, actively exploited for research purposes from 2021 to 2024, has revealed crucial technical details about the firewall’s internal operations and architecture. Technical Analysis of the Wallbleed … Read more

In a groundbreaking development for mobile device security, Qualcomm and Google have announced a strategic partnership that will enable unprecedented eight-year security support for Android devices. This initiative marks a significant advancement in long-term mobile security protection, setting new standards for the industry and addressing growing cybersecurity concerns. Enhanced Security Timeline for Premium Android Devices … Read more

Microsoft has implemented an immediate suspension of the Windows 11 version 24H2 update distribution for systems running AutoCAD 2022. This decisive action comes in response to the discovery of a critical compatibility issue that renders the popular engineering software inoperable following the operating system update installation. Impact Assessment and Version Specificity The compatibility conflict is … Read more

Bitdefender Labs has uncovered a sophisticated phishing campaign targeting Counter-Strike 2 players, exploiting the anticipation surrounding upcoming major tournaments IEM Katowice 2025 and PGL Cluj-Napoca 2025. The operation combines social engineering tactics with fraudulent streaming content to compromise Steam accounts and steal cryptocurrency assets from unsuspecting victims. Advanced Social Engineering Tactics in Gaming Communities The … Read more