Cybercrime
-
UK Ministry of Justice Confirms Data Theft Affecting Legal Aid Applicants
The UK Ministry of Justice (MoJ) has confirmed a significant data breach affecting legal aid applicants, revealing potentially sensitive information, including personal and financial data, was stolen by cybercriminals. The MoJ is coordinating with the National Cyber Security Centre to enhance security and advises affected individuals to remain vigilant.
-
Mozilla Addresses Critical Vulnerabilities in Firefox Browser
Mozilla has issued critical security updates for Firefox to address two vulnerabilities exploited at Pwn2Own Berlin, which could allow attackers to access sensitive data or execute unauthorized code.
-
UK Health Officials Urge Tech Suppliers to Sign Cybersecurity Charter Amid Rising Ransomware Threats
UK health officials are urging tech suppliers to enhance cybersecurity measures by signing a public charter, as ransomware threats increasingly jeopardize NHS operations. This initiative underscores the need for cooperation among suppliers to address the rising frequency of cyber incidents impacting healthcare services.
-
Alabama State Investigates Cybersecurity Breach as Online Criminal Marketplace Operator Faces Charges
The Alabama state government is investigating a cybersecurity event affecting state systems, while a Kosovan man faces charges for operating a criminal marketplace selling stolen data. Both incidents illustrate rising concerns over cyber threats and information security.
-
New Tool ‘Defendnot’ Manipulates Windows Security to Disable Microsoft Defender
The newly developed tool ‘Defendnot’ exploits a Windows Security API to disable Microsoft Defender by masquerading as a fake antivirus product, raising significant security concerns about system manipulations.
-
New Python Backdoor Discovered, Linked to Pro-Ukraine Hackers
ReversingLabs has revealed a new malicious Python package, dbgpkg, designed to create backdoors on developers’ systems, suspected to be linked to a pro-Ukraine hacktivist group targeting Russian interests.
-
Broadcom Faces Data Theft Following Ransomware Attack on Payroll Partner
Broadcom has confirmed a data theft incident following a ransomware attack on its former payroll partner, Business Systems House. The breach affects sensitive employee data, prompting investigations and heightened security measures.
-
Google Fixes High-Severity Chrome Vulnerability Amid Ongoing Attacks
Google has fixed a critical vulnerability in Chrome, CVE-2025-4664, being actively exploited by attackers. CISA’s inclusion of this flaw in its known exploited vulnerabilities list underscores urgent calls for browser updates among federal agencies and private organizations alike.
-
FBI Alerts of Deepfake Fraud Campaign Targeting US Officials
The FBI has warned of a fraud campaign using deepfake technology to impersonate U.S. officials, aiming to extract sensitive login information from targets. The agency advises vigilance and verification of communications to prevent falling victim to these sophisticated scams.
-
Critical SAP NetWeaver Vulnerability Targeted by Ransomware and APT Groups
Ransomware and Chinese APT groups are exploiting a critical vulnerability in SAP’s NetWeaver, identified as CVE-2025-31324, which has a CVSS score of 10, enabling attackers to execute remote code without authentication.
