Author: Staff Writer

Welcome to your Daily CyberTech Highlights! Each day, we bring you the most essential news and insightful analysis from the world of Cybersecurity, Cloud security, Data protection, Data privacy and Technology. Stay informed on the latest trends, threats, and innovations shaping the digital landscape, so you can make informed decisions and stay ahead of the curve. Let’s dive into today’s top stories! Daily CyberTech Highlights Brand Covered: Arctera Headline: Arctera, Wasabi Technologies and TD SYNNEX Join Forces to Simplify Data Protection Arctera, a global leader in data management, Wasabi Technologies, the hot cloud storage company, and TD SYNNEX, a leading global distributor and solutions aggregator for the…

Summary Points Data Breach Confirmation: Cock.li, a privacy-focused email hosting provider, suffered a breach through exploited vulnerabilities in its retired Roundcube platform, affecting over 1 million user accounts. Exposed User Information: The breach revealed sensitive data, including email addresses, login timestamps, failed login attempts, and some contact details for approximately 10,400 accounts, though passwords and actual email content remained secure. Threat Actor Involvement: A threat actor is reportedly selling the compromised databases for one Bitcoin, prompting Cock.li to confirm the breach and notify affected users. Service Changes and Future Plans: Cock.li has discontinued Roundcube, recognizing it should not have been…

Essential Insights Zero-Day Exploit: A patched security flaw in Google Chrome (CVE-2025-2783) was exploited by the threat actor TaxOff to deploy the Trinper backdoor, with a CVSS score of 8.3, via a phishing email disguised as a forum invitation. Malware Features: The Trinper backdoor, developed in C++, uses multithreading to stealthily capture host information, record keystrokes, exfiltrate files, and communicate with a command-and-control server for remote commands. Attack Strategy: The initial attack’s phishing emails led to a fake website, while investigations revealed past attacks dating back to October 2024, employing similar tactics that suggest a link to another hacking group…

A threat actor is targeting organizations in Taiwan in a sophisticated and evolving campaign to steal data for likely use in future attacks.The attackers are delivering malware through phishing emails impersonating Taiwan’s National Taxation Bureau and other government entities, using themes related to taxes, pensions, and public services.Convincing Phishing LuresThe emails contain a malicious zip file that launches a multistage infection chain when opened. One of the final payloads is HoldingHands (aka Gh0stBins), a remote access Trojan (RAT) capable of data exfiltration and surveillance, according to Fortinet, which has been tracking the campaign since January. In some instances, the adversary…

CyEx, a leading provider of cyber and data breach response solutions, announces the appointment of Wes Alford as Executive Vice President of Client Services overseeing client and partner engagement, operations, and business management. Alford will report directly to CyEx founder and President, Jerry Thompson, and will work alongside him to lead the day-to-day operations of the business. Cyber Technology Insights : Integris Amplifies Position as a Leading Future-Ready MSP with Strategic Acquisition Alford brings more than 20 years of experience working with both plaintiff and defense firms in the class action administration industry. He will play an integral role in all areas of CyEx’s…

Summary Points Data Breach Confirmation: Scania confirmed a cybersecurity incident involving compromised credentials that allowed attackers to access its Financial Services systems, stealing sensitive insurance claim documents. Extortion Threat: Attackers contacted Scania employees via email, threatening to leak the stolen data unless demands were met, with the data later offered for sale on a hacking forum. Attack Methodology: The breach, which occurred on May 28, 2025, was facilitated by stolen credentials from an external IT partner, allegedly acquired through infostealer malware. Impact and Response: The compromised insurance application is now offline, with Scania stating that they notified privacy authorities and…

 “As cyberattacks evolve, detection can’t be a checkbox. Our 2025 EDR/XDR Certification helps CISOs assess how effectively their tools uncover stealthy, real-world threats.”- Andreas Clementi, ceo and founder, AV-Comparatives This independent evaluation tested enterprise cybersecurity solutions under advanced threat scenarios. The goal: to assess their ability to detect and report real-world attacks with precision and visibility. Unlike, e.g. the EPR Test, which focuses on prevention, the EDR test simulates complex attack scenarios to assess how well a product detects and logs each stage of an intrusion, providing insights into its visibility, telemetry quality, and threat detection precision. Threat visibility based on…

Summary Points Vulnerability Discovery: A major security flaw in LangChain’s LangSmith platform, carrying a CVSS score of 8.8, was disclosed. This vulnerability allowed attackers to intercept sensitive data, such as API keys and user prompts, through a malicious proxy disguised as an AI agent. Exploitation Methodology: Attackers could create and share compromised AI agents via LangChain Hub, which, when interacted with, routed user data through the attackers’ servers without detection, risking API misuse and data theft. Consequences of Exploitation: Victims could face unauthorized access to their OpenAI environments, financial burden from increased API usage, and potential leaks of sensitive internal…

Fingerprint, the leading device intelligence provider in the market, adds real-time threat detection to Sumsub’s full-cycle verification platform Sumsub, a global leader in verification, is expanding its Fraud Prevention solution with advanced Device Intelligence, enhanced by the Fingerprint platform, a market-leading provider. Designed to identify threats before they escalate, Device Intelligence offers real-time insights with industry-leading accuracy into user integrity by analyzing device behavior and network-level data beyond basic IP tracking. This proactive layer of security empowers companies to stop transaction fraud, detect and block bots, prevent multi-accounting and account takeovers, and significantly reduce unnecessary KYC costs — all without disrupting the…

MADRID (AP) — Spain’s government said Tuesday that the massive April power outage across Spain and Portugal that left tens of millions of people disconnected in seconds was caused by technical and planning errors that left the grid unable to handle a surge in voltage.Ecological Transition Minister Sara Aagesen, who manages the nation’s energy policy, told reporters that a voltage surge led to small grid failures, mainly in the south of Spain, which then cascaded to larger ones and brought the system down in the two Iberian Peninsula nations.She ruled out that the failure was due to a cyberattack.The outage…