Latest IT News & Tech Trends
The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised. This platform is also used by other UK educational organizations, such as King’s College London and the University of Manchester, to run their institution-specific career hubs. […]
Meta has revealed that over 20,000 Instagram users had their accounts hijacked in a recent incident where attackers used Meta’s AI-powered support system to reset passwords. As GeekFeed reported one week ago, the threat actors exploited a flaw in the company’s High Touch Support (HTS) tool, an AI-assisted support system that helps users regain access after being locked out of […]
Microsoft has created an open-source fork of Windows Terminal called “Intelligent Terminal,” and it allows you to use AI directly inside Terminal without interfering with the regular session. Microsoft describes the Intelligent Terminal as a built-in assistant that can help you explain errors, draft commands, and fix problems without leaving the terminal. First, the agent […]
A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. The researchers found samples for ARM, MIPS, PowerPC, SuperH, x86, x86_64, and other architectures, featuring exploits for DVRs, routers, video management platforms, and Android-based devices. The botnet was seen targeting […]
The Silent Ransom Group extortion gang is actively targeting U.S. law firms and professional services organizations in social engineering attacks that often lead to data theft within hours of initial contact, according to a new report by cybersecurity firm Mandiant. The report follows an FBI FLASH advisory published last week warning that the Silent Ransom […]
Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website. The security issue affects versions 1.9.12 and earlier of the plugin and can be leveraged without authentication to execute arbitrary code on the server. Everest Forms Pro is a commercial add-on […]
Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. Both Japanese companies advised users who entered their account login data in the authentication screens to change their passwords to access the service. The login pop-ups were generated by the external service hosted at polyfill[.]io, […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. Serv-U is the company’s Windows and Linux file transfer software that offers Managed File Transfer (MFT) and FTP server capabilities, which allow users to securely exchange files via HTTP/HTTPS, […]
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. An investigation into the incident revealed that the threat actor had gained access to the victim network at least 18 months before detection, and had also compromised the victim organization’s […]
A California man was sentenced to more than 26 years in federal prison for trafficking fentanyl and methamphetamine through Nemesis Market, one of the world’s largest dark web marketplaces. 39-year-old Darren Hughes of San Jose was convicted on drug trafficking charges in November 2025 and was sentenced by U.S. District Judge John F. Kness on […]
