LockBit Leak Reveals Affiliate Pressure Tactics and Infrequent Compensation
Weeks following the LockBit ransomware incident, the disclosure of compromised data has shed light on the operational mechanisms utilized by affiliates involved in the ransomware ecosystem. This analysis highlights…
Weeks following the LockBit ransomware incident, the disclosure of compromised data has shed light on the operational mechanisms utilized by affiliates involved in the ransomware ecosystem. This analysis highlights…
❤1
UK: Post Office to Provide Compensation for Hundreds Affected by Data Breach
The Post Office has reached a settlement to compensate numerous former subpostmasters whose personal information was unintentionally disclosed during a data breach that occurred last year. In June, the…
The Post Office has reached a settlement to compensate numerous former subpostmasters whose personal information was unintentionally disclosed during a data breach that occurred last year. In June, the…
❤1
Discovery of AWS Default IAM Roles Facilitating Lateral Movement and Cross-Service Exploitation
Cybersecurity researchers have uncovered significant vulnerabilities within the default identity and access management (IAM) roles associated with Amazon Web Services (AWS), which could enable attackers to escalate privileges, manipulate…
Cybersecurity researchers have uncovered significant vulnerabilities within the default identity and access management (IAM) roles associated with Amazon Web Services (AWS), which could enable attackers to escalate privileges, manipulate…
❤1
Russian APT Groups Escalate Attacks in Europe Utilizing Zero-Day Exploits
The end of 2024 and the onset of 2025 witnessed a notable escalation in malicious cyber activities conducted by Russian-aligned hacking groups, as reported by ESET.
In its APT…
The end of 2024 and the onset of 2025 witnessed a notable escalation in malicious cyber activities conducted by Russian-aligned hacking groups, as reported by ESET.
In its APT…
❤1
Acquisition of Genetic Data from 23andMe by Pharmaceutical Organization
The recent acquisition of the bankrupt genetic testing company 23andMe by Regeneron Pharmaceuticals for $256 million raises significant questions about the motivations and implications of this transaction. Regeneron, a…
The recent acquisition of the bankrupt genetic testing company 23andMe by Regeneron Pharmaceuticals for $256 million raises significant questions about the motivations and implications of this transaction. Regeneron, a…
❤1
Exposing Over 100 Malicious Chrome Extensions Engaged in Session Hijacking, Credential Theft, and Ad Injection
An unidentified threat actor has been implicated in the development of various malicious Chrome Browser extensions since February 2024. These extensions, which masquerade as benign utilities, are designed to…
An unidentified threat actor has been implicated in the development of various malicious Chrome Browser extensions since February 2024. These extensions, which masquerade as benign utilities, are designed to…
❤1
RVTools Compromised in Supply Chain Attack Distributing Bumblebee Malware
The official RVTools website, a management tool for VMware, has fallen victim to a supply chain attack, resulting in the distribution of a compromised installer that delivers the Bumblebee…
The official RVTools website, a management tool for VMware, has fallen victim to a supply chain attack, resulting in the distribution of a compromised installer that delivers the Bumblebee…
❤1
Data Breach Impacting 200,000 Harbin Clinic Patients Identified in Debt Collection Operations
A recent data breach has compromised the personal information of over 200,000 patients associated with Harbin Clinic, due to a cyber-attack on Nationwide Recovery Services (NRS), a debt collection…
A recent data breach has compromised the personal information of over 200,000 patients associated with Harbin Clinic, due to a cyber-attack on Nationwide Recovery Services (NRS), a debt collection…
❤1
Hazy Hawk Threat Actor Identified Targeting Unmonitored Cloud Resources Since 2023
Infoblox has identified a new threat actor, dubbed Hazy Hawk, that has been exploiting abandoned cloud resources, such as S3 buckets and Azure services, alongside gaps in DNS configurations.…
Infoblox has identified a new threat actor, dubbed Hazy Hawk, that has been exploiting abandoned cloud resources, such as S3 buckets and Azure services, alongside gaps in DNS configurations.…
❤1
Data Breach: 15 Years of UK Legal Aid Applicant Information Compromised by Cyber Attackers
Hackers have successfully infiltrated the U.K. Ministry of Justice, compromising personal information related to criminal defendants seeking legal representation. This breach, reported by the British government, was detected on…
Hackers have successfully infiltrated the U.K. Ministry of Justice, compromising personal information related to criminal defendants seeking legal representation. This breach, reported by the British government, was detected on…
❤1
Hazy Hawk Group Leverages DNS Misconfigurations to Compromise Trusted Domains
A threat actor identified as “Hazy Hawk” is capitalizing on neglected DNS CNAME records associated with abandoned cloud services. This exploitation allows them to seize control of trusted subdomains…
