News Gist .News

Articles | Politics | Finance | Stocks | Crypto | AI | Technology | Science | Gaming | PC Hardware | Laptops | Smartphones | Archive

Tata Technologies Hacked by Ransomware Group for 1.4TB Dataset

Tata Technologies has been targeted by a ransomware group that has listed a 1.4TB dataset for sale online, allegedly containing over 730,000 files stolen during the attack in February 2025. The dataset was initially offered for $6.8 million, but its price has since dropped to an unknown amount due to a countdown timer set by the hackers. The firm's investigation into the incident is ongoing, and no further details have been provided about the type of information that was stolen.

See Also

More Reports Claim 2024 Was the Worst Year for Ransomware Attacks Yet. Δ1.76

2024 has been marked as a record-breaking year for ransomware attacks, with a 65% increase in detected groups and 44 new malware variants contributing to almost a third of undisclosed attacks. The healthcare, government, and education sectors were disproportionately affected, while emerging groups like LockBit and RansomHub accounted for a significant number of incidents, highlighting the growing sophistication of cybercriminals. As organizations face escalating financial and reputational risks, the need for proactive cybersecurity measures has never been more urgent.

Cyberattack on Ntt Reveals Weaknesses in Global Telecommunications Infrastructure Δ1.75

NTT Communications has suffered a devastating cyberattack that compromised sensitive data of almost 18,000 corporate customers. The breach occurred in late February and saw the theft of key customer information, including contract numbers, names, contact details, and service usage records. NTT has acknowledged the breach but remains tight-lipped about the identity of the attackers or how they accessed its systems.

Ransomware Dominates Cybersecurity Threats in 2024 Δ1.74

The modern-day cyber threat landscape has become increasingly crowded, with Advanced Persistent Threats (APTs) becoming a major concern for cybersecurity teams worldwide. Group-IB's recent research points to 2024 as a 'year of cybercriminal escalation', with a 10% rise in ransomware compared to the previous year, and a 22% rise in phishing attacks. The "Game-changing" role of AI is being used by both security teams and cybercriminals, but its maturity level is still not there yet.

Malware Hijacks Nearly 1 Million Windows Devices in Advanced Malvertising Attack Δ1.73

A broad overview of the four stages shows that nearly 1 million Windows devices were targeted by a sophisticated "malvertising" campaign, where malware was embedded in ads on popular streaming platforms. The malicious payload was hosted on platforms like GitHub and used Discord and Dropbox to spread, with infected devices losing login credentials, cryptocurrency, and other sensitive data. The attackers exploited browser files and cloud services like OneDrive to steal valuable information.

Infostealer Malware Stole 493 Million Accounts: How Your Data May Have Been Compromised Δ1.73

Recently, news surfaced about stolen data containing billions of records, with 284 million unique email addresses affected. Infostealing software is behind a recent report about a massive data collection being sold on Telegram, with 23 billion entries containing 493 million unique pairs of email addresses and website domains. As summarized by Bleeping Computer, 284 million unique email addresses are affected overall.

Chinese Hackers Who Targeted Key US Infrastructure Charged by Justice Department Δ1.71

The US Department of Justice has announced charges against 12 Chinese hackers accused of targeting over 100 American companies, including the US Treasury. These individuals allegedly played a "key role" in recent cyberattacks and were linked to state-sponsored hacking groups, exploiting vulnerabilities in enterprise software. The DoJ also brought charges against eight individuals from organization Anxum Information Technology Co., Ltd., which was reportedly paid by Chinese authorities for its services.

BadBox Malware Hit After Infecting Over 500,000 Android Devices Δ1.71

Cybersecurity experts have successfully disrupted the BadBox 2.0 botnet, which had compromised over 500,000 low-cost Android devices by removing numerous malicious apps from the Play Store and sinkholing multiple communication domains. This malware, primarily affecting off-brand devices manufactured in mainland China, has been linked to various forms of cybercrime, including ad fraud and credential stuffing. Despite the disruption, the infected devices remain compromised, raising concerns about the broader implications for consumers using uncertified technology.

