M&S Prepares for £300 Million Cybersecurity Incident Expenses
Marks & Spencer (M&S) is facing substantial financial repercussions from an ongoing cyber incident, estimating costs to reach approximately £300 million ($400 million). The primary source of this financial…

KrebsOnSecurity Targeted by a 6.3 Tbps Distributed Denial of Service Attack Utilizing Aisuru Botnet
KrebsOnSecurity recently endured a significant Distributed Denial of Service (DDoS) attack that reached a staggering throughput of 6.3 terabits per second (Tbps). This incident has been attributed to the…

Significant Surge in PureRAT Malware Incidents: Fourfold Increase in 2025, Utilizing PureLogs to Target Russian Enterprises
Russian organizations are currently facing a sophisticated phishing campaign aimed at distributing malware known as PureRAT, as reported by Kaspersky. This campaign, which commenced in March 2023, has escalated…

European Union Imposes Sanctions on Stark Industries for Facilitating Cyberattacks
The European Union has enacted significant sanctions against Stark Industries, a web-hosting provider, along with its CEO Iurie Neculiti and owner Ivan Neculiti. This decision arises from their involvement…

The Approach of Private Investigators in Managing Digital Forensics
The contemporary landscape is defined by an unprecedented volume of data. From texts and emails to social media updates and deleted files, an array of information continuously accumulates and…

Enhancing CI/CD Workflow Security with Wazuh
Continuous Integration and Continuous Delivery/Deployment (CI/CD) encompasses practices that automate the development and release of code across various environments. CI/CD pipelines are essential in contemporary software development, ensuring that…

Malicious Chrome Extensions Imitating Fortinet, YouTube, and VPN Services Engage in Data Theft
A recent investigation has unveiled a sophisticated campaign targeting Google Chrome users, employing over 100 malicious browser extensions that masquerade as legitimate tools, including VPNs, AI assistants, and cryptocurrency…

Vulnerability in Google Cloud Functions Raises Significant Security Concerns
A potential privilege escalation vulnerability impacting Google Cloud Platform (GCP) Cloud Functions and its associated Cloud Build service has been identified. This issue, uncovered by Tenable Research, enabled attackers…

Disruption of Lumma Infostealer Malware Operation: Seizure of 2,300 Domains
Earlier this month, a highly coordinated disruption effort targeted the Lumma malware-as-a-service (MaaS) information stealer operation, resulting in the seizure of thousands of domains and a significant portion of…

Cybercriminals Replicate Kling AI to Deploy Infostealer Malware
A recent malware campaign has been identified, leveraging the widespread popularity of the AI media platform, Kling AI. Security researchers have uncovered that cybercriminals have utilized deceptive Facebook ads…

Safeguarding Forensic Reports: Addressing Privilege Concerns Post-Data Breach
In a noteworthy ruling from the Federal Court of Australia, the case of McClure v. Medibank Private Limited [2025] FCA 167 highlights significant considerations regarding the preservation of legal…

3AM Ransomware Exploits Spoofed IT Communications and Email Bombing Techniques to Compromise Network Security
A recent investigation has unveiled the tactics employed by the 3AM ransomware affiliates, who are executing highly targeted attacks by leveraging email bombardment and spoofed IT support calls. This…

Western Intelligence Agencies Collaborate to Uncover Russian Cyber Operations Targeting Logistics and Technology Sectors
A prominent Russian hacking group has been held accountable for executing a significant cyber operation that officials indicate poses a substantial threat to various organizations and sectors across more…

Russian Threat Actors Target Email and VPN Vulnerabilities to Conduct Espionage on Ukrainian Aid Operations
Russian cyber threat actors have been attributed to a state-sponsored initiative targeting Western logistics entities and technology firms since 2022. This campaign is assessed to be conducted by APT28…

Anthropic Web Configuration Suggests Advancements in Claude Sonnet 4 and Opus 4 Technologies
Anthropic is reportedly advancing its efforts with new AI models labeled Claude Sonnet 4 and Opus 4, following recent clues extracted from the company’s web configuration files. According to…

Microsoft Disrupts Lumma Stealer Network, Secures Over 2,000 Domains
Microsoft has executed a significant disruption of the Lumma Stealer network, a robust operation responsible for a substantial number of cybercrimes worldwide. This initiative resulted in the seizure of…

Microsoft Initiates Global Action Against Lumma Stealer: A Strategic Disruption of a Prominent Cybercrime Tool
Microsoft’s Digital Crimes Unit (DCU) has taken significant action against one of the most prevalent tools employed in the theft of sensitive personal and organizational data, a crucial factor…

OpenAI Indicates Significant Enhancements for ChatGPT Operator Agent
ChatGPT’s Operator, which is currently in the research preview phase, is set to evolve into a highly efficient tool, as noted by Jerry Tworek, the Vice President of Research…

Investigation Reveals Inconsistencies in Claims of 1.2 Billion Facebook Records Available for Sale by Threat Actor
Recent claims have emerged from a threat actor known as ‘ByteBreaker,’ who asserts the availability of 1.2 billion Facebook records obtained through API abuse. This disclosure has raised eyebrows…

Security Researchers Extract and Disseminate 2 Billion Discord Messages Online
Researchers have released an extensive database comprising over 2 billion messages from Discord. This data was extracted through the utilization of Discord’s public API and encompasses information from 3,167…

Severe Vulnerability in Samlify SSO Allows Unauthorized Administrative Access
A significant vulnerability has been identified in the Samlify authentication library, enabling malicious actors to gain administrative access by injecting unsigned harmful assertions into validly signed SAML responses.

Samlify…