Hackers Breach Intelliloan, Expose SSNs and Driver’s Licenses
Intelliloan has notified customers of a March 2025 hack that exposed sensitive PII such as Social Security numbers, driver’s licenses, and financial data across its systems.
Read More
AWS Outage Forces Spotlight on Amazon Engineering Talent Loss
The recent outage at AWS’s US-EAST-1 region grounded dozens of major services and exposed a deeper issue: the loss of senior engineering expertise at Amazon. As widespread apps and platforms went offline, one question loomed large: Can the world’s largest cloud infrastructure sustain itself amid massive talent reductions? Below, we analyse the root causes, implications and lessons for infrastructure reliability.
Inside FvncBot – New Android Malware Hijacking Banking Apps
FvncBot is a new Android banking trojan capable of keylogging, screen streaming, overlays, and remote control — letting attackers steal credentials and hollow out bank accounts. This article breaks down how it works, why it matters, and how to defend against it.
Europol Raid Ends Multi-Nation SIM-Farm Used for SMS Phishing
Europol has shut down a cross-border SIM-farm network used to automate smishing and VoIP fraud, seizing equipment, servers, and arresting dozens of operators.
Hackers Exploit Microsoft Tenant Invitations for TOAD Phishing
Threat actors are abusing Microsoft Entra tenant invitations to run TOAD (Telephone-Oriented Attack Delivery) phishing campaigns that look like legitimate Microsoft 365 billing notifications. Instead of pushing links or attachments, they convince users to call attacker-controlled “support” numbers, where credentials and remote-access authorizations are harvested. This analysis explains how the attack chain works, which guest invitation properties are being misused, and how security teams can hunt for and mitigate these callbacks.
CometJacking Turns Browser Sessions into Covert Proxy Channels
CometJacking abuses browser WebSockets to hijack user connections, turning them into proxy nodes with a single click. The exploit marks a new wave of malware-less attacks that rely on web technologies rather than traditional payloads.
Japan’s Long-Term Struggle Against Persistent Ransomware
Japanese organizations continue facing ransomware incidents that cause months of operational disruption. This investigative analysis explores how long-tail damage unfolds, why attackers target Japan’s supply chain ecosystem, and how companies can strengthen long-term resilience.
Nefilim Ransomware Affiliate Pleads Guilty After Capture
A Ukrainian hacker has pled guilty in the Nefilim ransomware affiliate arrest, confirming his role in targeted extortion campaigns. This article examines the investigation, attack methods, and the broader implications for enterprise cybersecurity teams.
Massive Apple Cyber-Threat Alert Hits 84 Countries: What It Means
Apple has issued a sweeping new round of cyber-threat notifications to users across 84 countries, signaling a global escalation in targeted spyware operations. This analysis explains what triggered the alerts, how attackers operate, and what high-risk users must do immediately.
Kraken Ransomware Targets Windows, Linux, and VMware ESXi
Kraken ransomware has quickly evolved into a cross-platform threat that can disrupt Windows, Linux, and VMware ESXi environments in a single campaign. By abusing SMB exposure, tunneling through Cloudflared, and using benchmark-driven encryption, the group focuses on high-value data, double extortion, and maximum downtime for large enterprises.