top of page
Cyber Security Hub
Stay updated with the latest news on technology, cybersecurity, market reports
Featured News


Last week in cybersecurity (June 22–28): EVN scams alert, AI manipulation, and Linux root-exploiting vulnerability
Explore last week in cybersecurity (June 22–28): EVN warns of fake OTPs, AI agents tricked into executing malware, and the DirtyClone Root flaw. Read now!
Jun 29


Information technology for small business: Growth, security and compliance strategies in 2026
Discover comprehensive information technology for small business. Avoid penalties of up to 5% of revenue from the Personal Data Protection Law with FlexSecure360 from IPSIP today!
Jun 24


Last week in cybersecurity: 73,000 Fortinet accounts leaked, 152 malicious Chrome extensions, and 17 million WordPress attacks
Recap of last week in cybersecurity: 73K leaked Fortinet accounts, 152 malicious Chrome extensions, and WordPress attacks. Get a comprehensive cybersecurity solution!
Jun 22
24H movement


Vishing campaign targets Microsoft 365 users
A sophisticated voice phishing (vishing) campaign is directly targeting Microsoft 365 users. Notably, attackers are exploiting the recent wave of security upgrades to turn them into a perfect trap for hijacking corporate accounts.
1 hour ago


The first AI-driven ransomware campaign: The power of technology and the true role of humans
The cybersecurity community recently witnessed a remarkable turning point as artificial intelligence (AI) executed a cyberattack entirely on its own.
2 hours ago


Red alert: JADEPUFFER AI ransomware and the historic milestone completely reshaping cybersecurity
The emergence of JADEPUFFER AI ransomware marks the first time in cybercrime history that a 100% automated attack occurred without humans. Discover IPSIP's solution!
3 hours ago
All posts


Vishing campaign targets Microsoft 365 users
A sophisticated voice phishing (vishing) campaign is directly targeting Microsoft 365 users. Notably, attackers are exploiting the recent wave of security upgrades to turn them into a perfect trap for hijacking corporate accounts.
1 hour ago


The first AI-driven ransomware campaign: The power of technology and the true role of humans
The cybersecurity community recently witnessed a remarkable turning point as artificial intelligence (AI) executed a cyberattack entirely on its own.
2 hours ago


Can AI-generated code replace ERP? Lessons for businesses kooking to rebuild their core systems
ERP AI can accelerate software development, but it cannot replace a proven ERP platform. Learn the risks and best practices for securing enterprise systems with IPSIP Vietnam.
4 hours ago


Microsoft Teams abused to fake IT support and deliver EtherRAT malware to businesses
Microsoft Teams is being abused to impersonate IT support and deliver EtherRAT malware. Learn how the attack works and how businesses can respond.
1 day ago


Warning: Cybercriminals posing as ChatGPT distribute malware through a series of compromised Facebook accounts
The irresistible allure of ChatGPT artificial intelligence is becoming prime bait for cybercriminal groups to exploit. Security researchers have recently exposed a sophisticated campaign in which attackers hijack numerous Facebook pages and accounts with large followings for the purpose of phishing and distributing malware to users.
1 day ago


SharePoint vulnerability CVE-2026-45659 actively exploited, CISA urges immediate patching
SharePoint vulnerability CVE-2026-45659 has been added to CISA's KEV catalog after active exploitation. Learn about the RCE risk, ransomware threats, and how IPSIP helps secure your systems.
1 day ago


FortiBleed identified as the initial access vector for INC and Lynx ransomware operations
A new report from SOCRadar confirms that the FortiBleed campaign has resulted in 409 compromised FortiGate administrator accounts, 354 successful intrusions, and at least 12 confirmed ransomware incidents. This marks the first time technical evidence has directly linked FortiBleed to the ransomware operations of the INC and Lynx groups.
2 days ago


