Key TakeawaysZero-Day Discovery: Security researchers have identified two critical RCE flaws in Ivanti Endpoint Manager Mobile (EPMM) that are currently being exploited in the wild.Active…
Key TakeawaysOperational Impact: A significant network disruption has taken specific New Britain City Hall systems offline, though police and fire services remain fully operational.Incident Response:…
Key TakeawaysVendor Compromise: Fintech firm Marquis attributes its recent data breach to a compromised SonicWall-managed firewall configuration.Ransomware Impact: The attack enabled threat actors to bypass…
Key TakeawaysThree groups: Activity linked to LABYRINTH CHOLLIMA now maps to three distinct adversaries.Focus: Two groups prioritize cryptocurrency revenue, while core operations remain focused on…
Key TakeawaysChatGPT uploads: Acting CISA director Madhu Gottumukkala uploaded contracting documents on ChatGPT, triggering security alerts.AI access exception: Gottumukkala received temporary permission to use ChatGPT,…
Key TakeawaysCyberGhost server misuse: BiuBiu VPN Chrome extension hijacked free servers; 20 million users affected; no data breached.Security discovery: Researchers found hidden traffic routing during…
Key TakeawaysPornhub UK block update: New UK users blocked from Feb 2; registration required; response to age verification rules.Age verification dispute: Company says rules push…
Key TakeawaysActive Exploitation: Attackers abused FortiCloud SSO trust to access unrelated customer devices using valid FortiCloud accounts.Emergency Mitigation: Fortinet temporarily disabled FortiCloud SSO and now…
Key TakeawaysSurfshark infrastructure security audit: Independent SecuRing audit found no critical flaws and confirmed strong protection against real-world cyber threats.Real-world attack testing: Systems were tested…
Unathi Thosago – Parliament of South Africa Unathi Thosago has been appointed chief information officer of South Africa’s Parliament, assuming responsibility for the institution’s information…
Key TakeawaysContract Termination: The U.S. Treasury canceled all 31 active contracts with Booz Allen Hamilton, due to failures to protect data.Insider Data Access: A former…
Cybercrime leaves no hiding place. In Athens, police dismantled a mobile base station operating from a car that made cyber operations fit in a parking…
Key TakeawaysOperational Error: A security failure exposed the INC ransomware group infrastructure, containing data exfiltrated from multiple victims.Data Recovery: Cybersecurity researchers accessed and recovered stolen…
Key TakeawaysService Impact: A significant outage is preventing enterprise customers in North America from accessing core services like Exchange Online, SharePoint, and Teams.Infrastructure Failure: Microsoft…
Key TakeawaysTargeted Doxing: A hacker using the alias "Vindex" has leaked the alleged personal data of senior officials from Spain’s Ministry of Transport.Political Motivation: The…
Key TakeawaysVishing Tactic: Sophisticated voice-based social engineering attacks combined with real-time phishing kits to target employees and steal Okta SSO credentials.MFA Bypass: Custom phishing platforms…
Key TakeawaysUK VPN consultation: Government launches review as Lords vote to ban VPNs for under-18s.House of Lords decision: Peers back VPN restrictions and social media…
Key TakeawaysSurfshark Android support update: Ends app updates for Android 5; Android 6+ devices remain fully supported.Reason for change: Older Android versions lack security patches,…
Key TakeawaysOpportunistic Threats: An increase in Venezuela-related domain registrations indicates that actors aim to exploit geopolitical uncertainty for financial fraud and PII harvesting.Operational Tactics: These…
Key TakeawaysUrgency Tactic: Attackers are impersonating LastPass in emails, falsely claiming imminent maintenance to pressure users into "backing up" their vaults within 24 hours.Credential Theft:…
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
