Cybersecurity researchers recently revealed a coordinated cloud-based scanning attack that targeted 75 different exposure points earlier this month. On May 8, 2025, GreyNoise observed activity from 251 malicious IP addresses located in Japan and hosted by Amazon. “These IPs triggered 75 distinct behaviors, including CVE exploits, misconfiguration probes, and recon …
Read More »Evaly E-commerce Platform Allegedly Hacked
Evaly, a Bangladeshi e-commerce platform, is reportedly facing a major data breach that may have exposed sensitive information of around 783,611 customers and merchants. This incident is said to have occurred today, May 23, 2025. Evaly’s website currently displays a message stating, “HACKED, I HAVE ALL CUSTOMER DATA. EVALY STAFF …
Read More »184 Million Leaked Credentials Discovered in Open Database
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak ones, and enable multi-factor authentication. Although the database is not new, it shows the ongoing circulation of leaked data from major platforms like Apple, Google, Microsoft, Amazon, Facebook, Instagram, and …
Read More »Researchers found 200 billion files exposed in cloud buckets
Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company focused on dark web monitoring and threat intelligence, reports its vulnerability search tool has found over 660,000 exposed buckets and 200 billion leaking files from seven major cloud providers. Filtering …
Read More »Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors, with 406 incidents publicly reported as ransomware attacks, accounting for seven percent of all ransomware incidents during that time. Why Finance? The financial sector consistently ranks as one of the …
Read More »Commvault Confirms Its Azure Cloud Environment Breach via Zero-Day Attack
Commvault confirmed that a sophisticated cyberattack exploiting a zero-day vulnerability breached its Azure cloud environment earlier this week. On February 20, 2025, Microsoft notified Commvault of unauthorized activity in its Azure cloud environment. Commvault announced its immediate response, activating incident protocols and involving leading cybersecurity experts and law enforcement. The …
Read More »Ransomware Attack On Biopharma : Hacker seeks $80k
Indian Pimpri Chinchwad police’s cyber cell is looking into a complaint where a hacker demanded $80,000 (over Rs 68 lakh) from a biopharmaceutical company in Hinjewadi to release encrypted data he had stolen. A senior employee contacted the police on Monday following a threatening email received on April 27. A …
Read More »Ticket resaler exposed 520,054 records size of 200 GB
Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database with 520,054 records from an event ticket resale platform and reported it to vpnMentor. The unprotected public database had 520,054 records totaling 200 GB. It was labeled as containing customer inventory files in PDF, JPG, PNG, and JSON formats. A review of …
Read More »Massive Attack: Hacker Actively Use 4800+ IPs To Attack Git Configuration Files
A recent increase in cyber reconnaissance has endangered thousands of organizations, as GreyNoise, a global threat intelligence platform, reported a significant rise in attempts to access sensitive Git configuration files. On April 20 and 21, GreyNoise recorded over 4,800 unique IPs targeting these files, marking a record high and indicating …
Read More »‘SessionShark’ ToolKit Bypasses Microsoft Office 365 MFA
The SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn about real-time attacks using fake login pages and Telegram alerts. SlashNext security experts have found a new tool, “SessionShark,” used by cyber criminals to steal Microsoft Office 365 login information. It can bypass multi-factor authentication (MFA), …
Read More »