Evaluate Pentest and SOC quotations: insider guide for IT leaders
Evaluate Pentest and SOC quotations confidently with this insider guide. Learn how to compare technical scope, pricing, standards, and hidden costs before choosing a cybersecurity provider.
3 days ago


ARToken emerges: new phishing toolkit targets Microsoft 365, steals tokens without passwords
Researchers have uncovered ARToken, a phishing toolkit abusing Microsoft 365 OAuth Device Code Flow to steal access tokens without passwords. Learn how it works and how to stay protected
3 days ago


Next-generation ransomware: When AI paves the way for browser attacks
The rapid evolution of Artificial Intelligence (AI) is completely reshaping the cybersecurity landscape, bringing both unprecedented opportunities and challenges.
6 days ago


Apple Hide My Email vulnerability could expose users' real email addresses
A vulnerability affecting Apple's Hide My Email feature could allow attackers to uncover the real email address behind an anonymized alias. According to reports, the issue was disclosed to Apple more than a year ago but remains unpatched. Independent testing by 404 Media also confirmed that the flaw was still exploitable at the time of publication.
6 days ago


Warning: Over 5 billion iPhone and Android devices face risk of covert attacks
Transferring images, videos, or documents between phones and computers has now become incredibly simple thanks to AirDrop on Apple devices or Quick Share on Android and Windows operating systems. However, this very convenience is inadvertently opening a loophole for cyberattacks, threatening the safety of more than 5 billion devices worldwide.
6 days ago


Warning on the threats of Shadow AI: a new attack technique targeting AI coding assistants
Instead of planting malware directly, the attacker cleverly inserts hidden instructions to trick autonomous AI assistants like Claude Code into automatically triggering remote destructive commands. This vulnerability is the clearest evidence of the dangers of Shadow AI.
Jul 2


Nissan confirms employee data breach following Oracle PeopleSoft zero-day attack
Nissan has confirmed that current and former employee data may have been accessed after attackers exploited the Oracle PeopleSoft zero-day vulnerability, CVE-2026-35273. According to Oracle, the campaign affected hundreds of companies, while Mandiant said it notified more than 100 organizations impacted by the attacks.
Jul 2


A severe Microsoft Excel vulnerability poses a threat to Microsoft 365 and Office users
Một lỗ hổng CVE nghiêm trọng trong Microsoft Excel đang được cảnh báo vì có thể bị khai thác thông qua tệp bảng tính độc hại. Theo thông tin từ Microsoft và các nguồn cảnh báo bảo mật, lỗ hổng được định danh là CVE-2025-60727, thuộc nhóm thực thi mã từ xa trong hệ sinh thái Office.
Jul 1


US coordinates major takedown of illegal World Cup 2026 streaming websites
The excitement of the World Cup 2026 finals is not only electrifying football pitches but has also become the focal point of large-scale cybersecurity operations.
Jul 1


The dark side of World Cup 2026: A wave of high-tech crime besieges the football tournament
The latest security reports show that international cybercrime organizations had quietly constructed, orchestrated, and deployed a massive phishing infrastructure months before the opening whistle blew.
Jul 1


Warning: AI coding agents can be compromised through “clean” GitHub repositories
Security researchers from Mozilla's Zero Day Investigative Network (0DIN) have uncovered a sophisticated attack technique that targets AI coding agents through seemingly clean GitHub repositories.
Jun 30


Cybersecurity incident at iPhone manufacturing plant: Alleged leak of over 630GB of Apple and Tesla data
A severe cyberattack targeting an Apple manufacturing partner in India has resulted in a massive breach of internal data.
Jun 29


Microsoft warns of phishing campaign targeting hotels with Node.js implant
Since April 2026, a sophisticated phishing campaign has been targeting hotels across Asia and Europe. The attackers abuse trusted services including Calendly and Google to distribute a ZIP archive containing the TonRAT malware, which is executed through the legitimate Node.js v24.13.0 runtime
Jun 29
bottom of page
