Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant…
Category: Cybercrime
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, malware, Security
Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord
Stealit malware abuses Node.js SEA and Electron to spread via fake game and VPN installers shared on Mediafire and Discord. Fortinet FortiGuard Labs researchers spotted Stealit malware campaign abusing Node.js Single Executable Application (SEA) and sometimes Electron to spread via fake game and VPN installers on Mediafire and Discord. Fortinet uncovered the campaign while investigating…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…
Cybercrime, Global Security News, GXC Team, hacking, hacking news, Uncategorized
Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained
Spain’s Guardia Civil dismantled the cybercrime group “GXC Team” and arrested its 25-year-old Brazilian leader. Spanish Guardia Civil dismantled the “GXC Team” cybercrime group, arresting its 25-year-old Brazilian leader “GoogleXcoder.” The gang sold AI-powered phishing kits, Android malware, and voice-scam tools via Telegram and Russian forums, becoming a major supplier of credential theft tools in…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware
RondoDox Botnet targets 56 flaws across 30+ device types worldwide
RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, CCTV systems, and servers, active globally since June. Trend Micro researchers reported that the RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, NVRs, CCTV systems, and web servers, active globally since June. Experts noted that the latest…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Technology, Threats
SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal
A brute-force attack exposed firewall configuration files of every SonicWall customer who used the company’s cloud backup service, the besieged vendor said Wednesday. An investigation aided by Mandiant confirmed the totality of compromise that occurred when unidentified attackers hit a customer-facing system of SonicWall controls. The company previously said less than 5% of its firewall…
Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday. “We’re still assessing the scope of this incident,…
Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday. “We’re still assessing the scope of this incident,…
Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday. “We’re still assessing the scope of this incident,…
Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday. “We’re still assessing the scope of this incident,…
Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday. “We’re still assessing the scope of this incident,…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but…
Breaking News, Cybercrime, Global Security News, hacking, Security
DraftKings thwarts credential stuffing attack, but urges password reset and MFA
DraftKings warns of credential stuffing using stolen logins; No evidence of data loss, but users must reset passwords and enable MFA. A credential stuffing campaign is targeting the American sports gambling company DraftKings. Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords, usually obtained from previous data breaches, to try…
Breaking News, Cybercrime, Global Security News, hacking, Security
DraftKings thwarts credential stuffing attack, but urges password reset and MFA
DraftKings warns of credential stuffing using stolen logins; No evidence of data loss, but users must reset passwords and enable MFA. A credential stuffing campaign is targeting the American sports gambling company DraftKings. Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords, usually obtained from previous data breaches, to try…
Breaking News, Cybercrime, Global Security News, hacking, Security
DraftKings thwarts credential stuffing attack, but urges password reset and MFA
DraftKings warns of credential stuffing using stolen logins; No evidence of data loss, but users must reset passwords and enable MFA. A credential stuffing campaign is targeting the American sports gambling company DraftKings. Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords, usually obtained from previous data breaches, to try…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns
Storm-1175 exploits GoAnywhere MFT flaw CVE-2025-10035 in Medusa attacks, allowing easy remote code execution via License Servlet bug. A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability (CVE-2025-10035) in Medusa ransomware attacks for nearly a month. The vulnerability CVE-2025-10035 is a deserialization issue in the License Servlet of…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns
Storm-1175 exploits GoAnywhere MFT flaw CVE-2025-10035 in Medusa attacks, allowing easy remote code execution via License Servlet bug. A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability (CVE-2025-10035) in Medusa ransomware attacks for nearly a month. The vulnerability CVE-2025-10035 is a deserialization issue in the License Servlet of…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week. Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week. Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week. Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week. Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week. Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, Reports, Security
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups
The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal groups UNC6040 and UNC6395, which are increasingly targeting Salesforce platforms for data theft and extortion. “The Federal Bureau of Investigation (FBI) is…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
SonicWall firewalls targeted by fresh Akira ransomware surge
Researchers and authorities are warning that Akira ransomware attacks involving exploits of a year-old vulnerability affecting SonicWall firewalls are on the rise. A burst of about 40 attacks linked to CVE-2024-40766 hit SonicWall firewalls between mid-July and early August. Researchers have since observed another wave of ransomware attacks linked to active exploits of the defect,…
