Blog #Cybersecurity Trends

This recent investigation uncovered a sophisticated web skimming attack targeting Casio UK and 16 other websites, likely due to vulnerabilities in Magento-based platforms.

The UK telecommunications company TalkTalk has confirmed a data breach involving a third-party supplier’s platform after a threat actor, ‘b0nd,’ claimed to have stolen information on 18.8 million customers.

Chinese AI company DeepSeek blamed a cyberattack for preventing new user registrations, though existing users remained unaffected.

Hellcat is a newly identified ransomware group using a Ransomware-as-a-Service (RaaS) model to target government, education, and energy sectors.

The "FlowerStorm" phishing framework has emerged as a sophisticated Phishing-as-a-Service (PhaaS) platform targeting multiple brands to steal login credentials.

A recent Netwrix report revealed that 84% of healthcare organizations experienced a cyberattack on their infrastructure in the past year, with phishing being the most common incident.

A vulnerability in Subaru's Starlink connected vehicle service allowed unauthorized access to customer accounts in the US, Canada, and Japan, according to security researcher Sam Curry.

The New York State Department of Financial Services (NYDFS) fined PayPal $2 million for failing to meet its cybersecurity standards, following a data breach in December 2022.

PowerSchool announced a data breach in December 2024, compromising personal information of students and educators. The breach, identified on December 28, affected only PowerSchool's Student Information System (SIS), accessed through its customer support portal, PowerSource.

CloudSEK researchers discovered a vulnerability in Zendesk's platform that allows cybercriminals to exploit subdomain registration for phishing and investment scams.

President Donald Trump pardoned Ross Ulbricht, the founder of the dark web marketplace Silk Road, calling his prosecution unfair and overly harsh.

On the first day of Pwn2Own Automotive 2025, $382,750 was awarded for 16 zero-day vulnerabilities in car infotainment systems, EV chargers, and automotive operating systems.