Cybercrime
-
Microsoft and CrowdStrike Collaborate to Standardize Cyber Threat Actor Taxonomies
Microsoft and CrowdStrike have announced a strategic collaboration to unify their cyber threat actor taxonomies, enhancing the ability of security professionals to analyze and respond to cyber threats by reducing confusion among different aliases used for hacking groups.
-
Cartier Reports Data Breach Amid Growing Cybersecurity Concerns in Fashion Industry
Cartier has reported a data breach that exposed customer information, including names and email addresses. The company assures that no sensitive data was compromised and advises customers to remain vigilant against potential phishing attacks.
-
The North Face Alerts Customers Following Latest Credential Stuffing Attack
The North Face has alerted customers of a credential stuffing attack that exposed personal information on April 23, 2025. This incident marks the fourth such attack on the company since 2020, raising significant concerns about cybersecurity practices in the retail sector.
-
Google Addresses Active Exploit with Chrome Security Update
Google has released emergency fixes for its Chrome browser to address a critical vulnerability, CVE-2025-5419, that is being actively exploited in the wild. Users are urged to update to safeguard against potential threats.
-
Google Chrome to Disregard Certificates from Chunghwa Telecom and Netlock Starting August 2025
Google Chrome will stop trusting root CA certificates from Chunghwa Telecom and Netlock due to ongoing compliance failures, effective August 1, 2025. This decision will impact site access for users, leading to security warnings.
-
Nation-State Actor Breaches ConnectWise Customers’ ScreenConnect Instances
ConnectWise has disclosed that a nation-state actor compromised the ScreenConnect cloud instances of some customers, exploiting a vulnerability before a critical patch was implemented. The company is investigating the breach with the help of forensic experts.
-
MainStreet Bancshares Reports Data Breach Affecting Customer Information
MainStreet Bancshares has disclosed a data breach that affected a significant portion of its customer base due to an incident involving a third-party provider. The bank reported to the SEC that its own infrastructure was unaffected, but the incident raises questions about cybersecurity in the banking sector.
-
Australia Mandates Reporting of Ransomware Payments by Victims
Australia has become the first nation to oblige ransomware attack victims to report extortion payments, affecting organizations with significant turnovers and enhancing government visibility into cybercrime.
-
Spear-Phishing Campaign Targets CFOs with Advanced Techniques
A sophisticated spear-phishing campaign has been identified, targeting CFOs across various sectors with the aim of deploying a legitimate remote access tool, Netbird, to gain unauthorized access to sensitive financial systems.
-
New Vulnerabilities Discovered in Linux Core Dump Handlers Pose Security Risks
Two vulnerabilities in Linux core dump handlers could allow local attackers to access sensitive information, prompting security warnings from Qualys and other vendors. Mitigation measures are being recommended to protect user data.