Breaking News, cyber crime, Cybercrime, Global Security News, North America, Security
Kosovo man pleads guilty to running online criminal marketplace BlackDB
Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to running the BlackDB cybercrime market. Kosovo police arrested Masurica on December 12, 2024 and he was extradited to the US. The online criminal marketplace BlackDB.cc has…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Jaguar Land Rover discloses a data breach after recent cyberattack
Jaguar Land Rover confirms a cyberattack caused factory disruptions and led to a data breach, compromising sensitive information. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack also impacted systems at the Solihull production plant. UK dealers reported JLR disruptions blocking car registrations…
Cybercrime, Cybersecurity, Financial, Global Security News, Money, Research
The npm incident frightened everyone, but ended up being nothing to fret about
Security professionals and observers across the industry got swept into a pit of fear Monday when an attacker took over and injected malicious code into a series of widely used open-source packages in the node.js package manager, or npm. Despite all that worry, the disaster that many presumed a foregone conclusion was averted and the…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, North America
KillSec Ransomware is Attacking Healthcare Institutions in Brazil
KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to leak sensitive data unless negotiations are initiated promptly. According to threat intelligence reporting by Resecurity, the root cause of the incident – data exfiltration from insecure AWS S3 bucket.…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, North America
KillSec Ransomware is Attacking Healthcare Institutions in Brazil
KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to leak sensitive data unless negotiations are initiated promptly. According to threat intelligence reporting by Resecurity, the root cause of the incident – data exfiltration from insecure AWS S3 bucket.…
Cybercrime, Cybersecurity, Department of Justice (DOJ), Global Security News, North America
U.S. indicts Ukrainian national for hundreds of ransomware attacks using multiple variants
The Department of Justice unsealed an indictment against a Ukrainian national alleged to be central to a ransomware campaign affecting hundreds of companies worldwide. Volodymyr Viktorovych Tymoshchuk, known online as “deadforz,” “Boba,” “msfv,” and “farnetwork,” is accused of developing and deploying ransomware variants Nefilim, LockerGoga, and MegaCortex, all of which have been used in attacks…
Cybercrime, Global Security News
Hacker übernehmen Youtube-Kanäle von Arte
Cyberkriminelle haben zeitweise zwei Youtube-Kanäle des Kultursenders Arte manipuliert. IgorGolovniov – shutterstock.com Unbekannte haben zwei Youtube-Kanäle des deutsch-französischen Kulturkanals Arte zeitweilig gehackt. Zwei der Accounts seien Ziel eines Hackerangriffs geworden, teilte der Sender auf Anfrage mit. “Der unautorisierte Zugriff wurde unterbunden, und wir betreiben eine umfassende Ursachen- und Umfangsanalyse.” Zuvor hatte das Portal “Medieninsider” berichtet.…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, malware
LunaLock Ransomware threatens victims by feeding stolen data to AI models
LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat landscape with a unique cyber extortion technique, threatening to turn stolen art into AI training data. Recently, the LunaLock group targeted the website Artists&Clients and…
Cybercrime, Cybersecurity, Financial, Global Security News, Money, North America, Threats
Treasury Department targets Southeast Asia scam hubs with sanctions
Federal authorities on Monday imposed sanctions on 19 people and organizations allegedly involved in major cyberscam hubs in Burma and Cambodia. “Criminal actors across Southeast Asia have increasingly exploited the vulnerabilities of Americans online,” Secretary of State Marco Rubio said in a statement. “In 2024, Americans lost at least $10 billion to scam operations in…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Salesloft Drift security incident started with undetected GitHub access
Salesloft pinned the root cause of the Drift supply-chain attacks to a threat group gaining access to its GitHub account as far back as March, the company said in an update Saturday. During a 10-day period in mid-August, the threat group compromised and stole data from hundreds of organizations. The threat group, which Google tracks…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack
Hackers breached Salesloft’s GitHub in March, stole tokens, and used them in a mass attack on several major tech customers. Salesloft revealed that the threat actor UNC6395 breached its GitHub account in March, stealing authentication tokens that were later used in a large-scale attack against several major tech customers. Salesforce data theft attacks impacted major…
Breaking News, Cybercrime, data breach, Global Security News, hacking
Canadian investment platform Wealthsimple disclosed a data breach
Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package. Canadian investment platform Wealthsimple disclosed a data breach that impacted some customers. The company discovered the security breach on August 30, which stemmed from a supply chain attack via a trusted third-party software package. “On August 30th,…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, hacking news, information security news
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean APT37 targeting South Korea Three Lazarus RATs coming for your cheese Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide Android Droppers: The Silent…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Qantas cuts executive bonuses by 15% after a July data breach MeetC2 – A serverless C2…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Qantas cuts executive bonuses by 15% after a July data breach
Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after a July cyberattack that exposed data of 5.7M people, despite posting $1.5B profit in the last fiscal year. This case study demonstrates that a security breach…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
SVG files used in hidden malware campaign impersonating Colombian authorities
VirusTotal uncovered an undetected malware campaign using SVG files that impersonated the Colombian justice system. VirusTotal researchers uncovered a phishing campaign using SVG files with hidden JavaScript to deploy fake Fiscalía General de la Nación login pages in Colombia and spread malware. VirusTotal noticed that, despite being outdated, SWF files are still abused in attacks.…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Sitecore zero-day vulnerability springs up from exposed machine key
An attacker exploited a zero-day vulnerability in Sitecore stemming from a misconfiguration of public ASP.NET machine keys that customers implemented based on the vendor’s documentation, according to researchers. The critical zero-day defect — CVE-2025-53690 — was exploited by the attacker using exposed keys to achieve remote code execution, Mandiant Threat Defense said in a report…
Cyber Threats, Cybercrime, Editor's Pick, Global Security News, Tutorials
How Web Developers Can Impact Climate Actions
Here, we will be showing you how to impact the climate as a web developer. As a web developer, you possess valuable skills and knowledge that can significantly impact climate action. Whether you’re just starting out or are a seasoned professional, you can make a difference in several ways. How Web Developers Can Impact Climate…
Cybercrime, Cybersecurity, Egypt, Global Security News, Government
Streameast, world’s largest pirated live sports network, shut down by Egyptian authorities
Streameast, the most popular and largest illicit live sports streaming network, was shut down following a coordinated law enforcement action conducted by Egyptian authorities last month, an antipiracy coalition of entertainment companies announced Wednesday. Egyptian authorities seized infrastructure powering Streameast and arrested two operators at their residences in El-Sheik Zaid, Egypt, a spokesperson for the…
AI, Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking
Crooks turn HexStrike AI into a weapon for fresh vulnerabilities
Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities. Check Point researchers warn that threat actors are abusing AI-based offensive security tool HexStrike AI to quickly exploit recently disclosed security flaws. HexStrike AI combines professional security tools with autonomous AI agents to deliver comprehensive security testing capabilities.…
Breaking News, Cybercrime, Global Security News, hacking, hacking news, Security
Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft
Jaguar Land Rover shut down systems after a cyberattack, disrupting production and retail, but says customer data likely remains safe. Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack occurred over the weekend, and it also impacted systems at the Solihull production plant. UK dealers reported…
AI, Cybercrime, Cybersecurity, Global Security News, Technology, Threats
Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler
Multiple security and technology companies have been swept up in a far-reaching attack spree originating at Salesloft Drift, including Cloudflare, PagerDuty, Palo Alto Networks, SpyCloud and Zscaler. Victim organizations continue to come forward as customers of the third-party AI chat agent hunt for evidence of compromise or receive notices from Salesloft and other companies involved…
Cybercrime, Cybersecurity, Exclusive, Global Security News, Government, Money
Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial
Authorities and threat intelligence analysts alike relish taking ransomware operators off the board. Holding cybercriminals accountable through arrest, imprisonment, or genuine reform creates a powerful deterrent and advances the ultimate goal of a safer internet for everyone. Getting to that point is a remarkably tough task for defenders. Ransomware attacks are often initiated by people…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security
Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info
Zscaler breach tied to Salesloft Drift attack exposed Salesforce data, leaking customer info and support case details in a supply-chain compromise. Zscaler discloses a data breach that is linked to the recent Salesloft Drift attack. The cybersecurity vendor confirmed it was affected by a campaign targeting Salesloft Drift, a marketing SaaS integrated with Salesforce. Threat…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships New zero-click exploit allegedly used…
Breaking News, cyber crime, Cybercrime, fake ID documents, Global Security News, hacking
US and Dutch Police dismantle VerifTools fake ID marketplace
US and Dutch authorities shut down VerifTools, a major fake ID marketplace selling documents to bypass KYC checks and access accounts. Law enforcement in the US and the Netherlands dismantled VerifTools, a major fake ID marketplace selling ID documents to bypass KYC checks and gain unauthorized access to online accounts. Authorities seized two marketplace domains…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security
Google: Salesloft Drift breach hits all integrations
Google warns that Salesloft Drift OAuth breach affects all integrations, not just Salesforce. All tokens should be treated as compromised. Google disclosed that the Salesloft Drift OAuth breach is broader than Salesforce, affecting all integrations. GTIG and Mandiant advise all customers to treat connected tokens as compromised. Attackers used stolen OAuth tokens to access some…
