Cybersecurity News: Latest Updates on Threats and Trends

Cybersecurity is constantly evolving to keep pace with new threats. Our cybersecurity news roundup brings you the latest on malware, ransomware, data breaches, and emerging cybersecurity trends. Learn how these updates impact businesses, governments, and individuals alike, and gain insights into best practices for protecting your digital assets. Stay one step ahead with essential information to keep your data safe and your systems secure.

GitHub Supply Chain Attack: CI/CD Secrets Exposed

GitHub Supply Chain Attack Exposes 23,000 Repositories – What You Need to Know

A significant supply chain attack on GitHub compromised approximately 23,000 repositories by exploiting a popular GitHub Action. The attackers tampered with the tj-actions/changed-files Action to steal sensitive CI/CD secrets from build logs. This incident underscores the growing threats to open-source security, necessitating immediate action from developers to rotate secrets and adopt more secure practices. The article details the attack's timeline, impact, and crucial steps for users to secure their GitHub repositories and CI/CD pipelines, emphasizing the shared responsibility in maintaining a secure development ecosystem. ... Read More
Website hacking attack

35,000+ Websites Hacked in Massive Cyberattack – Users Redirected to Chinese Gambling Sites!

A widespread cyberattack compromised over 35,000 websites by injecting malicious scripts that redirect visitors to Chinese gambling platforms. This attack, discovered in February 2025, injects code that takes over the entire browser window, often targeting users in Mandarin-speaking regions. Security researchers believe this campaign might be connected to the Megalayer exploit, known for distributing Chinese-language cyber threats. The article advises website owners to audit their code, block malicious domains, monitor for unauthorized changes, implement strong security policies, and keep their software updated to prevent such attacks. The impact on website owners includes traffic loss and reputational damage, while visitors face forced redirection to gambling sites. ... Read More
SpyLend Malware

SpyLend Malware on Google Play: Indian Users at Risk of Credential Theft!

A new Android malware called SpyLend is targeting Indian users through a fake finance app on the Google Play Store. This malware steals login credentials, personal data, and financial information by exploiting permissions and monitoring the clipboard. SpyLend uses tactics like blackmail and fake loan applications to trick users into downloading malicious APKs. The malware also evades detection using WebView API and a custom Command & Control server to harvest user credentials. Enterprises and users are advised to follow cybersecurity measures such as avoiding unknown apps, checking permissions, and using anti-malware tools to stay safe. ... Read More
Casio ransomware attack

Casio Confirms Oct. 08 Ransomware Attack: Were Passwords Compromised?

Casio recently experienced a ransomware attack that compromised customer data including names, addresses, and email addresses. While Casio believes passwords and financial details were not accessed, they are advising customers to be cautious and take steps to protect their accounts, such as changing passwords and monitoring for suspicious activity. The company has been transparent about the breach and is working with cybersecurity experts to enhance their defenses and secure their systems against future attacks. ... Read More