News
-
Chinese Cyber Spies Exploit Ivanti EPMM Flaws to Target EU and US Organizations
A Chinese cyber espionage group has been exploiting critical vulnerabilities in Ivanti’s software to breach various organizations across Europe and the United States, raising alarms over the potential security risks. The two vulnerabilities, CVE-2025-4427 and CVE-2025-4428, have enabled attackers to gain unauthorized access to sensitive data and systems.
-
Chinese Hackers Exploit Critical Flaw in Trimble Cityworks Software, Impacting U.S. Local Governments
Chinese hackers have exploited a critical vulnerability in Trimble Cityworks software, impacting local U.S. government systems. The flaw, now patched, allowed for remote code execution and malware delivery, with Chinese threat actors identified as the perpetrators. Trimble has urged users to update their systems to mitigate risks associated with this breach.
-
Russian-Aligned Group TAG-110 Targets Tajik Institutions in Espionage Campaign
Recorded Future’s Insikt Group has reported that Russian-aligned threat actor TAG-110 is intensifying its espionage campaign against Tajik institutions, leveraging phishing tactics and trojanized documents to further Russian interests in Central Asia.
-
CISA Reports Cyber Threats Targeting Commvault’s Azure SaaS Applications
CISA has issued a warning about cyber threat activity targeting Commvault’s Azure-hosted applications, potentially compromising client secrets and customer data. The agency has recommended preventative measures to safeguard against such attacks.
-
Security Flaw in GitLab’s AI Assistant Exposes Source Code to Attackers
A significant vulnerability in GitLab’s AI coding assistant, Duo, has been discovered, allowing potential theft of source code and injection of malicious instructions, prompting urgent security measures from GitLab.
-
Coca-Cola Faces Cyberattack Threats from Everest and Gehenna Ransomware Groups
Coca-Cola and its bottling partner, Coca-Cola Europacific Partners (CCEP), are facing cyberattack threats from Everest and Gehenna, as both groups claim to have breached the company’s systems and stolen sensitive data.
-
International Law Enforcement Operation Takes Down Major Ransomware Infrastructure
An international crackdown dubbed Operation Endgame has led to the seizure of 300 servers and 650 domains tied to ransomware activities, successfully disrupting several major cybercrime operations and recovering significant cryptocurrency.
-
Cybercriminals Deploy Fake Ledger Apps to Steal Cryptocurrency Seed Phrases from macOS Users
Cybercriminals are increasingly using fake Ledger applications to steal seed phrases from macOS users, threatening their cryptocurrency assets. Reports from Moonlock Lab and Jamf highlight the evolution of these attacks, emphasizing the importance of downloading official applications and safeguarding sensitive data.
-
Critical Vulnerability in Windows Server 2025 Exposes Active Directory to Domain Compromise
A critical vulnerability in Windows Server 2025 allows attackers to exploit Active Directory security features, posing risks of full domain compromise. The vulnerability, dubbed the ‘BadSuccessor’ attack, enables unauthorized users to inherit privileges from legitimate accounts without detection, prompting urgent patch development from Microsoft.
-
Hackers Exploit Trimble Cityworks Vulnerability to Breach U.S. Local Governments
Chinese-speaking hackers have breached multiple U.S. local governments by exploiting a patched Trimble Cityworks vulnerability. The incident, attributed to the group UAT-6382, emphasizes the critical need for robust cybersecurity measures.
