Candid.Technology

We are a technology website dedicated to sharing information that truly resonates with our audience. Our content ranges from simple tutorials and guides to the latest updates in the tech world, all aimed at helping you navigate the internet effectively. Our topics include Android, iOS, Windows, Linux, internet safety, privacy, various websites, social media, apps, IoT, gadgets, cryptocurrency, streaming platforms, and much more. Candid.technology prides itself on being impartial, bold, and independent in our writing and reporting. We are affiliated with Candid Today Press.

Local, Consumer

English

Online/Digital

Outlet metrics

Domain Authority

Ranking

Global

#1815817

United States

#729123

Computers Electronics and Technology/Computers Electronics and Technology

#11866

Traffic sources

Monthly visitors

Articles

Hackers caught using fake AI websites to spread malware

1 week ago | candid.technology | Yadullah Abidi

Hackers are abusing fake AI websites impersonating legitimate AI video generator tools to infect users with infostealer malware and backdoors around the world. The campaign is being run by a Vietnamese hacking group dubbed UNC6032 and has been active since at least mid-2024. The campaign was observed by security researchers at Mandiant, who claim they’ve discovered at least 30 different fake websites impersonating tools like Luma IA, Canva Dream Lab, and Kling AI, among others.
OneDrive bug exposes your storage to third-party apps

1 week ago | candid.technology | Yadullah Abidi

A security vulnerability in Microsoft OneDrive’s file picker has left the cloud storage users exposed to third-party apps. The file picker requests OAuth permissions, which in turn grant external apps access to the user’s entire drive rather than the specific files selected for download or upload.
Hackers are using SEO poisoning to commit payroll fraud

1 week ago | candid.technology | Yadullah Abidi

Security researchers have discovered a new scam campaign that uses SEO poisoning to redirect unsuspecting employees to fake payroll sites. The hackers steal employee passwords by leading them to phishing pages, then use this access to swap out payroll accounts. The campaign was first observed by ReliaQuest security researchers in May 2025. The threat actors specifically targeted employee phones with a phishing page impersonating their respective organisation’s login portal.
Adidas suffers data breach, customer data stolen

1 week ago | candid.technology | Yadullah Abidi

Popular sports equipment manufacturer Adidas has disclosed a data breach after hackers gained access to a third-party customer service provider used by the company and stole customer data. The incident has been contained, and Adidas is working with security experts to investigate the issue. Adidas stated that the stolen data doesn’t include passwords, credit card numbers, or other payment-related information.
Energy provider confirms ransomware attack and data breach

1 week ago | candid.technology | Yadullah Abidi

Illustration: JMiks | ShutterstockCanadian energy provider Nova Scotia Power has admitted that ransomware attacked it. The data stolen from the company affects 280,000 out of its 550,000 customers. The cyberattack was initially disclosed by the power company and its parent company, Emera, on April 28, with a follow-up confirmation on May 1 admitting that hackers got away with customer data.
Hackers are using fake TikTok tips to spread malware

1 week ago | candid.technology | Yadullah Abidi

Security researchers have discovered hackers using AI-generated videos on TikTok to trick victims into installing Vidar and StealC malware. The pages behind these videos pretend to provide tips and tricks to enhance experiences or activate software like Windows, Capcut, Office, and more, instructing users to run PowerShell commands that download and install malware.
Europol takes down 100s of servers as part of ransomware hunt

2 weeks ago | candid.technology | Yadullah Abidi

A group of law enforcement agencies coordinated by Europol and Eurojust has attacked key online infrastructure ransomware groups use. Primary targets were malware variants and successor groups reemerging from previous takedowns. The attack, carried out as part of the ongoing Operation Endgame, took down nearly 300 servers worldwide, 650 domains, seized €3.5 million in cryptocurrencies, and issued international arrest warrants against 20 targets between May 19 and 22.
Thousands of routers globally are now hacker honeypots

2 weeks ago | candid.technology | Yadullah Abidi

A threat actor, ViciousTrap, has compromised over 5,500 network edge devices in 84 countries and converted them into honeypot nodes operating as part of one big network. The hackers have exploited a previously documented vulnerability dubbed CVE-2023-20118 that affects several Cisco SOHO routers. Specifically, the following Cisco Small Business routers are at risk:RV016RV042RV042GRV082RV320RV325The campaign was discovered by security researchers at cybersec firm Sekoia.
Ransomware attack hits US healthcare firm Kettering Health

2 weeks ago | candid.technology | Yadullah Abidi

Illustration: JMiks | ShutterstockPopular US healthcare network Kettering Health has announced that it suffered a cyberattack, causing a system-wide outage. The organisation has been cancelling patient procedures due to the outage. Kettering confirmed the cyberattack in a statement on its website but hasn’t revealed the nature of the attack or whether or not patient data was stolen during the incident.
US Teen guilty in extortion scheme targeting PowerSchool

2 weeks ago | candid.technology | Yadullah Abidi

19-year-old Massachusetts college student Matthew D. Lane has pleaded guilty to orchestrating an extortion scheme targeting school software provider PowerSchool. The US Department of Justice (DoJ) has accused Lane of hacking into two US companies and demanding a ransom. According to a court document published by the DoJ, Lane has pleaded guilty to one count of cyber extortion conspiracy, cyber extortion, unauthorised access to protected computers, and aggravated identity theft.