Indian government and educational websites, along with reputable financial brands, have experienced SEO poisoning, causing user traffic to be redirected to dubious sites promoting rummy and other investment games. Analysts at CloudSEK have found that threat actors are using black hat Search Engine Poisoning to promote Rummy and investment websites …

The Cyber Threat Intelligence Unit of BGD e-GOV CIRT has found 600 vulnerable PRTG instances in Bangladesh, affected by the critical CVE-2018-19410 vulnerability. This flaw allows remote, unauthenticated attackers to create admin users, risking unauthorized access and data breaches. It primarily impacts PRTG Network Monitor versions prior to 18.2.40.1683 and …

Amazon Web Services (AWS) has been named in an FIR after a builder claimed damages to the tune of Rs 150 crore over the loss of data stored with the cloud-service platform. The FIR was filed by the CCB’s Cyber Crime Police Station on February 11 following a complaint by …

CISA has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, known as CVE-2025-24200, which is currently being exploited in targeted attacks. An authorization bypass flaw in Apple’s USB Restricted Mode allows attackers with physical access to turn off security protections on locked devices, risking …

A major IoT data breach has exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device IDs. Cybersecurity researcher Jeremiah Fowler uncovered an unprotected database associated with Mars Hydro, a Chinese IoT grow light company, and LG-LED Solutions from California. He reported his findings to vpnMentor, which …

A serious authentication bypass vulnerability in SonicWall firewalls, called CVE-2024-53704, is currently being exploited, according to cybersecurity firms. The increase in attacks is due to the public release of exploit code by Bishop Fox on February 10, 2025, which raises risks for organizations with unpatched devices. CVE-2024-53704, with a CVSS …

AMD has released security patches for two high-severity vulnerabilities in its System Management Mode (SMM). If exploited, these could let attackers execute arbitrary code and compromise system integrity. CVE-2024-0179 and CVE-2024-21925 are high-severity vulnerabilities with a CVSS score of 8.2. AMD reported that these flaws, identified by Quarkslab, impact several …

Lazarus Group has initiated a complex global campaign aimed at software developers and cryptocurrency users. Operation Marstech Mayhem uses the group’s new implant, “Marstech1,” to access the software supply chain and steal sensitive data. The campaign signifies a major change in the group’s tactics, targeting hidden malware in open-source repositories …

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world. Spend a bit time to read out todays update: Zacks Investment Suffers Data Breach Impacting 12M …

RedMike (Salt Typhoon) targeted university devices in Bangladesh, likely to access research in telecommunications, engineering, and technology, especially from institutions like UCLA and TU Delft. Recorded Futureʼs Insikt Group identified the campaign targeted universities in various countries like Argentina, Indonesia, Malaysia, Mexico, the Netherlands, Thailand, the United States, and Vietnam. …