What's Hot
Over the past few days, several social media users have reported receiving and seeing images that promote a cryptocurrency giveaway allegedly linked to Elon Musk. The images appear to resemble posts from social media platforms and claim that users can receive cryptocurrency rewards by visiting certain external websites. Upon review, these images do not originate from any official announcement or verified communication channel. Cybersecurity professionals identify this activity as part of an ongoing online fraud pattern that uses misleading visuals and well-known public names to attract attention. The content is typically shared through reposts, direct messages, or temporary stories. In…
Cybersecurity researchers are warning about an ongoing wave of attacks targeting exposed MongoDB database instances on the internet. In these attacks, hackers are not stealing data — instead, they are completely deleting databases and replacing them with ransom notes demanding payment. The attacks mainly affect MongoDB servers that are misconfigured and accessible without authentication. Attackers use automated scanning tools to find such databases, gain access within seconds, erase all collections, and then create a new database containing a ransom message. Victims are asked to pay a small amount in cryptocurrency in exchange for a claimed data recovery solution. Security experts…
Cybersecurity is one of the most misunderstood fields in technology. Many people think it only means hacking, but in reality, cybersecurity is a large ecosystem of specialized domains, each with a unique role in protecting digital systems, users, and data. This guide explains all major and currently relevant cybersecurity domains in a clear and structured way, so students can finally understand: The aim is simple: no confusion, no hype, only clarity. 1. Security Operations Center (SOC) A Security Operations Center (SOC) is the core monitoring hub of cybersecurity.SOC teams work continuously to detect, analyze, and respond to security threats before…
Popular dating platforms Bumble and Match Group are investigating a cybersecurity incident after a known cybercrime group claimed unauthorized access to certain internal data. The claims surfaced in late January and are currently under review by security teams and external experts. The threat actor, identified as ShinyHunters, is known for targeting large consumer platforms using social-engineering techniques such as phishing and voice-based scams. According to cybersecurity researchers, the group alleged access to limited datasets linked to internal systems rather than core user databases. What data was involved Based on information shared by security analysts and company statements, the exposed material…
Hong Kong experienced its highest-ever number of cyber incidents in 2025, raising serious concerns among cybersecurity authorities and businesses. Official data shows that 15,877 cybersecurity incidents were recorded during the year, marking a significant increase compared to previous years. The sharp rise was largely driven by phishing attacks, which have evolved rapidly with the use of Artificial Intelligence. Cybercriminals are now using AI tools to craft emails and messages that closely imitate real communication from banks, employers, service providers, and government-related platforms. These messages often appear legitimate, making them difficult for users to identify as fraudulent. Security experts have warned…
Security researchers have disclosed a new and sophisticated AI jailbreak technique known as Semantic Chaining, which can bypass safety and content moderation filters in advanced multimodal AI systems, including Grok 4 and Gemini Nano Banana Pro. The technique allows restricted content to be generated through a sequence of seemingly harmless prompts, highlighting a critical weakness in how modern AI safety systems interpret intent. The issue does not stem from a single broken filter but from how these models process multi-step reasoning across separate interactions. Instead of issuing a direct prohibited request, attackers gradually guide the model through a series of…
Moltbot is a personal AI assistant tool that has recently gained attention across developer and cybersecurity communities due to concerns around how it is being deployed and used. The tool is designed to run locally or on self-hosted environments and offers automation features such as task execution, coding assistance, integrations with external services, and interaction through chat-based commands. The rising popularity of Moltbot has led to a large number of installations on personal systems, servers, and cloud instances. However, security professionals have observed that many deployments are being exposed to the internet without adequate access controls. In such cases, Moltbot…
India’s Digital Personal Data Protection Act (DPDP Act), 2023 has introduced one of the strictest penalty frameworks for data breaches in the country’s legal history. For companies handling personal data, a breach is no longer just a technical failure—it is now a serious financial and legal risk. This article explains exactly how much fine a company can face, when penalties apply, and how regulators decide the amount. Maximum Penalty Under the DPDP Act Under the DPDP Act, companies (referred to as Data Fiduciaries) can face penalties of up to: ₹250 crore for a single instance of non-compliance This is not…
SoundCloud, the popular global audio streaming platform, has confirmed a large-scale data exposure incident affecting approximately 29.8 million user accounts, making it one of the most significant cybersecurity incidents reported in early 2026. The breach traces back to unauthorized activity detected in December 2025, though the full scale of the incident became public only in January 2026 after the exposed dataset surfaced online. Unlike traditional cyberattacks involving direct database compromise, this incident stemmed from a sophisticated data enumeration and scraping technique that exploited platform functionality. How the Breach Happened According to cybersecurity researchers, the attackers abused a mechanism that allowed…
were notified by the Government of India under the Information Technology Act, 2000 and came into force on 11 April 2011. These rules regulate how organizations handle Sensitive Personal Data or Information (SPDI) in electronic form and impose legal accountability for negligence in data protection. Applicability The rules apply to every body corporate, including companies, firms, sole proprietorships, and professional entities that: Foreign entities are also covered if the data processing has a nexus with India. Sensitive Personal Data or Information (SPDI) SPDI under the rules includes: Information that is publicly available or disclosed under the RTI Act is excluded.…