What's Hot
In January 2026, cybersecurity researchers reported that personal data belonging to approximately 17.5 million Instagram users was being circulated and traded on underground cybercrime forums and illicit data marketplaces. The dataset was discovered on invitation-only forums and dark web platforms commonly used by cybercriminal groups to exchange stolen databases, phishing resources, and access credentials. According to researchers monitoring these forums, the dataset was advertised as an “Instagram user records dump” and was being shared either for direct sale, exchanged for other stolen data, or distributed to selected forum members to build reputation within cybercrime communities. The exposed data reportedly includes…
Kali Linux is often described as a “hacking OS,” but that description is incomplete and misleading.In reality, Kali Linux is a professional security testing and learning platform designed for penetration testers, SOC analysts, blue-team engineers, and cybersecurity students. It brings together hundreds of tools that support different parts of the security lifecycle — discovery, analysis, testing, and response. For beginners, this can feel overwhelming. This guide solves that problem by: No myths, no hype — only practical guidance. ⚠️ Ethical Reminder: Always test only systems you own or have explicit permission to test. 1. Nmap — Understanding What Exists on…
A sophisticated cyberattack campaign targeting VMware ESXi environments has been uncovered, in which Chinese-speaking threat actors exploited previously unknown vulnerabilities to escape from virtual machines and gain control of the underlying hypervisor. Cybersecurity researchers at Huntress detected the activity in December 2025 and stopped the intrusion before it could reach its final stage. Analysts believe the operation could have been used to deploy ransomware or maintain long-term access to enterprise infrastructure. The attackers initially gained access by compromising a SonicWall VPN appliance. After establishing a foothold, they deployed a custom exploit toolkit designed specifically to target VMware ESXi systems at…
Modern web browsers have become powerful platforms that host sensitive work, communication, and decision-making tools — especially artificial intelligence services such as ChatGPT and DeepSeek. As a result, browser activity now contains some of the most sensitive personal and business data users handle. This makes browsers, extensions, and AI tools attractive targets for data harvesting and surveillance. Protecting yourself requires understanding where risks come from and how to reduce exposure. Why Browser Extensions Are a Security Risk Browser extensions run with deep access inside the browser environment. Depending on permissions, an extension may be able to: Even extensions that appear…
Cybersecurity researchers have uncovered a coordinated abuse of the Google Chrome Web Store involving two browser extensions that were secretly designed to collect and exfiltrate user conversations from artificial intelligence platforms such as ChatGPT and DeepSeek, along with detailed browsing information. The extensions appeared as legitimate AI productivity tools and were marketed as helpers that integrate multiple AI models into the browser. However, behind the scenes, they operated as surveillance tools that quietly harvested sensitive data and transmitted it to servers controlled by unknown threat actors. Investigators confirmed that the two extensions together had been installed by more than 900,000…
The first days of 2026 have already shown that cyber threats didn’t reset with the new year. Instead of dramatic headline-grabbing attacks, most incidents this week followed a familiar pattern — quiet abuse of trusted systems that people use every day. Browser extensions, software updates, login notifications, and even AI tools were misused in ways that felt normal to users, but harmful in reality. That is what made these attacks effective. Below is a summary of the most important cybersecurity developments from this week, explained in simple terms. A Silent Botnet Campaign Is Still Growing Security researchers confirmed that a…
Leduc County, a local government authority in Alberta, Canada, has confirmed that it was the victim of a ransomware cyberattack that disrupted its internal IT systems. The incident was detected on December 25, 2025, when officials noticed unusual activity and partial system outages. A forensic investigation later confirmed that the disruption was caused by a malicious ransomware attack. What Happened? According to county officials, attackers attempted to compromise internal digital systems and restrict access to critical services. As a precaution, several systems were taken offline to prevent further damage and to secure sensitive information. The county immediately engaged a professional…
These platforms are widely used by students and professionals to learn practical cybersecurity skills through hands-on labs, challenges, and real-world simulation. 1. TryHackMe What it is:An online learning platform that teaches cybersecurity through guided, hands-on labs. What students learn: Why it’s good: Best for: Beginners to intermediate learners. 2. Hack The Box Academy What it is:A technical training platform focused on offensive and defensive security. What students learn: Why it’s good: Best for: Intermediate to advanced students. 3. PortSwigger Web Security Academy What it is:A free learning platform focused entirely on web application security. What students learn: Why it’s good:…
A cyber espionage group tracked as Transparent Tribe has been linked to a new wave of targeted attacks against Indian government agencies, academic institutions, and strategic research organizations. The campaign uses socially engineered delivery mechanisms and living-off-the-land binaries to deploy a remote access trojan (RAT) that enables long-term access and data collection from compromised systems. Initial Access The attack chain begins with spear-phishing emails carrying compressed archives that contain Windows shortcut (LNK) files disguised as legitimate PDF documents. The LNK files are crafted to execute hidden commands while simultaneously displaying a decoy document to avoid raising suspicion. When opened, the…
1. Nessus Type: Vulnerability Scanner What it does:Nessus scans servers, networks, and systems to find known security vulnerabilities, outdated software, and misconfigurations. Used for:Identifying weak points in IT infrastructure before attackers can exploit them. Why it matters:It helps organizations understand what is exposed and what needs patching. 2. Metasploit Type: Penetration Testing Framework What it does:Metasploit allows security teams to safely test whether vulnerabilities can actually be exploited. Used for:Simulating real-world attacks to verify the impact of vulnerabilities. Why it matters:It shows whether a reported vulnerability is truly dangerous or just theoretical. 3. Wireshark Type: Network Protocol Analyzer What it…