US Indictments of Chinese Hackers Raise Global Concerns About Cybersecurity Δ1.71

The U.S. government has indicted a slew of alleged Chinese hackers, sanctioned a Chinese tech company, and offered a $10 million bounty for information on a years-long spy campaign that targeted victims across America and around the world. The indictment accuses 10 people of collaborating to steal data from their targets, including the U.S. Defense Intelligence Agency, foreign ministries, news organizations, and religious groups. The alleged hacking scheme is believed to have generated significant revenue for Chinese intelligence agencies.

Aviaton Firms Hit by Devious New Polyglot Malware Δ1.71

Aviation firms in the United Arab Emirates (UAE) were recently targeted by a highly sophisticated business email compromise (BEC) attack looking to deploy advanced malware. The attackers used a compromised email account to share polyglot files with their victims, which deployed a hidden backdoor against aviation firms. Cybersecurity researchers Proofpoint observed that these attacks started in late 2024 and target organizations with a distinct interest in aviation and satellite communications.

Zapier Data Breach Raises Concerns Over Customer Information Security. Δ1.70

Zapier, a popular automation tool, has suffered a cyberattack that resulted in the loss of sensitive customer information. The company's Head of Security sent a breach notification letter to affected customers, stating that an unnamed threat actor accessed some customer data "inadvertently copied to the repositories" for debugging purposes. Zapier assures that the incident was isolated and did not affect any databases, infrastructure, or production systems.

Hackers Launder Most of Bybit's Stolen Crypto Worth $1.4B Δ1.70

The hackers who stole around $1.4 billion in cryptocurrency from crypto exchange Bybit have moved nearly all of the robbed proceeds and converted them into Bitcoin, in what experts call the first phase of the money-laundering operation. This digital heist is considered one of the largest in history, with blockchain monitoring firms and researchers accusing the North Korean government of being behind it. The hackers' ability to launder the funds quickly highlights the challenges for investigators trying to track down the stolen cryptocurrency.

Researchers Uncover Unknown Android Flaws Used to Hack Into a Student's Phone Δ1.70

Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On Friday, Amnesty International published a report detailing a chain of three zero-day vulnerabilities developed by phone-unlocking company Cellebrite, which its researchers found after investigating the hack of a student protester’s phone in Serbia. The flaws were found in the core Linux USB kernel, meaning “the vulnerability is not limited to a particular device or vendor and could impact over a billion Android devices,” according to the report.

Lee Enterprises Ransomware Attack Hits Freelance and Contractor Payments Δ1.70

The Lee Enterprises ransomware attack is affecting the company's ability to pay outside vendors, including freelancers and contractors, as a result of the cyberattack that began on February 3. The attack has resulted in widescale outages and ongoing disruption at dozens of newspapers across the United States, causing delays to print editions and impacting various aspects of the company's operations. Lee Enterprises has confirmed that hackers "encrypted critical applications," including those related to vendor payments.

Human Rights Abused: Governments Exploit Vulnerabilities to Silence Critics Δ1.70

Amnesty International has uncovered evidence that a zero-day exploit sold by Cellebrite was used to compromise the phone of a Serbian student who had been critical of the government, highlighting a campaign of surveillance and repression. The organization's report sheds light on the pervasive use of spyware by authorities in Serbia, which has sparked international condemnation. The incident demonstrates how governments are exploiting vulnerabilities in devices to silence critics and undermine human rights.

Microsoft Warns of Chinese Hackers Targeting Cloud Apps to Steal Business Data Δ1.70

Microsoft's Threat Intelligence has identified a new tactic from Chinese threat actor Silk Typhoon towards targeting "common IT solutions" such as cloud applications and remote management tools in order to gain access to victim systems. The group has been observed attacking a wide range of sectors, including IT services and infrastructure, healthcare, legal services, defense, government agencies, and many more. By exploiting zero-day vulnerabilities in edge devices, Silk Typhoon has established itself as one of the Chinese threat actors with the "largest targeting footprints".

India's Angel One Says Assessing Impact After Security Breach Δ1.70

Indian stock broker Angel One has confirmed that some of its Amazon Web Services (AWS) resources were compromised, prompting the company to hire an external forensic partner to investigate the impact. The breach did not affect clients' securities, funds, and credentials, with all client accounts remaining secure. Angel One is taking proactive steps to secure its systems after being notified by a dark-web monitoring partner.

