Cybercrime
-
Source Code of SilverRAT Remote Access Trojan Leaked Online
The source code of the SilverRAT remote access trojan has leaked online, exposing its capabilities and raising concerns over cybersecurity risks as criminals may now exploit this tool.
-
Quantum Computing Breakthroughs Signal Urgent Need for Enhanced Encryption Measures
Recent research from Google Quantum AI reveals that a quantum computer with one million qubits could breach RSA-2048 bit encryption in just one week, highlighting an urgent need for organizations to adopt post-quantum cryptography measures sooner than previously anticipated.
-
NIST Introduces New Metric for Identifying Likely Exploited Vulnerabilities in Cybersecurity
NIST has introduced a new metric, Likely Exploited Vulnerabilities (LEV), to help organizations identify which software vulnerabilities are most likely to have been exploited in cyberattacks, calling for collaboration from the cybersecurity community to validate this methodology.
-
Cybersecurity Breaches Expose Sensitive Information and Target Malware Groups
Recent cybersecurity incidents have highlighted the vulnerability of sensitive information within government communications and exposed serious lapses in security among major corporations. Key developments include the breach of TeleMessage, ongoing law enforcement operations against malware groups, and alarming discoveries of unsecured databases containing millions of login credentials.
-
FBI Warns Law Firms of Rising Cyber Threats from Silent Ransom Group
The FBI has warned U.S. law firms of a growing cyber threat from the Silent Ransom Group, which has increased its focus on the legal sector since early 2023, employing phishing tactics and social engineering calls to access sensitive legal data.
-
Critical XSS Vulnerability in Zimbra Collaboration Suite Exploited by Hackers
A critical XSS vulnerability (CVE-2024-27443) has been discovered in Zimbra’s CalendarInvite feature, exploited by the Sednit hacking group. Users are urged to patch their systems urgently.
-
Chinese Cyber Spies Exploit Ivanti EPMM Flaws to Target EU and US Organizations
A Chinese cyber espionage group has been exploiting critical vulnerabilities in Ivanti’s software to breach various organizations across Europe and the United States, raising alarms over the potential security risks. The two vulnerabilities, CVE-2025-4427 and CVE-2025-4428, have enabled attackers to gain unauthorized access to sensitive data and systems.
-
Chinese Hackers Exploit Critical Flaw in Trimble Cityworks Software, Impacting U.S. Local Governments
Chinese hackers have exploited a critical vulnerability in Trimble Cityworks software, impacting local U.S. government systems. The flaw, now patched, allowed for remote code execution and malware delivery, with Chinese threat actors identified as the perpetrators. Trimble has urged users to update their systems to mitigate risks associated with this breach.
-
Russian-Aligned Group TAG-110 Targets Tajik Institutions in Espionage Campaign
Recorded Future’s Insikt Group has reported that Russian-aligned threat actor TAG-110 is intensifying its espionage campaign against Tajik institutions, leveraging phishing tactics and trojanized documents to further Russian interests in Central Asia.
-
Security Flaw in GitLab’s AI Assistant Exposes Source Code to Attackers
A significant vulnerability in GitLab’s AI coding assistant, Duo, has been discovered, allowing potential theft of source code and injection of malicious instructions, prompting urgent security measures from GitLab.
