Author Info

Recent cybersecurity reports reveal that a North Korean hacking group, identified as Moonstone Sleet, has begun deploying Qilin ransomware in a series of targeted attacks. This marks a significant shift in their tactics, as they have traditionally relied on their own custom ransomware tools. The collaboration with a Ransomware-as-a-Service (RaaS)

NTT Communications Corporation, a leading telecommunications provider in Japan, has alerted nearly 18,000 corporate clients about a data breach that compromised their information. The incident, discovered in early February 2025, highlights ongoing cybersecurity challenges faced by major telecom companies. Details of the NTT Data Breach The breach was identified

The notorious ransomware group, Hunters International, has reportedly infiltrated Tata Technologies, a subsidiary of Tata Motors, claiming to have exfiltrated 1.4 terabytes of sensitive data. Details of the Breach According to a regulatory filing with the Indian National Stock Exchange, the cyber attack occurred in January. Tata Technologies, a

The cyber threat group known as Silk Typhoon, previously identified as Hafnium, has shifted its focus towards exploiting the information technology (IT) supply chain to gain initial access to corporate networks. This development follows their earlier exploitation of zero-day vulnerabilities in Microsoft Exchange servers. Silk Typhoon's Evolving Tactics

The United States has taken decisive action against Chinese cybercriminals, charging state security officers and hackers linked to APT27 and i-Soon for extensive cyberattacks since 2011. These breaches have targeted a wide range of victims, including US government agencies, foreign ministries in Asia, US-based dissidents, and a major religious organization.

A newly identified botnet, dubbed 'Eleven11bot,' has compromised over 86,000 Internet of Things (IoT) devices, including security cameras and network video recorders (NVRs), to execute distributed denial of service (DDoS) attacks. This botnet, which has potential connections to Iran, has already targeted telecommunication service providers and online

A sophisticated threat actor known as JavaGhost has been exploiting misconfigured AWS environments to gain unauthorized access and deploy phishing attacks. This group has been active for over five years, initially focusing on website defacement before shifting to phishing operations in 2022 for financial gain. JavaGhost's Tactics in

Recent investigations have unveiled significant connections between the Black Basta and Cactus ransomware groups. Both factions have been found employing similar social engineering techniques and utilizing the BackConnect proxy malware to maintain access to compromised corporate networks. Uncovering the Malware Links In January, cybersecurity firm Zscaler identified a Zloader malware

Recent investigations have uncovered close to 12,000 valid secrets, including API keys and passwords, within the Common Crawl dataset. This dataset, utilized for training various artificial intelligence models, poses significant security concerns. Understanding the Common Crawl Dataset The Common Crawl organization maintains an extensive open-source repository containing petabytes of