North Korean Hackers Cash Out Hundreds of Millions From $1.5bn ByBit Hack Δ1.70

Hackers have successfully laundered at least $300m of their record-breaking $1.5bn crypto heist, leaving only unrecoverable funds in the process. The infamous Lazarus Group, thought to be working for the North Korean regime, is believed to be working nearly 24 hours a day to confuse the money trail and convert the digital tokens into usable cash. ByBit has replenished some of the stolen coins with loans from investors but is waging war on Lazarus.

China’s Government Hacks US Organizations for Financial Gain Δ1.70

The Department of Justice has criminally charged 12 Chinese nationals for their involvement in hacking over 100 US organizations, including the Treasury, with the goal of selling stolen data to China's government and other entities. The hackers used various tactics, including exploiting email inboxes and managing software, to gain access to sensitive information. China's government allegedly paid "handsomely" for the stolen data.

Protecting Yourself From Vishing Attacks Surged 442% Last Year Δ1.70

Vishing attacks have skyrocketed, with CrowdStrike tracking at least six campaigns in which attackers pretended to be IT staffers to trick employees into sharing sensitive information. The security firm's 2025 Global Threat Report revealed a 442% increase in vishing attacks during the second half of 2024 compared to the first half. These attacks often use social engineering tactics, such as help desk social engineering and callback phishing, to gain remote access to computer systems.

Chinese Hackers-for-Hire Linked to Treasury Breach Charged by Justice Department Δ1.70

The Department of Justice has announced criminal charges against 12 Chinese government-linked hackers who are accused of hacking more than 100 American organizations, including the U.S. Treasury, over the course of a decade. The charged individuals all played a “key role” in China’s hacker-for-hire ecosystem, targeting organizations for the purposes of “suppressing free speech and religious freedoms.” The Justice Department has also confirmed that two of the indicted individuals are linked to the China government-backed hacking group APT27.

Malware Botnet Spreads Across 1.6 Million Android Tvs Δ1.70

The Vo1d botnet has infected over 1.6 million Android TVs, with its size fluctuating daily. The malware, designed as an anonymous proxy, redirects criminal traffic and blends it with legitimate consumer traffic. Researchers warn that Android TV users should check their installed apps, scan for suspicious activity, and perform a factory reset to clean up the device.

Web DDoS Attacks See Major Surge as AI Allows More Powerful Attacks Δ1.70

Layer 7 Web DDoS attacks have surged by 550% in 2024, driven by the increasing accessibility of AI tools that enable even novice hackers to launch complex campaigns. Financial institutions and transportation services reported an almost 400% increase in DDoS attack volume, with the EMEA region bearing the brunt of these incidents. The evolving threat landscape necessitates more dynamic defense strategies as organizations struggle to differentiate between legitimate and malicious traffic.

Fortifying the UK’s Energy Sector: The Cybersecurity Imperative in an AI-Driven Future. Δ1.69

The UK's push to advance its position as a global leader in AI is placing increasing pressure on its energy sector, which has become a critical target for cyber threats. As the country seeks to integrate AI into every aspect of its life, it must also fortify its defenses against increasingly sophisticated cyberattacks that could disrupt its energy grid and national security. The cost of a data breach in the energy sector is staggering, with the average loss estimated at $5.29 million, and the consequences of a successful attack could be far more severe.

The Biggest Data Breaches of 2025 — so Far Δ1.69

2025 has already emerged as a significant year for data breaches, with incidents affecting millions, including sensitive student and health records. Notably, the PowerSchool breach has been highlighted as one of the largest, impacting over 62 million students and teachers, while other breaches have compromised U.S. federal government data and healthcare information. The sheer scale of these breaches underscores the pressing concerns surrounding data security and the vulnerabilities inherent in various systems.

Breaking Into Code: Security Threat Impacts Customer Data at Zapier Δ1.69

Zapier has disclosed a security incident where an unauthorized user gained access to its code repositories due to a 2FA misconfiguration, potentially exposing customer data. The breach resulted from an "unauthorized user" accessing certain "certain Zapier code repositories" and may have accessed customer information that had been "inadvertently copied" to the repositories for debugging purposes. The incident has raised concerns about the security of cloud-based platforms.