Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations, leveraging SharePoint file-sharing services to bypass traditional email security controls and compromise multiple user accounts. SharePoint Abuse for Initial Access The attack began with a phishing email sent from a compromised trusted vendor’s email address, embedding SharePoint URLs that mimicked […]

The post Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Waltio, a French crypto tax platform, is under siege from ShinyHunters, a notorious ransomware group claiming to hold the personal data of nearly 50,000 users.

Security researchers have attributed the attempted use of destructive "wiper" malware across Poland's energy infrastructure in late December to a Russian-backed hacking group known for causing power outages in neighboring Ukraine.

According to authorities, both suspects were in the United States unlawfully.

ShinyHunters claim more data breaches and leaks are coming soon!

That LinkedIn message pretending to be job offer could just be malwre.

TechCrunch obtained a sample of the stolen data, which contained names, email addresses, dates of birth, and the user's approximate geographic location. Under Armour confirmed some sensitive information was taken in the breach.

Unidentified hackers disrupted Iranian state television to broadcast messages from exiled Crown Prince Reza Pahlavi. Read about the economic crisis, the internet blackout, and the latest reports on the protest death toll.

A critical architectural weakness in Azure’s Private Endpoint deployments could allow both accidental and intentional denial of service (DoS) attacks against cloud resources. The vulnerability stems from how Azure’s Private DNS zone resolution interacts with hybrid networking configurations, potentially affecting over 5% of Azure storage accounts and multiple critical services. The Core Vulnerability The issue […]

The post Azure Private Endpoint Deployments Expose Cloud Resources to DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Everest ransomware group is claiming to have breached McDonald’s India, the Indian subsidiary of the American…

Critical iOS and iPadOS WebKit flaws put millions of iPhones and iPads at risk of silent takeover. Apple urges users to update immediately.

The post New iOS and iPadOS Flaws Leave Millions of iPhones at Risk appeared first on TechRepublic.

Security researchers found a Google Gemini flaw that let hidden instructions in a meeting invite extract private calendar data and create deceptive events.

The post Google Gemini Flaw Let Attackers Access Private Calendar Data appeared first on TechRepublic.

Critical iOS and iPadOS WebKit flaws put millions of iPhones and iPads at risk of silent takeover. Apple urges users to update immediately.

The post New iOS and iPadOS Flaws Leave Millions of iPhones at Risk appeared first on TechRepublic.

Security researchers found a Google Gemini flaw that let hidden instructions in a meeting invite extract private calendar data and create deceptive events.

The post Google Gemini Flaw Let Attackers Access Private Calendar Data appeared first on TechRepublic.

Huntress discovers 'CrashFix,' a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware.

RansomHouse claims to have breached Apple contractor Luxshare, but no evidence has been released. Links are offline and the breach remains unverified.

In late 2025 and early 2026, one of the world’s most advanced scientific organizations, the European Space Agency (ESA), faced a string of cyberattacks that exposed severe weaknesses in its cybersecurity posture. Hackers stole hundreds of gigabytes of data. Among the data stolen were proprietary software, credentials, and mission documents. As a final act, the […]

The post When Space Isn’t Safe: Inside the European Space Agency’s Massive Cyberattack appeared first on Kratikal Blogs.

The post When Space Isn’t Safe: Inside the European Space Agency’s Massive Cyberattack appeared first on Security Boulevard.

US officials told The New York Times that cyberattacks were used to turn off the lights in Caracas and disrupt air defense radars.

The post New Reports Reinforce Cyberattack’s Role in Maduro Capture Blackout appeared first on SecurityWeek.

Resecurity has identified PDFSIDER malware that exploits the legitimate PDF24 App to covertly steal data and allow remote access. Learn how this APT-level campaign targets corporate networks through spear-phishing and encrypted communications.

Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets.