Ransomware Operations Leverage Skitnet Malware for Covert Data Exfiltration and Remote Access Capabilities
Several ransomware groups are actively deploying a malware known as Skitnet as part of their post-exploitation tactics aimed at exfiltrating sensitive data and establishing remote access to compromised…

RVTools Official Website Compromised to Distribute Bumblebee Malware Through Trojanized Installer
The official site for RVTools has been compromised, resulting in the distribution of a malicious installer for this widely used VMware environment reporting tool.

Robware has confirmed that both…

Microsoft Introduces Windows AI Foundry for Enhanced AI-Driven PC Applications
Microsoft has introduced Windows AI Foundry, an advanced platform aimed at facilitating the development of artificial intelligence (AI) applications for personal computers. This new initiative replaces the previous ‘Copilot…

Emerging Malware on PyPI Threatens Open-Source Development Security
A recent discovery has brought to light a malicious package on the Python Package Index (PyPI), raising significant concerns regarding the security vulnerabilities within open-source software repositories. The identified…

Cyberattack on UK Legal Aid Agency Results in Compromise of Sensitive Data
The UK Legal Aid Agency recently experienced a substantial cyberattack that resulted in the unauthorized access and theft of significant amounts of sensitive data, including criminal records.

This incident…

Implementation of Smartphone Restrictions in Los Angeles Schools (Lock and Code S06E10)
This week on the Lock and Code podcast, we explore a significant challenge facing one of the largest school districts in the United States. The Los Angeles Unified School…

OpenAI Intends to Integrate Multiple Models into GPT-5
OpenAI is in the process of developing its next foundational model, GPT-5, which aims to consolidate multiple existing models into a more streamlined solution. Currently, ChatGPT operates with a…

ServiceAide Data Breach Compromises Sensitive Information of 500,000 Catholic Health Patients
A recent security incident involving Serviceaide has resulted in a data leak that potentially compromises the sensitive health information of approximately 500,000 patients under the care of Catholic Health.…

Analyzing the Security Breach: The Rapid Exploitation of the TeleMessage Application
It has been widely reported that Mike Waltz, the former National Security Advisor under President Trump, was observed utilizing a messaging application that closely resembles Signal during a cabinet…

Exploitation of Malicious PyPI Packages Targeting Instagram and TikTok APIs for User Account Validation
Cybersecurity researchers have identified malicious packages uploaded to the Python Package Index (PyPI) repository that function as tools to validate stolen email addresses against TikTok and Instagram APIs. The…

Compromised KeePass Password Manager Triggers ESXi Ransomware Incident
Cybercriminals have been distributing modified versions of the KeePass password manager for an extended period, utilizing these trojanized applications to install Cobalt Strike beacons, facilitate credential theft, and ultimately…

DDoSecrets Expands Index with Addition of 410GB of TeleMessage Breach Data
DDoSecrets has successfully indexed a substantial dataset of 410GB, comprising breached data from TeleMessage. This data includes various forms of messages and associated metadata, all stemming from a cyber…

Cocospy Stalkerware Applications Taken Offline Following Data Breach Incident
A recent development has seen the discontinuation of three surveillance applications that were implicated in unauthorized access to millions of mobile devices. The applications in question—Cocospy, Spyic, and Spyzie—were…

O2 UK Addresses Vulnerability Exposing Mobile User Location Data in Call Metadata
A vulnerability in O2 UK’s deployment of Voice over LTE (VoLTE) and WiFi Calling technologies has been identified, which could potentially disclose the general location and other identifying information…

Individual Sentenced for SIM Swap Attack Linked to SEC Bitcoin Hoax Tweet
Eric Council Jr. has been sentenced for his involvement in a SIM swap incident that occurred in 2024, which culminated in a fraudulent tweet concerning a Bitcoin ETF posted…

Go-Based Malware Executes XMRig Miner on Linux Systems Through Exploitation of Redis Configuration Vulnerabilities
Cybersecurity researchers have identified a new Linux cryptojacking campaign targeting publicly accessible Redis servers, named RedisRaider by Datadog Security Labs. This malicious activity involves aggressive scanning of randomized…

Emergency Updates for Windows 10 Address BitLocker Recovery Challenges
Microsoft has issued emergency out-of-band updates to address a critical issue that causes Windows 10 systems to enter BitLocker recovery mode following the installation of the May 2025 security…

Consumer Vulnerability to Social Media Fraud Ads Reaches 50%
Around half of consumers in both the UK and the US have reported being targeted by social media advertisements that promote retail fraud guides and services, along with disguised…

Chinese Cyber Threat Actors Implement MarsSnake Backdoor in Prolonged Campaign Against Saudi Organization
Threat hunters have uncovered the tactics of a China-aligned threat actor known as UnsolicitedBooker, which targeted an undisclosed international organization in Saudi Arabia with a previously undocumented…

Arla Foods Acknowledges Cybersecurity Breach Impacting Production and Leading to Operational Delays
Arla Foods has recently acknowledged that it suffered a cyberattack that has significantly disrupted its production operations. The company clarified that the attack specifically impacted its facility in Upahl,…

Regeneron Commits to Enhancing Security Measures Following Acquisition of 23andMe
The planned acquisition of the genetic testing company 23andMe by Regeneron Pharmaceuticals has raised significant concerns about the future of data security and customer privacy. In a recent announcement…