Cybercriminals are leveraging Hacklink to manipulate search engine rankings and load malware to compromised sites.
Posted inCybersecurity News

Cybercriminals are leveraging Hacklink to manipulate search engine rankings and load malware to compromised sites.

Cybercriminals are using a black-market SEO platform called Hacklink to manipulate search engine rankings and promote malicious content through compromised websites. Hacklink serves as a marketplace where attackers can purchase access to thousands of compromised sites, often targeting high-reputation domains such as .gov, .edu, or country-code TLDs. These domains are highly valued for their trustworthiness in search algorithms.
Emerging group, Water Curse, is weaponizing GitHub repositories and targeting cybersecurity professionals.
Posted inCybersecurity News

Emerging group, Water Curse, is weaponizing GitHub repositories and targeting cybersecurity professionals.

A newly identified threat actor, known as Water Curse, has launched a sophisticated supply chain attack targeting information security professionals, developers, red teamers, game developers, and DevOps teams. The campaign leverages weaponized GitHub repositories—at least 76 compromised accounts—to distribute advanced, multistage malware through seemingly legitimate open-source projects.
US insurance industry warned of uptick in Scattered Spider attacks.
Posted inCybersecurity News

US insurance industry warned of uptick in Scattered Spider attacks.

Cybersecurity experts and Google’s Threat Intelligence Group (GTIG) issued urgent warnings to the US insurance industry regarding a surge of cyberattacks believed to be orchestrated by the hacker collective known as Scattered Spider. This group, also tracked as UNC3944, 0ktapus, Muddled Libra, and other aliases, is infamous for sophisticated social engineering campaigns that have previously targeted sectors such as retail, casinos, telecommunications, and financial services in both the US and UK.
New research suggests several legit AdTech companies, including Los Pollos and RichAds, are linked with cybercriminal operations.
Posted inCybersecurity News

New research suggests several legit AdTech companies, including Los Pollos and RichAds, are linked with cybercriminal operations.

Recent research from Infoblox Threat Intel has uncovered extensive links between seemingly legitimate AdTech companies—specifically Los Pollos, Partners House, BroPush, and RichAds—and cybercriminal operations, particularly those distributing malware and running large-scale scam campaigns through compromised websites.
Washington Post breach leaks journalists’ email accounts and sensitive email messages.
Posted inCybersecurity News

Washington Post breach leaks journalists’ email accounts and sensitive email messages.

In mid-June 2025, The Washington Post disclosed a significant cyberattack targeting its email system, resulting in the compromise of several journalists’ Microsoft email accounts. The breach was discovered on a Thursday evening, and staff were notified via an internal memo on Sunday, June 15, 2025. The memo, signed by Executive Editor Matt Murray, described the breach as a “possible targeted unauthorized intrusion”.
NIST offers SP 1800-35 comprehensive guide to Zero Trust Architecture (ZTA) with 19 real-world examples.
Posted inCybersecurity News

NIST offers SP 1800-35 comprehensive guide to Zero Trust Architecture (ZTA) with 19 real-world examples.

NIST Special Publication 1800-35 (SP 1800-35) is a comprehensive guide developed by the National Institute of Standards and Technology (NIST) to help organizations implement a Zero Trust Architecture (ZTA) in modern enterprise environments. This publication is the result of collaborative work between NIST’s National Cybersecurity Center of Excellence (NCCoE) and 24 industry vendors, aimed at demonstrating end-to-end zero trust solutions using commercially available technologies.