A threat actor identified as “Hazy Hawk” is capitalizing on neglected DNS CNAME records associated with abandoned cloud services. This exploitation allows them to seize control of trusted subdomains…
❤1
Emerging AI Tool Triggers Cybersecurity Concerns
A new AI-powered chatbot, Venice.ai, is sparking significant concern within cybersecurity circles following its emergence in underground hacking forums, primarily due to its absence of content restrictions. This platform…
A new AI-powered chatbot, Venice.ai, is sparking significant concern within cybersecurity circles following its emergence in underground hacking forums, primarily due to its absence of content restrictions. This platform…
❤1
Gujarat ATS Detains 18-Year-Old Suspect in Cyberattack Investigation During Operation Sindoor
The Gujarat Anti-Terrorism Squad (ATS) has apprehended 18-year-old Jasim Shahnawaz Ansari from Nadiad in connection with a series of cyberattacks targeting numerous Indian government websites. This operation occurred during…
The Gujarat Anti-Terrorism Squad (ATS) has apprehended 18-year-old Jasim Shahnawaz Ansari from Nadiad in connection with a series of cyberattacks targeting numerous Indian government websites. This operation occurred during…
Hazy Hawk Leverages DNS Vulnerabilities to Compromise CDC and Corporate Domains for Malware Distribution
A threat actor identified as Hazy Hawk has been observed exploiting abandoned cloud resources from prominent organizations, such as Amazon S3 buckets and Microsoft Azure endpoints, utilizing misconfigurations within…
A threat actor identified as Hazy Hawk has been observed exploiting abandoned cloud resources from prominent organizations, such as Amazon S3 buckets and Microsoft Azure endpoints, utilizing misconfigurations within…
SK Telecom Reports Three-Year Malware Breach Affecting 27 Million Accounts
SK Telecom has reported a significant cybersecurity incident that originated in June 2022 and was disclosed in April 2025. This breach compromised the sensitive USIM data of approximately 27…
SK Telecom has reported a significant cybersecurity incident that originated in June 2022 and was disclosed in April 2025. This breach compromised the sensitive USIM data of approximately 27…
PowerSchool Cybersecurity Breach: Hacker Admits Guilt in Student Data Extortion Case
A 19-year-old college student from Worcester, Massachusetts, has committed to a guilty plea regarding a significant cyber extortion incident involving PowerSchool, which resulted in demands for millions of dollars…
A 19-year-old college student from Worcester, Massachusetts, has committed to a guilty plea regarding a significant cyber extortion incident involving PowerSchool, which resulted in demands for millions of dollars…
Massachusetts Cybersecurity Incident: Hacker to Enter Guilty Plea Regarding PowerSchool Data Breach
A Massachusetts individual has opted to enter a guilty plea regarding the unauthorized access of cloud-based education software provider PowerSchool, resulting in the theft of sensitive data associated with…
A Massachusetts individual has opted to enter a guilty plea regarding the unauthorized access of cloud-based education software provider PowerSchool, resulting in the theft of sensitive data associated with…
Cellcom Acknowledges Cyberattack as Cause of Prolonged Service Disruptions
Wisconsin wireless provider Cellcom has confirmed that a cyberattack was the cause of the significant service outages and disruptions that began on the evening of May 14, 2025. This…
Wisconsin wireless provider Cellcom has confirmed that a cyberattack was the cause of the significant service outages and disruptions that began on the evening of May 14, 2025. This…
Cybersecurity Incident Disrupts Kettering Health Communications and MyChart Patient Portal Access
A cyberattack has resulted in a significant technology outage at Kettering Health, leading to the cancellation of various medical procedures. The disruption has also affected phone communications and the…
A cyberattack has resulted in a significant technology outage at Kettering Health, leading to the cancellation of various medical procedures. The disruption has also affected phone communications and the…
Critical Vulnerability Discovered in Premium WordPress ‘Motors’ Theme Allows Potential Admin Takeover
A serious privilege escalation vulnerability has been identified in the premium WordPress theme Motors, enabling unauthenticated attackers to take over administrator accounts and gain complete control of websites.
Motors,…
A serious privilege escalation vulnerability has been identified in the premium WordPress theme Motors, enabling unauthenticated attackers to take over administrator accounts and gain complete control of websites.
Motors,…
Google Chrome Enhances Security with Automatic Password Replacement for Compromised Credentials through Integrated Password Manager
Google has introduced an innovative feature within its Chrome browser aimed at enhancing user security through its integrated Password Manager. This functionality allows for the automatic updating of a…
Google has introduced an innovative feature within its Chrome browser aimed at enhancing user security through its integrated Password Manager. This functionality allows for the automatic updating of a…