What's Hot
Recent cybersecurity disclosures have brought attention to a data exposure incident involving Raaga, a popular Indian music streaming platform. According to publicly available breach reports and security research findings, personal information linked to millions of user accounts was found exposed through an unsecured data source, raising concerns about user privacy and platform security. The incident is being referred to as the Raaga data breach, based on the scale of exposed records and the sensitivity of the information involved. What Is Known About the Raaga Data Breach Security researchers reported discovering a database containing user-related records that appeared to be associated…
Recent security research has brought attention to a previously unknown access-control weakness affecting certain Cloudflare-protected environments. The issue involves a specific request handling path that, under limited conditions, could allow traffic to reach backend hosts even when strict security rules are in place. According to technical analysis shared by independent researchers, the behavior was linked to how Cloudflare processes requests associated with automated certificate validation and related system paths. In some configurations, these requests were handled differently from standard web traffic, creating an unexpected route that bypassed normal filtering logic. Importantly, this issue does not indicate a failure of Cloudflare’s…
Microsoft is currently responding to a newly identified Windows zero-day vulnerability that security researchers have confirmed is being actively exploited in real-world attacks. The issue came to light after multiple incident reports showed attackers using the flaw before any official fix was publicly available, which by definition makes it a zero-day. According to the information shared by security researchers, the vulnerability affects a core Windows component that exists across multiple supported versions of the operating system. What makes this case serious is that exploitation was observed before disclosure, indicating that threat actors already had a working exploit while defenders were…
Beginner to Professional (Practical & Focused) The biggest problem in cybersecurity learning is not a lack of resources.It is lack of direction. This roadmap is written to help students avoid wasting time, avoid learning unnecessary things, and focus only on what is actually required for real cybersecurity roles. One important truth to understand from the start: You do NOT need to learn everything in cybersecurity. Phase 1: Learn Only the Basics That Matter Time required: 1–2 months At the beginning, many students either rush too fast or go too deep into topics they don’t need. Focus only on: You do…
Security researchers have reported a security risk in Google Vertex AI related to its default configuration. The issue allows users with low or read-level permissions to indirectly obtain high-privilege Service Agent access, which can impact enterprise cloud environments. The findings were disclosed by XM Cyber researchers and later reviewed by Google, which stated that the behavior aligns with the current design model. Researchers, however, demonstrated that this design can lead to real-world privilege escalation scenarios. Overview of the Issue Vertex AI uses Service Agents, which are Google-managed identities attached automatically to AI components for internal operations.These Service Agents are granted…
Cybersecurity researchers have uncovered a coordinated attack involving five malicious Google Chrome extensions that were falsely presented as tools related to enterprise platforms like Workday and NetSuite. These extensions were designed to silently take control of user accounts inside corporate environments. The extensions appeared legitimate on the surface but were actually created to steal active login sessions and block security response actions. Malicious Extensions Identified The following five Chrome extensions were confirmed as part of the same attack campaign: Most of these were published under different developer names, but security researchers confirmed they shared the same internal logic and backend…
A serious security flaw has been discovered in a popular WordPress plugin called Modular DS, and attackers are already abusing it to take control of websites. The vulnerability allows anyone on the internet to gain administrator access to a site without needing a username or password. Because of this, affected websites can be fully hijacked — content can be changed, malicious code can be inserted, users can be redirected to scam pages, and private data can be stolen. The issue exists in all versions of Modular DS up to version 2.5.1 and has been fixed in version 2.5.2. The plugin…
In late 2025, cybersecurity teams in Ukraine uncovered a highly targeted cyber-espionage campaign aimed at personnel connected to the country’s defense sector. The operation relied on a previously unseen malware strain known as PLUGGYAPE and marked a shift in how attackers deliver malicious software — by abusing trusted messaging platforms rather than traditional email. The campaign ran quietly for several weeks before being detected, and it was specifically designed to blend into normal daily communication patterns, making it extremely difficult for victims to identify the attack. How the Attack Worked Instead of using obvious phishing emails, the attackers reached out…
Artificial intelligence is not only being used for innovation — it is also being abused by cybercriminals to steal personal data at scale. In 2026, attackers no longer rely on basic phishing emails or malware alone. Instead, they use AI to automate, personalize, and scale attacks that trick people and systems into handing over sensitive information. This article explains how AI-powered data theft works and what individuals and businesses can do to reduce their risk. How AI Is Used to Steal Personal Data 1. AI-Generated Phishing That Looks Real Modern phishing is no longer poorly written or easy to detect.…
Security researchers have identified a new supply chain attack targeting the n8n workflow automation platform, where attackers uploaded multiple malicious packages to the npm registry disguised as legitimate community nodes. These packages were crafted to resemble official integrations, including connectors for Google Ads and performance monitoring services. Once installed, they presented standard configuration interfaces, encouraging users to authorize external accounts. The provided OAuth credentials were then covertly extracted and transmitted to attacker-controlled infrastructure. One of the malicious packages imitated a Google Ads connector and prompted users to link their advertising account through what appeared to be a genuine authorization form.…