News – General

A new Android malware called NGate steals card details and PINs by abusing NFC features on infected phones. It tricks victims into tapping their physical card against the compromised device, capturing data and one-time codes used for instant ATM withdrawals. Criminals can then clone the card virtually and withdraw cash without needing physical access. ....

Google Chrome now lets users store driver’s licenses and passports in its autofill feature, promising encryption and permission-based access. While the data is protected within the browser, experts warn that storing such sensitive details in Chrome increases risk if your Google account is hacked or malware gains access. Chrome’s large market share makes it ....

In mid-November 2025, the report notes that Anthropic detected what appears to be one of the first autonomous AI-driven cyber-espionage campaigns, in which an AI agent (built using Claude Code) carried out most of a multi-stage attack with minimal human oversight. The document argues this marks a major shift: attackers may now scale operations ....

Researchers from the University of Vienna found a major flaw in WhatsApp’s contact-discovery feature that let them check tens of billions of phone numbers and extract about 3.5 billion registered user numbers, along with many users’ profile pictures and “about” texts. The weakness stemmed from minimal rate-limiting: they could probe roughly 100 million numbers ....

The article reveals a surge in fake calendar invites used as phishing attacks, where scammers send events that can’t easily be deleted and often reappear through synced devices, aiming to trick users into calling a number, clicking a link, or attending a fraudulent meeting. It explains how to remove these from platforms like Outlook, ....

According to Axios, executives at major companies (including many in the Fortune 500) are scrambling after Anthropic warned that a Chinese state-sponsored hacker group used its AI agent tools (notably Claude Code) to automate parts of cyber-espionage campaigns.  The incident signals a shift in cyber threat landscape, where malicious actors are increasingly harnessing AI ....

The article reveals a surge in fake calendar invites used as phishing attacks, where scammers send events that can’t easily be deleted and often reappear through synced devices, aiming to trick users into calling a number, clicking a link, or attending a fraudulent meeting. It explains how to remove these from platforms like Outlook, ....

Scammers are ramping up their attacks this holiday season, with FBI and Amazon warning of a surge in “account takeover” (ATO) fraud targeting shoppers. According to data from TransUnion, ATO incidents rose 21% from the first half of 2024 to the first half of 2025, and by 141% since the first half of 2021, ....

A ransomware attack on the CodeRED emergency alert system caused a nationwide outage and exposed personal data for millions of users, putting many communities at risk just as they rely on the service for urgent public warnings. The attackers stole customer information, including email addresses and passwords, which raised concerns about account security for ....

Researchers have uncovered a new wave of ClickFix attacks that trick Windows users into installing malware by faking legitimate system update screens and hiding malicious code in images. The scam begins with a full-screen browser page styled to look like the official “Windows Update” interface, prompting users to press Win+R, paste a command, and ....