Cybercrime, Cybersecurity, Global Security News, Research, Technology, Threats
Salesloft Drift compromised en masse, impacting all third-party integrations
Salesloft Drift customers are compromised in a much more expansive downstream attack spree than previously thought, potentially ensnaring any user that integrated the AI chat agent platform to another service. “We’re telling organizations to treat any Drift integration into any platform as potentially compromised, so that increases the scope of victims,” Mandiant Consulting CTO Charles…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
200 Swedish municipalities impacted by a major cyberattack on IT provider
Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish municipalities, including Skellefteå, Mönsterås and Kalmar, disrupted services in over 200 municipalities and raised concerns of stolen sensitive data. The Swedish Privacy Agency confirmed that it has already received around 70…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
200 Swedish municipalities impacted by a major cyberattack on IT provider
Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish municipalities, including Skellefteå, Mönsterås and Kalmar, disrupted services in over 200 municipalities and raised concerns of stolen sensitive data. The Swedish Privacy Agency confirmed that it has already received around 70…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
200 Swedish municipalities impacted by a major cyberattack on IT provider
Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish municipalities, including Skellefteå, Mönsterås and Kalmar, disrupted services in over 200 municipalities and raised concerns of stolen sensitive data. The Swedish Privacy Agency confirmed that it has already received around 70…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
200 Swedish municipalities impacted by a major cyberattack on IT provider
Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish municipalities, including Skellefteå, Mönsterås and Kalmar, disrupted services in over 200 municipalities and raised concerns of stolen sensitive data. The Swedish Privacy Agency confirmed that it has already received around 70…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
200 Swedish municipalities impacted by a major cyberattack on IT provider
Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish municipalities, including Skellefteå, Mönsterås and Kalmar, disrupted services in over 200 municipalities and raised concerns of stolen sensitive data. The Swedish Privacy Agency confirmed that it has already received around 70…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, North America
TransUnion discloses a data breach impacting over 4.4 million customers
TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The company is one of the three major credit reporting agencies in the United States (alongside Experian and Equifax). It collects and maintains credit information on consumers…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, North America
TransUnion discloses a data breach impacting over 4.4 million customers
TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The company is one of the three major credit reporting agencies in the United States (alongside Experian and Equifax). It collects and maintains credit information on consumers…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, North America
TransUnion discloses a data breach impacting over 4.4 million customers
TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The company is one of the three major credit reporting agencies in the United States (alongside Experian and Equifax). It collects and maintains credit information on consumers…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, North America
TransUnion discloses a data breach impacting over 4.4 million customers
TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The company is one of the three major credit reporting agencies in the United States (alongside Experian and Equifax). It collects and maintains credit information on consumers…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
UNC6395 targets Salesloft in Drift OAuth token theft campaign
Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
UNC6395 targets Salesloft in Drift OAuth token theft campaign
Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
UNC6395 targets Salesloft in Drift OAuth token theft campaign
Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
UNC6395 targets Salesloft in Drift OAuth token theft campaign
Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat…
Cybercrime, Cybersecurity, Financial, Global Security News, Government, North America, Threats
Treasury sanctions North Korea IT worker scheme facilitators and front organizations
The Treasury Department on Wednesday expanded efforts to disrupt the pervasive North Korean technical worker scheme by imposing sanctions on people and organizations serving as facilitators and fronts for the country’s years-long conspiracy effort to defraud businesses and earn money despite international sanctions. Vitaly Sergeyevich Andreyev, Kim Ung Sun, Shenyang Geumpungri Network Technology and Korea…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Microsoft details Storm-0501’s focus on ransomware in the cloud
A financially motivated threat group operating since 2021 has refined its technical tradecraft, honing its focus on cloud-based systems that allow it to expand ransomware operations beyond the scope of on-premises infrastructure, Microsoft Threat Intelligence said in a report released Wednesday. By leveraging cloud-native capabilities, Storm-0501 has exfiltrated large volumes of data with speed, destroying…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Healthcare Services Group discloses 2024 data breach that impacted 624,496 people
