BadCam BadUSB Attack Turns Linux Webcams Into Threats
The newly discovered BadCam BadUSB attack exposes a dangerous flaw in certain Linux-based webcams. Security researchers warn that the vulnerability could allow attackers to reprogram webcams into malicious USB devices, enabling persistent threats that survive even after system reinstallation. This finding has raised concerns over USB device trust and firmware security. How the BadCam Attack Works Security firm Eclypsium identified
Google Ads Data Breach Exposes Millions of Business Records
Google has confirmed a significant data breach involving information about potential Google Ads customers. The breach targeted one of the company’s Salesforce CRM instances, which is used to manage and track communication with prospective advertisers. According to Google, the attack took place in June 2025 and was carried out by the hacking group known as ShinyHunters, also referred to as
PBS Data Breach Exposes Employee Data on Discord Servers
The PBS data breach raises alarms. The personal information of nearly 4,000 employees was leaked on Discord servers frequented by fans of PBS Kids. The incident appears to stem from a breach of the organization's internal platform, MyPBS.org, and is now under investigation. What Was Leaked? The exposed file, shared publicly on Discord, contained sensitive information of 3,997 employees and
Pandora Data Breach Linked to Salesforce Attack Campaign
Jewelry giant Pandora has confirmed a data breach following a targeted attack on its Salesforce environment. The breach is part of a larger wave of cyberattacks orchestrated by cybercriminal groups exploiting misconfigured or vulnerable Salesforce customer accounts. Pandora disclosed the incident in customer notifications sent out on August 5, 2025. While the company emphasized that its core infrastructure was not
ShinyHunters Salesforce Breach Hits Qantas, Allianz Life, and LVMH
The hacking group ShinyHunters takes the spotlight again. This time tied to a wave of social engineering attacks that targeted Salesforce systems at major companies like Qantas, Allianz Life, and LVMH. The group exploited human trust, not software flaws, to access sensitive customer data across industries. Vishing Attacks Open the Door According to reports, attackers used vishing (voice phishing) to
Ingram Micro Hit by Ransomware Attack, Causing Global Service Outages
Ingram Micro, one of the world's largest IT distributors, has confirmed that a ransomware attack caused an ongoing outage affecting its systems and services. The incident, which began on July 3, 2025, has impacted the company's ability to process online orders, manage back-end systems, and provide essential services to partners and clients. The ransomware group, identifying itself as "SafePay," claims
Fake Websites Target Shoppers Ahead of Amazon Prime Day
As Amazon Prime Day approaches (July 8-11, 2025), cybercriminals are capitalizing on the shopping frenzy by unleashing a wave of fake websites designed to scam unsuspecting consumers. Recent research by cybersecurity experts at NordVPN has revealed the existence of over 120,000 fraudulent websites mimicking Amazon in just the past two months. What is Prime Day? Prime Day, one of the
McLaren Health Care Data Breach Exposes 743,000 Patients
McLaren Health Care has confirmed a major data breach that compromised the personal and medical details of 743,000 patients. The breach, which occurred in August 2023, was linked to the INC Ransomware gang, a rising threat in the cybercrime world. McLaren concluded its internal investigation in May 2025, nearly two years after the breach took place. What Data Did They
Debunking the 16 Billion Credentials Leak: What Really Happened
In the past week, alarming headlines have circulated across social media and tech news platforms: “16 billion credentials leak in a massive data breach!” The claim quickly sparked fear and speculation, suggesting one of the largest cybersecurity incidents in history. But there’s just one problem: it’s not technically true. Let’s break down what actually happened, why this misleading story went
Keyloggers Found on Outlook Login Pages in New Exploit
In a striking revelation, cybersecurity researchers have discovered JavaScript-based keyloggers silently operating on Outlook Web Access (OWA) login pages of Microsoft Exchange servers. These keyloggers Found on Outlook have been actively capturing credentials from users across dozens of compromised organizations, including government entities and private-sector firms worldwide. How the Attack Works The attackers injected custom JavaScript into the OWA login
