Samsung Implements Security Patch for CVE-2025-4632 Exploited in Mirai Botnet Deployment via MagicINFO 9 Vulnerability
Samsung has implemented software updates to rectify a critical security vulnerability identified in the MagicINFO 9 Server, which has been the target of active exploitation.

This vulnerability, designated as…

Google Chrome Implements Restrictions on Admin-Level Browser Launches to Enhance Security Measures
Google is implementing a significant update to Chromium that modifies Google Chrome’s operational privileges to enhance security within Windows environments. This initiative aims to prevent the browser from running…

CISA Reverses Decision on Cybersecurity Advisory Modifications
The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily halted its plans to revamp the public cybersecurity advisory framework following significant backlash from the information security community.

Recently,…

Understanding Ransomware-as-a-Service: Analyzing the Scale of Cybercriminal Operations
Cyberattacks, particularly ransomware, present a significant financial threat to organizations of all sizes. The increasing sophistication and prevalence of these attacks compel enterprises to fortify their security measures and…

Exploitation of Zero-Day Vulnerability for Intelligence Operations Against Kurdish Forces by Turkish Group
Turkish-affiliated cyber espionage groups have deployed a zero-day vulnerability within widely used chat software to conduct operations against Kurdish military activities in Iraq, as reported by Microsoft Threat Intelligence.…

Google Agrees to $1.38 Billion Settlement Addressing Privacy Violations
The state of Texas has finalized a significant financial settlement with Google, amounting to $1.375 billion, to resolve two long-standing lawsuits stemming from allegations of deceptive data practices.

The…

BianLian and RansomExx Leverage SAP NetWeaver Vulnerability to Implement PipeMagic Trojan
At least two distinct cybercriminal organizations, BianLian and RansomExx, are reported to have exploited a security vulnerability in SAP NetWeaver, designated as CVE-2025-31324. This incident highlights that multiple threat…

Cybercriminals Involved in UK Retail Breaches Expanding Focus to U.S. Enterprises
Recent intelligence indicates that cybercriminals employing tactics associated with Scattered Spider, previously active against retail entities in the United Kingdom, have now expanded their focus to include retailers in…

Exploitation of New Fortinet and Ivanti Zero-Day Vulnerabilities Detected in the Wild
Fortinet and Ivanti have issued urgent alerts regarding the exploitation of new zero-day vulnerabilities affecting a variety of their products. On May 13, the companies released separate advisories, highlighting…

North Korean Cyber Operatives Misappropriated $88 Million by Impersonating U.S. Technology Professionals
North Korean cybercriminals have developed sophisticated tactics to secure remote IT positions within the United States. This strategy, which involves the use of fabricated identities, enables these threat actors…

Rising Threat Landscape: Cyberattacks Targeting Long Island Educational Institutions
In a troubling trend, more than 20 school districts throughout Long Island have experienced cyberattacks, resulting in the compromise of personal data belonging to over 10,000 students. Recent state…

Unskippable Advertisements Flood Android Users
Researchers have identified a highly adaptable ad fraud network known as Kaleidoscope, which inundates users with unskippable advertisements.

Typically, ad fraud does not actively concern users of compromised devices,…

Chrome Vulnerability Facilitates Cross-Origin Data Leakage Through Loader Referrer Policy
Google has recently issued updates to its Chrome web browser, addressing four security vulnerabilities, including one classified as being actively exploited in the wild. This high-severity vulnerability, designated as…

Ransomware Groups Engage in Ongoing Attacks Targeting SAP NetWeaver Systems
Ransomware groups have intensified their activities, joining existing attacks on SAP NetWeaver platforms by exploiting a critical vulnerability that enables remote code execution on unprotected servers.

SAP recently released…

European Law Enforcement Dismantles €3 Million Investment Fraud Syndicate
Law enforcement agencies across five regions have collaborated to dismantle an organized crime group involved in defrauding numerous victims, as reported by Europol. The notorious network has been implicated…

Prevalence of ‘Admin’ and ‘123456’ as Common Passwords in FTP Security Breaches
Weak passwords remain a significant vulnerability for FTP (File Transfer Protocol) servers, presenting substantial risks to data integrity and security. Recent findings underscore that a considerable number of FTP…

Dior Under Investigation and Fined in South Korea for Inadequate Data Breach Reporting; Sensitive Customer Information Compromised in China and South Korea
Luxury brand Dior is currently under scrutiny in South Korea due to its insufficient response to a recent data breach that compromised the personal information of its customers. Although…

Earth Ammit Compromises Drone Supply Chains through ERP Vulnerabilities in VENOM and TIDRONE Campaigns
A cyber espionage group identified as Earth Ammit is linked to two distinct campaigns targeting various sectors in Taiwan and South Korea from 2023 to 2024. These sectors include…

Google Addresses Critical Chrome Vulnerability with Active Public Exploit Mitigation
Google has issued critical security updates to address a high-severity vulnerability in the Chrome web browser that could enable attackers to gain unauthorized access to user accounts upon successful…

Ransomware Enters the Post-Trust Ecosystem, According to NCA Cybersecurity Expert
The ransomware landscape has transitioned into what is termed a “post-trust ecosystem,” characterized by fragmented and increasingly distrustful cybercrime groups operating amidst heightened law enforcement scrutiny. This assertion comes…