Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Fake AI video generators drop new Noodlophile infostealer malware
Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called ‘Noodlophile,’ under the guise of generated media content. The websites use enticing names like the “Dream Machine” and are advertised on high-visibility groups on Facebook, posing as advanced AI tools that generate videos based on uploaded user files. Although […]
Ascension says recent data breach affects over 430,000 patients
Ascension, one of the largest private healthcare systems in the United States, has revealed that the personal and healthcare information of over 430,000 patients was exposed in a data breach disclosed last month. As Ascension revealed in breach notification letters sent to affected individuals in April, their information was stolen in a data theft attack that impacted […]
Google Chrome to use on-device AI to detect tech support scams
Google is implementing a new Chrome security feature that uses the built-in ‘Gemini Nano’ large-language model (LLM) to detect and block tech support scams while browsing the web. Tech support scams are malicious websites that trick users into thinking their computer has a virus infection or other problem. These alerts are shown as full-screen browser windows or […]
Police dismantles botnet selling hacked routers as residential proxies
Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. The U.S. Justice Department also indicted three Russian nationals (Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, and Aleksandr Aleksandrovich Shishkin) and a Kazakhstani (Dmitriy Rubtsov) for their […]
Chinese hackers behind attacks targeting SAP NetWeaver servers
Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor. SAP released an out-of-band emergency patch on April 24 to address this unauthenticated file upload security flaw (tracked as CVE-2025-31324) in SAP NetWeaver Visual Composer, days after cybersecurity company ReliaQuest first detected the vulnerability being targeted in […]
Germany takes down eXch cryptocurrency exchange, seizes servers
The Federal police in Germany (BKA) seized the server infrastructure and shut down the ‘eXch’ cryptocurrency exchange platform for alleged money laundering cybercrime proceeds. During the law enforcement operation, the authorities also seized eight terabytes of data and cryptocurrency (Bitcoin, Ether, Litecoin, and Dash) worth approximately $38,000,000, making this the third largest seizure of digital assets […]
FBI: End-of-life routers hacked for cybercrime proxy networks
The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. These devices, which were released many years back and no longer receive security updates from their vendors, are vulnerable to external attacks leveraging publicly available exploits to inject persistent malware. Once […]
Cisco fixes max severity IOS XE flaw letting attackers hijack devices
Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. This token is meant to authenticate requests to a feature called ‘Out-of-Band AP Image Download.’ Since it’s hard-coded, anyone can impersonate an authorized user […]
Education giant Pearson hit by cyberattack exposing customer data
Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, GeekFeed has learned. Pearson is a UK-based education company and one of the world’s largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its […]
Supply chain attack hits npm package with 45,000 weekly downloads
An npm package named ‘rand-user-agent’ has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user’s system. The ‘rand-user-agent‘ package is a tool that generates randomized user-agent strings, which is helpful in web scraping, automated testing, and security research. Although the package has been […]