Cybercrime
-
New Cybersecurity Threat Targets Over 80,000 Microsoft Entra ID Accounts
A new cybersecurity threat has surfaced, with over 80,000 Microsoft Entra ID accounts compromised by an account takeover campaign known as UNK_SneakyStrike, utilizing the TeamFiltration tool for malicious activities.
-
CISA Highlights Security Flaws in SinoTrack GPS Devices
CISA warns SinoTrack GPS device users about critical vulnerabilities allowing unauthorized access. Affected devices could be remotely controlled, including tracking vehicles and cutting off fuel. Users are urged to change default passwords immediately.
-
New AI Vulnerability Discovered in Microsoft 365 Copilot: ‘EchoLeak’
A new zero-click vulnerability known as ‘EchoLeak’ has been discovered in Microsoft 365 Copilot, enabling attackers to exfiltrate sensitive data without user interaction. While Microsoft has patched the flaw, experts advise businesses to enhance their cybersecurity measures to prevent future exploits.
-
Coordinated Cyber Attacks Target Tomcat Manager Interfaces
GreyNoise has warned of a surge in coordinated brute-force attacks targeting Apache Tomcat Manager interfaces, involving 295 unique malicious IP addresses. As attackers seek to exploit these vulnerabilities, experts recommend strengthening security measures to protect against unauthorized access.
-
Former Black Basta Affiliates Adapt Tactics Amid Ongoing Cyber Threats
Former members of the Black Basta ransomware operation have adapted their tactics, leveraging email phishing and Microsoft Teams phishing to gain access to networks. The report highlights the evolution of these cybercriminals even as the Black Basta brand faces challenges.
-
INTERPOL Disrupts Cybercrime Network by Dismantling 20,000 Malicious IPs
INTERPOL has successfully dismantled over 20,000 malicious IP addresses linked to information-stealing malware in a major operation involving law enforcement from 26 countries. This initiative underscores a collaborative global effort to combat the growing threat of cybercrime and protect sensitive data.
-
Microsoft Addresses Critical Zero-Day Vulnerability in June Security Update
Microsoft’s June security update addresses 66 vulnerabilities, including a critical zero-day exploit in WebDAV linked to the Stealth Falcon espionage group, posing risks to organizations worldwide.
-
Adobe Issues Major Security Patch Addressing 254 Vulnerabilities in Software Products
Adobe has released updates addressing 254 vulnerabilities, including major flaws in the Experience Manager (AEM) with implications for arbitrary code execution and privilege escalation, urging users to update to safeguard their systems.
-
Security Researchers Expose 40,000 Unprotected IoT Cameras, Raising Espionage Concerns
Researchers from Bitsight have exposed serious vulnerabilities in the security of around 40,000 internet-connected cameras globally, raising concerns over espionage and privacy for sensitive locations across the United States.
-
Texas Department of Transportation Reports Data Breach Affecting 300,000 Individuals
The Texas Department of Transportation has reported a data breach affecting approximately 300,000 individuals, with sensitive crash record information accessed by unauthorized actors on May 12, 2025.
