The Breach News

Android Apps Containing North Korean Spyware Discovered on Google Play

Researchers have uncovered a concerning development involving several Android applications that were available on Google Play, despite passing the platform’s security checks. These apps have reportedly been functioning as surveillance tools, quietly transmitting sensitive user data to North Korean intelligence operatives. Identified as KoSpy by Lookout, the security firm responsible…

Read MoreAndroid Apps Containing North Korean Spyware Discovered on Google Play

CISA Withdraws Funding for State and Election Threat-Sharing Centers

Government, Incident & Breach Response, Industry Specific Cyber Defense Agency Cuts Funding for Critical Cybersecurity Resource Amid Shift in Federal Focus Chris Riotta (@chrisriotta) • March 12, 2025 The federal government has ceased funding for a hub that provided real-time cybersecurity threat intelligence to state and local governments. (Image: Shutterstock)…

Read MoreCISA Withdraws Funding for State and Election Threat-Sharing Centers

Stolen Credentials Rise to Primary Concern in Global Retail Industry

KnowBe4 has unveiled its “Global Retail Report 2025,” which highlights a concerning evolution in the tactics employed by cybercriminals targeting the retail industry. The report indicates that credential harvesting has emerged as the predominant threat, constituting 38% of all compromised data in 2023. In contrast, the theft of payment card…

Read MoreStolen Credentials Rise to Primary Concern in Global Retail Industry

A Guide to Using Signal Encrypted Messaging

Signal App Security Measures: Enhancing User Privacy for Business Professionals Recent updates to the messaging application Signal have introduced several security features aimed at reinforcing user privacy. These enhancements come as organizations and businesses grapple with the implications of data breaches and cyber threats. To navigate the settings on Signal,…

Read MoreA Guide to Using Signal Encrypted Messaging

Ransomware Groups Exploiting Weaknesses in Perimeter Security Appliances

Manufacturers of perimeter security appliances, which encompass devices like CCTV systems, firewalls, radar technologies, and access control solutions, have increasingly overlooked the need to embed strong security features into their products. This oversight leaves these devices vulnerable, contributing to a surge in ransomware incidents. A recent annual threat report published…

Read MoreRansomware Groups Exploiting Weaknesses in Perimeter Security Appliances

Attackers Can Exploit AI Memory to Disseminate Falsehoods

Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development New Memory Injection Attack, ‘Minja’, Shows Alarming Efficacy on OpenAI Models Rashmi Ramesh (rashmiramesh_) • March 12, 2025 Image: Shutterstock Researchers have identified a novel memory injection attack dubbed “Minja,” which has been demonstrated to transform AI chatbots into unintentional…

Read MoreAttackers Can Exploit AI Memory to Disseminate Falsehoods

Lazarus Group Conceals Backdoor in Counterfeit npm Packages in Recent Assault

Lazarus Group Strikes Again: Malicious Packages Discovered in npm Repository The notorious Lazarus Group, an advanced persistent threat (APT) linked to the North Korean government, has resurfaced with a new campaign, infiltrating the npm software repository—a vital resource for developers globally. Research from the Socket Research Team has revealed the…

Read MoreLazarus Group Conceals Backdoor in Counterfeit npm Packages in Recent Assault

M2M Security Market: Boundless Opportunities for a Safer Future

Machine-to-Machine (M2M) communication plays a pivotal role in modern digital infrastructure, enabling machines to interact without human input. This automated process facilitates the unmediated exchange of data between devices, driving operational efficiency across various sectors. As M2M technologies advance, enhancements in security will be essential to ensure the reliability of…

Read MoreM2M Security Market: Boundless Opportunities for a Safer Future

Trump Appoints Former DOE and NSC Leader Sean Plankey as CISA Director

Plankey’s Nomination to Lead CISA Highlights Cybersecurity Preparedness Efforts in Energy Sector Sean Plankey, nominated by U.S. President Donald Trump to lead the Cybersecurity and Infrastructure Security Agency (CISA), brings a wealth of experience from his previous roles within the Department of Energy and the National Security Council. His appointment…

Read MoreTrump Appoints Former DOE and NSC Leader Sean Plankey as CISA Director