Your email security is locked down? Do you think your AI-powered filters can catch anything hackers throw at you? A new phishing attack targeting Gmail users is so clever, it’s not just designed to fool you. It’s designed to fool the very AI that’s supposed to protect you. This isn’t…
What is Business Email Compromise (BEC)? Business Email Compromise (BEC) is a relatively modern type of cybercrime that scammers use email schemes to deceive business employees and/or individuals with the purpose of financial fraud or obtaining important information. Usually, cyber attackers disguise themselves as CEOs, company partners, or other executives,…
Once Google reveals that it has been hacked, a shudder runs through all marketers, administrators, and C-suite executives. Quietly on August 5, 2025, the tech giant revealed that its attackers had drained customer data of one of its corporate Salesforce instances. Approximately 2.5 million Google Ads prospect records, including names,…
You open a regular-looking email. Nothing suspicious, no attachments, no links, no typos. You click “Summarise this email” using Google Gemini for Workspace. And bam! A fake security warning pops up in the summary, telling you your Gmail password is compromised and urging you to call a support number. Except……
CVE-2025-49826 is a serious vulnerability in Next.js, a widely used web framework based on the React platform. This vulnerability enables attackers to poison the cache and redirect users to blank pages. This results in a denial-of-service (DoS) attack. This vulnerability affects Next.js versions 15.1.0 to 15.1.7. The cache poisoning occurs when…
Introduction Ransom Denial of Service (RDoS) attacks which is a relatively new form of assault in the cyber security continuum are fast becoming a worry to organisations globally. These are hybrid attacks that incorporate the DDoS attack on targets’ resources with ransomware threats, making them a serious threat to various…
The most prevalent Java servlet container, Apache Tomcat, is present in most enterprise and cloud-based web applications. Because of its agile, open-source framework, Apache Tomcat is prevalent in many fields of technology. However, widespread adoption also carries widespread risk. In June 2025, the Apache Software Foundation reported 4 critical vulnerabilities…
Imagine downloading 10,000 HD movies in under a minute. That’s exactly what happened to one hosting provider’s server, only it wasn’t a movie night. It was the largest cyberattack ever recorded. In mid-May 2025, Cloudflare stopped a 7.3 terabits-per-second (Tbps) DDoS attack dead in its tracks. To put that in…
What is Ransomware-as-a-Service (RaaS)? Ransomware-as-a-Service is a model for cybercrime in which ransomware creators sell or license their software for use by accomplices, who usually launch ransomware attacks. Even with very little or no technical know-how, individuals can hence become active participants in a highly sophisticated ransomware attack. RaaS runs…
About the Incidence What began as a handful of phishing attacks by early 2025 became a large, organised attack aimed at the fisheries, telecommunications, and insurance sectors in Kuwait. Security Researchers at Hunt.io have found evidence of a large phishing campaign that used over 230 different malicious websites to try…
Introduction Cyber attacks are now a common thing in the modern world and are responsible for causing extensive harm to the various parties involved. Considering cyber threats, such as cyber attacks, data leaks, ransomware, and others, including Distributed Denial of Service (DDoS) attacks, the outcome is quite severe, resulting in…
About the Incidence Cybercriminals are using a new technique to run their phishing campaigns. This advanced phishing attack bypasses Gmail’s security filters. The phishing email seems to be genuine because the form address in the email is “
[email protected]” and it’s a valid signed email. The attack was discovered by “Nick…
Google’s second-generation Chromecast and Chromecast Audio hardware experienced a significant outage in March 2025, to the disappointment of users who were greeted with “untrusted device” error screens when trying to cast video. While initial speculation was that forced obsolescence was the cause, a closer look later revealed a more technical…
Overview of the Attack Currently, enormous brute force attack campaigns target the VPN, firewalls, and network security gateways to guess the login credentials and sneak in illegally. While it has been for quite some time since January 2025, it has ramped up of late. What makes the current onslaught more…
A zero-day vulnerability has been identified and actively exploited in Fortinet´s security appliances that would let the threat actors compromise firewalls and infiltrate enterprise networks. The vulnerability, tracked as CVE-2024-55591, affects multiple versions of FortiOS and FortiProxy and allows attackers to bypass authentication and gain super-admin privileges. This in-depth analysis…
Loading...
(11 votes, average: 4.64 out of 5)
