Cyber Security – Page 20 – Simply Secure Group

48M Gmail, 6.5M Instagram Exposed Online From Unprotected Database

A massive database containing 149 million stolen login credentials was discovered exposed online without password protection or encryption. Posing serious security risks to users of Gmail, Instagram, Facebook, Netflix, and thousands of other platforms worldwide. The publicly accessible database contained 149,404,754 unique logins and passwords harvested through infostealer malware and keylogging software. Each record included […]

Hackers Use rn Typo Trick to Impersonate Microsoft and Marriott in New Phishing Attack

A sophisticated “homoglyph” phishing campaign targeting customers of Marriott International and Microsoft. Attackers are registering domains that replace the letter “m” with the combination “rn” (r + n), creating fake websites that look nearly identical to the real ones. This technique, known as typosquatting or a homoglyph attack, exploits the way modern fonts display text. […]

CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog. This addition confirms that active exploitation of CVE-2024-37079 has been detected in the wild, posing a significant risk to enterprise environments that rely on vCenter for virtualization management. The vulnerability, originally […]

Microsoft Teams to Share your Location With Your Employer Soon Based on Wi-Fi Network

Microsoft is preparing to deploy a significant, potentially controversial update to Microsoft Teams that automatically detects and displays a user’s physical work location based on the Wi-Fi network they connect to. According to the latest update on the Microsoft 365 Roadmap (ID 488800), this feature is scheduled to begin rolling out in March 2026 for […]

Threat Actors Leverage SharePoint Services in Sophisticated AiTM Phishing Campaign

Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations through SharePoint file-sharing abuse. The multi-stage attack compromised multiple user accounts and evolved into widespread business email compromise (BEC) operations across several organisations. Initial Compromise Through Trusted Vendor The attack began with phishing emails sent from a compromised trusted vendor’s […]

Microsoft Shares BitLocker Keys with FBI to Unlock Encrypted Laptops in Guam Fraud Investigation

Microsoft gave U.S. federal agents the digital keys needed to unlock three encrypted laptops linked to a massive COVID unemployment scam in Guam. This case shows how cloud-stored encryption keys can help law enforcement, but also raises big privacy worries for everyday users. Early last year, in 2025, FBI investigators in Guam got a search […]

20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation

A critical backdoor vulnerability has been discovered in the LA-Studio Element Kit for Elementor, a popular WordPress plugin used by more than 20,000 active sites. This security flaw allows attackers to create administrator accounts without any authentication, putting thousands of websites at risk of complete takeover. The vulnerability, tracked as CVE-2026-0920, carries a CVSS score […]

MacSync macOS Infostealer Leverage ClickFix-style Attack to Trick Users Pasting a Single Terminal Command

A sophisticated macOS malware called MacSync has emerged as a dangerous new threat targeting cryptocurrency users through deceptive social engineering tactics. The infostealer operates as an affordable Malware-as-a-Service tool designed to harvest sensitive data from macOS systems by convincing victims to paste a single command into their Terminal application. Security researchers discovered MacSync while investigating […]

Nike Allegedly Hacked by WorldLeaks Ransomware Group

Athletic footwear and apparel manufacturer Nike has become the latest victim of WorldLeaks, a financially motivated ransomware group known for data extortion attacks. The group announced the breach on its darknet leak site on January 22, claiming responsibility for the incident and threatening to release stolen data on January 25, 2026, at 6 PM GMT. […]

New Osiris Ransomware Using Wide Range of Living off the Land and Dual-use Tools in Attacks

A newly discovered ransomware family called Osiris launched attacks against a major food service company in Southeast Asia during November 2025. Security researchers have identified this threat as a completely new malware variant with no connection to an older ransomware family that shared the same name in 2016. The emergence of Osiris marks another addition […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.