China-Linked Advanced Persistent Threats Exploit SAP Vulnerability CVE-2025-31324 to Compromise 581 Critical Systems Globally
A recently identified critical security vulnerability affecting SAP NetWeaver is currently being exploited by various nation-state actors with ties to China, posing a significant threat to essential infrastructure networks.…

Ivanti Addresses Critical EPMM Zero-Day Vulnerabilities Exploited in Code Execution Attacks
Ivanti has alerted its clientele regarding critical security vulnerabilities identified in the Ivanti Endpoint Manager Mobile (EPMM) software, emphasizing the urgency of applying patches to mitigate risks associated with…

Turkey-Aligned Hackers Exploit Zero-Day Vulnerability to Target Iraqi Kurdish Entities
A cyber threat actor, believed to have connections with Turkish governmental interests, has been detected exploiting unpatched user accounts affected by a vulnerability (CVE-2025-27920) in Output Messenger, a multiplatform…

Zoom Addresses Critical Vulnerability in Recent Update
Zoom has addressed several security vulnerabilities within its Workplace Apps, including a particularly high-risk flaw. The company is urging users to promptly update their applications to mitigate potential risks…

International Cybercrime Addressed: Amsterdam Police and FBI Successfully Neutralize Proxy Service Anyproxy
In a significant international operation, law enforcement authorities from Amsterdam, in collaboration with the Public Prosecution Service and the U.S. Federal Bureau of Investigation (FBI), have successfully dismantled the…

Compromised PyPI Package Imitating Solana Tool Leads to Source Code Exfiltration in 761 Instances
Cybersecurity researchers have identified a malicious package within the Python Package Index (PyPI) repository, masquerading as an application related to the Solana blockchain. This package, termed solana-token, has been…

SAP Addresses Second Zero-Day Vulnerability Targeted in Recent Attack Campaigns
SAP has released critical security patches to address a second vulnerability that has been exploited in recent attacks targeting SAP NetWeaver servers. The new vulnerability, identified as CVE-2025-42999, was…

DPRK-Backed TA406 Conducts Malicious Campaigns Against Ukraine
A new cyber espionage campaign has emerged, targeting Ukrainian government entities, according to recent findings from cybersecurity researchers. This operation has been linked to the North Korean state-aligned threat…

CISA Includes TeleMessage Vulnerability in KEV List After Security Breach
CISA has officially added a vulnerability found in TeleMessage to its Known Exploited Vulnerabilities (KEV) list. This decision comes in light of a recent breach that compromised multiple organizations,…

Investigation Initiated into N.W.T. Medical Record System Following Two Reported Incidents of Unauthorized Access
Medical records represent some of the most sensitive information managed by government agencies. Recent incidents involving employees of the Northwest Territories Health and Social Services Authority underscore the vulnerability…

North Korean Konni APT Leverages Malware to Monitor Developments in the Russian Invasion of Ukraine
The North Korean threat actor known as Konni APT has recently been implicated in a phishing campaign targeting government entities in Ukraine, expanding its focus beyond previous targets in…

North Korea Intensifies Cyber Espionage Activities in Ukraine to Evaluate Conflict Risks
The state-sponsored North Korean hacking group known as Konni (also referred to as Opal Sleet or TA406) has intensified its cyber espionage operations directed at Ukrainian governmental organizations. This…

European Vulnerability Database Introduced in Response to US CVE Disruptions
Europe’s cybersecurity agency has officially launched a comprehensive vulnerability database initiative, aimed to aid network defenders amidst ongoing challenges in the U.S. vulnerability management sector.

The new European Vulnerability…

Data Breach: Exposure of Information from 3 Million Students and Coaches in PrepHero-Linked Database
A recent security breach at PrepHero, a college recruiting platform, has resulted in the exposure of millions of unencrypted records, encompassing sensitive personal information of users. This incident raises…

Microsoft Addresses 78 Vulnerabilities, Including 5 Exploited Zero-Day Threats; Critical CVSS 10 Vulnerability Affects Azure DevOps Server
Microsoft has released updates to address 78 security vulnerabilities across its software ecosystem, including five critical zero-day vulnerabilities currently under active exploitation.

Among the resolved vulnerabilities, 11 have been…

Twilio Refutes Claims of Data Breach in Response to Alleged Leakage of Steam Two-Factor Authentication Codes
Twilio has issued a statement denying any breach of its systems after a threat actor claimed to possess over 89 million Steam user records, including one-time access codes. The…

Emerging ‘Chihuahua Stealer’ Malware Compromises Browser Data and Cryptocurrency Wallets
A new infostealer, identified as “Chihuahua Stealer,” combines traditional malware tactics with advanced functionalities, raising concerns within the cybersecurity community. The malware was initially reported by a Reddit user…

Apple Agrees to Settlement of $95 Million in Siri Surveillance Litigation – Application Details Enclosed
Apple has agreed to pay $95 million to settle allegations regarding unauthorized recordings made by Siri, its voice-activated assistant. This settlement comes in response to claims that the company…

CTM360 Discovers Increased Incidence of Phishing Attacks Aimed at Meta Business Users
A new global phishing threat identified as “Meta Mirage” has emerged, specifically targeting organizations that utilize Meta’s Business Suite. This campaign primarily focuses on hijacking high-value accounts associated with…

Microsoft Addresses Booting Challenges on Dual-Boot Windows and Linux Environments
Microsoft has addressed a significant issue that was preventing Linux from booting on dual-boot systems where Secure Boot was enabled, following the installation of the August 2024 Windows security…