Exploitation of Zero-Day Vulnerabilities in VMware ESXi and Microsoft SharePoint Uncovered at Pwn2Own
During the second day of the Pwn2Own Berlin 2025 event, competitors achieved remarkable success by identifying and exploiting zero-day vulnerabilities in several high-profile products, collectively earning $435,000. The identified…

Israel Apprehends Additional Suspect Linked to $190 Million Nomad Bridge Crypto Incident
An American-Israeli national, Osei Morrell, has been apprehended in Israel for his alleged involvement in the exploit of the Nomad bridge smart contract that led to the siphoning of…

Ivanti EPMM Affected by Two Actively Exploited Zero-Day Vulnerabilities
Ivanti EPMM users must prioritize patching against critical zero-day vulnerabilities identified as CVE-2025-4427 and CVE-2025-4428. These vulnerabilities have been actively exploited in the wild, posing significant risks to organizations…

Introduction of Codex: An Advanced AI Solution for Software Development by ChatGPT
OpenAI is introducing Codex, an advanced AI tool integrated with ChatGPT designed to enhance the efficiency of software development. This innovative tool assists software engineers by automating and managing…

Pro-Ukraine Cyber Group Implements Python Backdoor Against Russian Development Teams
ReversingLabs has recently identified a sophisticated threat known as dbgpkg, a counterfeit Python debugger that clandestinely establishes backdoors within systems to facilitate data exfiltration. This revelation raises significant concerns…

Japan Implements New Active Cyber Defense Legislation Authorizing Offensive Cyber Operations
Japan has implemented a new legislative framework that empowers its authorities to conduct offensive cyber operations. This proactive approach is designed to engage adversaries before potential threats escalate and…

Microsoft Acknowledges That May Windows 10 Updates Activate BitLocker Recovery Mode
Microsoft has acknowledged that certain Windows 10 and Windows 10 Enterprise LTSC 2021 systems are experiencing issues after the installation of the May 2025 security updates, specifically leading to…

Comparative Analysis: HubSpot vs. Salesforce – Identifying the Optimal CRM Solution for Your Business Needs
When deciding between HubSpot and Salesforce, it’s essential to carefully evaluate your business needs, current infrastructure, and long-term growth objectives. Both platforms are leaders in customer relationship management (CRM),…

Alabama Individual Receives 14-Month Sentence Related to Securities and Exchange Commission Cyber Intrusion Impacting Bitcoin Valuation
An Alabama man has been sentenced to 14 months in prison, followed by three years of supervised release, due to his involvement in the unauthorized takeover of the U.S.…

Procolored Distributes Compromised Drivers Containing Malware for Extended Period
For a duration of at least six months, the official software distributed with Procolored printers has been identified to contain malware, including a remote access trojan (RAT) and a…

Ransomware Groups Are Intensifying Their Use of Skitnet Post-Exploitation Malware
Ransomware groups are increasingly leveraging a sophisticated malware known as Skitnet, also referred to as “Bossnet,” to conduct stealthy post-exploitation operations within compromised networks.

This malware has been available…

Pwn2Own Berlin 2025: Compromises Identified in Windows 11, VMware, Firefox, and Additional Platforms
The Pwn2Own Berlin 2025 event at the OffensiveCon conference has successfully wrapped up its initial two days of rigorous competition. This prestigious event continues to attract elite security researchers…

Australian National “DR32” Sentenced in U.S. Federal Court
In a noteworthy development, the Australian individual known as “DR32” received his sentencing this week in a federal court located in Colorado. Contrary to widespread expectations, the outcome of…

Anne Arundel County Reports Ransomware Attack Resulting in Breach of Sensitive Health Data
A cybersecurity incident occurred in February, leading to the compromise of sensitive information pertaining to patients who sought medical services from the Anne Arundel County Department of Health. In…

Introduction of ‘Defendnot’ Tool Manipulates Windows to Deactivate Microsoft Defender
A new tool, ‘Defendnot,’ has emerged, capable of disabling Microsoft Defender on Windows systems by masquerading as a legitimate antivirus application, even in the absence of actual antivirus software.…

Ransomware Incident Involving ADP Partner Compromises Broadcom Employee Data
A recent ransomware attack on Business Systems House (BSH), a partner of payroll provider ADP in the Middle East, resulted in the breach of employee data belonging to Broadcom.…

Fresno County Targeted in $1.6 Million Phishing Scheme; One Individual Arrested and Another Indicted
Two individuals have been indicted by a federal grand jury on multiple counts of wire fraud linked to a sophisticated phishing scheme that defrauded the County of Fresno out…

Russia-Linked SpyPress Malware Leverages Webmail Vulnerabilities for Espionage Against Ukraine
ESET has conducted an in-depth analysis of RoundPress, a significant cyber espionage campaign attributed to Russia’s Fancy Bear, also known as Sednit. This operation primarily targets organizations associated with…

FBI Issues Advisory on AI Voice Scams Targeting U.S. Government Officials
The FBI has issued a warning regarding an advanced vishing (voice phishing) and smishing (SMS phishing) campaign that utilizes AI-generated voice messages to impersonate high-ranking officials within the U.S.…

Former NSA Threat Analyst Evaluates Scattered Spider’s Sophisticated Social Engineering Tactics: “Their Expertise is Notable”
The help desk at a prominent US retailer received a concerning call. An individual claimed to be an employee who had encountered difficulties accessing their corporate accounts. However, this…

Former Sussex Police Officer Charged with Additional 18 Computer Misuse Offences Amid Rape Trial
A former officer of Sussex Police, currently undergoing trial for allegations of rape and sexual assault stemming from an investigation conducted by the Independent Office for Police Conduct (IOPC),…