Singapore authorities are alerting businesses to a surge in deepfake scam video calls, where criminals use AI-generated manipulations to impersonate high-ranking executives and deceive employees into transferring company funds.

Cybersecurity researchers at Cofense have uncovered a phishing campaign using fake LinkedIn InMail notifications to distribute the ConnectWise RAT. Unlike typical LinkedIn scams that steal credentials, this attack installs a remote access trojan. The fraudulent emails mimic LinkedIn branding but use an outdated template from before the platform’s 2020 redesign, making them appear legitimate at first glance.

Bybit has confirmed that hackers executed a "sophisticated attack" on one of its Ethereum (ETH) cold wallets, resulting in the theft of approximately 401,346 ETH, valued at over $1.4 billion.

North Korean hackers have successfully laundered $300 million from the massive $1.5 billion crypto heist targeting ByBit Exchange.

Malwarebytes Labs has uncovered a phishing scam exploiting the Docusign API, which allows users to send emails from legitimate Docusign accounts.

Phishing isn’t the only threat to worry about. The FBI has issued a critical advisory about Ghost, a ransomware campaign exploiting known software vulnerabilities instead of relying on phishing. Active in over 70 countries, Ghost targets sectors worldwide, using publicly available code to infiltrate unpatched internet-facing servers.

Cyberattacks take many different forms, from PayPal scam campaigns to infostealer malware, but distributed denial of service (DDoS) attacks can cause widespread disruption—especially when the target is a high-profile platform like Elon Musk’s X (formerly Twitter).

Cybersecurity researchers have uncovered a large-scale phishing campaign leveraging fake CAPTCHA images embedded in PDF documents hosted on Webflow’s content delivery network (CDN).

More than three million employee-linked corporate accounts across Fortune 500 companies were compromised between 2022 and 2024, according to cybersecurity firm Enzoic.

A new report from SoSafe highlights the growing tension between AI adoption and its associated security risks, based on insights from 500 global security professionals and 100 SoSafe customers across 10 countries.

Asia is poised to claim nearly half of the world’s fintech transactions by the end of 2025, solidifying its position as a global leader in the sector, according to a new report from Singapore-based UnaFinancial.

Doxbin, a platform infamous for doxxing and exposing personal information, has suffered a major data breach orchestrated by the hacker group Tooda. The attackers deleted user accounts, locked out administrators, and leaked a massive database containing 136,814 user records, including usernames, email addresses, and a so-called “Blacklist” file—detailing individuals who had allegedly paid to keep their information off the site. The breach appears to be fueled by a long-standing rivalry between hacker groups, with Tooda claiming their attack was in response to accusations against one of their members.