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that impacted over 624,496 people, as per notification sent to the Maine Attorney General’s Office. Healthcare Services Group, Inc. (HCSG) is a U.S.-based company that provides housekeeping, laundry,…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Healthcare Services Group discloses 2024 data breach that impacted 624,496 people
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that impacted over 624,496 people, as per notification sent to the Maine Attorney General’s Office. Healthcare Services Group, Inc. (HCSG) is a U.S.-based company that provides housekeeping, laundry,…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Healthcare Services Group discloses 2024 data breach that impacted 624,496 people
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that impacted over 624,496 people, as per notification sent to the Maine Attorney General’s Office. Healthcare Services Group, Inc. (HCSG) is a U.S.-based company that provides housekeeping, laundry,…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Healthcare Services Group discloses 2024 data breach that impacted 624,496 people
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that impacted over 624,496 people, as per notification sent to the Maine Attorney General’s Office. Healthcare Services Group, Inc. (HCSG) is a U.S.-based company that provides housekeeping, laundry,…
Cybercrime, Cybersecurity, Exploits, Global Security News, Technology, Tenable, Threats
Citrix NetScaler customers hit by third actively exploited zero-day vulnerability since June
Citrix and cybersecurity researchers warn a critical, zero-day vulnerability affecting multiple versions of Citrix NetScaler products is under active exploitation. Citrix issued a security bulletin about the vulnerability — CVE-2025-7775 — and urged customers on affected versions to install upgrades Tuesday. The memory-overflow vulnerability, which has an initial CVSS rating of 9.2, can be exploited…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Farmers Insurance discloses a data breach impacting 1.1M customers
Farmers Insurance suffered a breach tied to Salesforce attacks, exposing data of 1.1M customers across its nationwide insurance network. Farmers Insurance disclosed a data breach affecting 1,071,172 customers, linked to the recent wave of Salesforce attacks, as per Bleeping Computer. The company is an American insurer group of vehicles, homes and small businesses and also…
AI, Cybercrime, Cybersecurity, Global Security News, Research, Threats
Hundreds of Salesforce customers impacted by attack spree linked to third-party AI agent
Google Threat Intelligence Group warned about a “widespread data theft campaign” that compromised hundreds of Salesforce customers over a 10-day span earlier this month. According to a report published Tuesday, researchers say a threat group Google tracks as UNC6395 stole large volumes of data from Salesforce customer instances by using stolen OAuth tokens from Salesloft…
AI, Cybercrime, Cybersecurity, Global Security News, Research, Threats
Hundreds of Salesforce customers impacted by attack spree linked to third-party AI agent
Google Threat Intelligence Group warned about a “widespread data theft campaign” that compromised hundreds of Salesforce customers over a 10-day span earlier this month. According to a report published Tuesday, researchers say a threat group Google tracks as UNC6395 stole large volumes of data from Salesforce customer instances by using stolen OAuth tokens from Salesloft…
AI, Asia Pacific, Breaking News, cyber crime, Cybercrime, Global Security News, malware
Malicious AI-generated npm package hits Solana users
AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets. The package was uploaded on July 28, 2025, and it was downloaded more than 1,500 times before takedown. “The package @kodane/patch-manager, is a sophisticated cryptocurrency wallet…
Cybercrime, Cybersecurity, Geopolitics, Global Security News, Ransomware, Research
Social engineering attacks surged this past year, Palo Alto Networks report finds
Social engineering — an expanding variety of methods that attackers use to trick professionals to gain access to their organizations’ core data and systems — is now the top intrusion point globally, attracting an array of financially motivated and nation-state backed threat groups. More than one-third (36%) of the incident response cases Palo Alto Networks’…
Cybercrime, Global Security News, social networking sites, Tips & Hacks, website filtering
Exclusive Tips To Stop Cyberbullying [For Teens, Parents & Schools]
Want tips to stop cyberbullying? Check out our tips exclusive for teens and parents. In today’s digital age, the prevalence of cyberbullying has become a concerning issue. With the widespread use of technology and social media platforms, individuals, particularly young people, can fall victim to online harassment, intimidation, and abuse. The impact of cyberbullying can…
Cybercrime, Cybersecurity, Exploits, Global Security News, Google, Research, Technology
Project Zero disclosure policy change puts vendors on early notice
Google this week changed how it publicly discloses vulnerabilities in a bid to give defenders early details about new software defects it discovers, shortening the early window of time between a vendor releasing a patch and customers installing the security update. Project Zero, Google’s squad of security researchers who find and study zero-day vulnerabilities, will…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security
PyPI maintainers alert users to email verification phishing attack
PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email verification” to redirect users to fake package sites. PyPI warns of an active phishing attack using fake “[PyPI] Email verification” messages from noreply@pypj[.]org, aiming to lure users to spoofed PyPI sites. PyPI, short for the Python Package Index, is the official repository for Python…