Category: Cybersecurity News

Report Reveals | DeepSeek AI Development Costs 300 Times More Than Reported

SECITHUB
DEEPSEEK

A new report by SemiAnalysis has exposed a massive discrepancy in the development costs of DeepSeek, a Chinese AI startup. While DeepSeek publicly stated an investment of $5.6 million, the actual costs are estimated to have exceeded $1.5 billion, raising questions about the true scale of China’s AI ambitions and its hidden financial backing. The True Costs of AI Development According to the SemiAnalysis report, DeepSeek’s real expenditure includes: How DeepSeek Reduces Costs Despite the massive financial investment, DeepSeek has developed cost-cutting strategies to optimize its operations: These methods allow…

Read More

Is This Bigger than SolarWinds? Researchers Expose Critical Systems Vulnerable to Attack via Abandoned Storage Servers

SECITHUB

A Grave Threat Found in Amazon S3 Storage Systems A new discovery by security researchers from watchTowr has exposed a severe vulnerability in the cloud storage systems of Amazon S3. Over the course of their investigation, the researchers were able to take control of approximately 150 abandoned data repositories left behind by large organizations. What’s more alarming is that many systems continued to attempt automatic access to these abandoned storage buckets, potentially opening the door to devastating cyberattacks. Findings of the Study The research team tracked activity over two months…

Read More

Pyotr Levashov | From Notorious Russian Hacker to FBI Informant

SECITHUB
Hooded figure at a computer with cyber data on screens.

Background and Cybercriminal Operations Pyotr Levashov, known by his alias “Severa”, was one of the most dangerous Russian hackers in recent history. He was responsible for operating three of the largest botnets in the world, which were used for spamming, malware distribution, and large-scale cyberattacks. Levashov consistently ranked among the top ten spammers in the world and was a key figure in cybercrime operations linked to ransomware, financial fraud, and state-sponsored disinformation campaigns. Arrest and Extradition In 2017, Levashov was arrested in Barcelona, Spain, following an international warrant issued by…

Read More

Cyberattack Exposes Data of 1.5 Million Patients in the U.S.

SECITHUB
Hacker in a hoodie with medical cybersecurity icons and a laptop

Major Data Breach at Two U.S. Medical Centers Two medical centers in the United States have reported a cyberattack that compromised sensitive medical records. The breach affected both the Community Medical Center in Connecticut and NorthBay Medical Center in California. Although the incidents occurred in 2024, they have only now been disclosed to regulators across multiple states. Scope of the Data Breach What Data Was Stolen? The attackers gained access to a broad range of highly sensitive patient information, including: Who Is Behind the Attack? The Embargo ransomware group has…

Read More

Cyberattack on Tosaf’s Industrial Control Systems

SECITHUB
Hacker in a hoodie with cybersecurity icons around a laptop.

The Handala hacker group has claimed responsibility for a cyberattack on the Israeli company Tosaf, a manufacturer specializing in chemical and polymer additives. According to the attackers, they successfully disrupted the company’s industrial control systems (ICS), affecting production operations. Alleged Impact of the Attack According to the group’s statement, the attack resulted in: About Tosaf Tosaf is a global leader in the chemical and polymer industry, manufacturing a variety of industrial materials. Implications for Industrial Cybersecurity If confirmed, this attack highlights the growing vulnerability of industrial environments to cyber threats,…

Read More

Severe Data Breach at AngelSense | Personal and Medical Data of Thousands Exposed

SECITHUB
Glowing "DATA BREACH" warning on a backlit keyboard

Unprotected Database Leaks Sensitive User Information AngelSense, an Israeli-American technology company that develops GPS tracking devices for individuals with disabilities, has suffered a major data leak exposing sensitive personal and medical records of thousands of users.Cybersecurity researchers from UpGuard discovered that an AngelSense database was left publicly accessible online without any security protection. Scope of the Data Leak Company Response AngelSense has responded to the incident with the following statements: The Risk of Exposed GPS and Medical Data A data breach involving real-time location tracking is particularly concerning, as it…

Read More

UK Rejects Update to 1990 Cybercrime Law | Security Researchers Remain at Legal Risk

SECITHUB
Laptop screen with UK flag and binary code overlay.

British Government Declines Cybercrime Law Reform The UK government has rejected a proposed amendment to the 1990 Computer Misuse Act (CMA), which aimed to provide legal protections for cybersecurity researchers. Science Minister Patrick Vallance defended the decision, arguing that such protections could be exploited by cybercriminals. Background on the Proposed Amendment The current law criminalizes “unauthorized access to a computer,” creating significant risks for ethical security researchers. Critics argue that the CMA is outdated, failing to reflect modern cybersecurity challenges. Key issues driving the push for reform: Reasons for the…

Read More

Japanese Auto Parts Manufacturer HIKARI SEIKO Targeted by Qilin Hacker Group

SECITHUB
Mysterious hooded figure with red digital glitch effect

Cyberattack on HIKARI SEIKO | Sensitive Data Allegedly Stolen The Qilin hacker group has claimed responsibility for a cyberattack against HIKARI SEIKO, a leading Japanese auto parts manufacturer operating since 1947. The attackers allege they have stolen over 500GB of sensitive corporate data from the company’s systems. Allegedly Stolen Data Qilin’s Claims and Threats According to the hacker group, HIKARI SEIKO has: As proof of their breach, Qilin has leaked five sample images and claims to possess 332,535 files from the company’s internal systems. The Growing Threat to Automotive Supply…

Read More

North Korea Embeds Malware in Popular Software Projects | Lazarus Group’s Phantom Circuit Campaign

SECITHUB
Hacker in a hoodie with North Korean flag and binary code background.

A New Supply Chain Attack by Lazarus Cybersecurity researchers have uncovered a highly sophisticated campaign by the North Korean state-sponsored Lazarus Group. Dubbed Phantom Circuit, this operation involves cloning legitimate software projects, injecting them with malicious backdoors, and redistributing them to developers worldwide. The goal? To infiltrate corporate environments, steal sensitive data, and establish persistent access to compromised systems. Who’s at Risk? The following popular software projects were found to be replicated and modified with embedded malware: How the Attack Works How Phantom Circuit Compromises Systems Malicious Code Injection into…

Read More

Law Enforcement Cracks Down on Cybercrime Forums Cracked and Nulled | A Major Blow to Cybercrime-as-a-Service

SECITHUB
Hacker in a hoodie with handcuffs in front of a laptop

The Fall of Two Major Cybercrime Marketplaces A coordinated international law enforcement operation has dismantled Cracked.io and Nulled.to, two of the most well-known underground cybercrime forums. Together, these platforms had over 10 million users and served as one-stop shops for cybercriminals, offering everything from stolen data and malware to hacking tools and cybercrime-as-a-service (CaaS). Authorities estimate that suspects linked to these platforms generated over €1 million in criminal profits. The takedown marks a significant step in the fight against organized cybercrime, demonstrating the increasing ability of law enforcement to disrupt…

Read More