Fake Websites Target Shoppers Ahead of Amazon Prime Day
As Amazon Prime Day approaches (July 8-11, 2025), cybercriminals are capitalizing on the shopping frenzy by unleashing a wave of fake websites designed to scam unsuspecting consumers. Recent research by cybersecurity experts at NordVPN has revealed the existence of over 120,000 fraudulent websites mimicking Amazon in just the past two months. What is Prime Day? Prime Day, one of the
McLaren Health Care Data Breach Exposes 743,000 Patients
McLaren Health Care has confirmed a major data breach that compromised the personal and medical details of 743,000 patients. The breach, which occurred in August 2023, was linked to the INC Ransomware gang, a rising threat in the cybercrime world. McLaren concluded its internal investigation in May 2025, nearly two years after the breach took place. What Data Did They
Debunking the 16 Billion Credentials Leak: What Really Happened
In the past week, alarming headlines have circulated across social media and tech news platforms: “16 billion credentials leak in a massive data breach!” The claim quickly sparked fear and speculation, suggesting one of the largest cybersecurity incidents in history. But there’s just one problem: it’s not technically true. Let’s break down what actually happened, why this misleading story went
Keyloggers Found on Outlook Login Pages in New Exploit
In a striking revelation, cybersecurity researchers have discovered JavaScript-based keyloggers silently operating on Outlook Web Access (OWA) login pages of Microsoft Exchange servers. These keyloggers Found on Outlook have been actively capturing credentials from users across dozens of compromised organizations, including government entities and private-sector firms worldwide. How the Attack Works The attackers injected custom JavaScript into the OWA login
Scattered Spider Strikes With Attacks on U.S. Insurance Firms
Google’s Threat Intelligence Group has issued a stark warning: the cybercriminal group known as Scattered Spider has shifted focus once again, this time toward U.S.-based insurance companies. Infamous for their high-profile breaches in the casino and retail sectors, this adaptable and increasingly aggressive group has now taken aim at a sector rich in sensitive data and operational vulnerabilities. Who Is
Fog Ransomware Turns Legitimate Tools Against Defenders
In May 2025, incident responders at a regional bank in Southeast Asia stumbled upon a ransomware intrusion that looked nothing like the smash‑and‑grab playbooks they were used to. Instead of Cobalt Strike, MimiKatz or custom droppers, the adversary - operators of the Fog ransomware - stitched together a workbench of legitimate admin utilities and niche open‑source red‑team projects. Because every binary
Rare Werewolf Targets Russian Devices for Crypto Mining
A stealthy cyber campaign called Rare Werewolf is silently siphoning computing power, and sensitive data from hundreds of devices across Russia. First observed in December 2024, this ongoing operation is targeting industrial organizations and engineering schools, with victims also reported in Belarus and Kazakhstan. Unlike the flashy ransomware attacks that dominate headlines, Rare Werewolf keeps a low profile. By blending
AT&T Data Breach Exposes 86 Million Records, Including SSNs
AT&T is under fire once again, but this time, it’s not just about poor service or billing issues – they suffered a data breach. In a deeply troubling turn of events, the personal data of approximately 86 million current and former customers has been leaked online, including an estimated 44 million Social Security Numbers (SSNs) in decrypted form. The breach
Play Ransomware Breaches 900 Victims Worldwide, FBI Confirms
The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) have issued a joint advisory revealing that the Play ransomware group (also known as Playcrypt) has compromised over 900 organizations globally as of May 2025. This marks a sharp increase from the 300 known victims in October 2023, underscoring the escalating threat posed by the group.
Victoria’s Secret Cyberattack Shuts Down the Company Website
At the end of May 2025, Victoria’s Secret experienced a major cyberattack that forced the company to take its U.S. website offline. The sudden shutdown disrupted online shopping for millions of customers and caused ripple effects across its retail operations. Although the company has not shared specific details about the nature of the attack, the disruption suggests it may have
