News
-
Hackers Exploit Trimble Cityworks Vulnerability to Breach U.S. Local Governments
Chinese-speaking hackers have breached multiple U.S. local governments by exploiting a patched Trimble Cityworks vulnerability. The incident, attributed to the group UAT-6382, emphasizes the critical need for robust cybersecurity measures.
-
Critical SAMLify Vulnerability Exposes Single Sign-On Systems to Attacks
A critical vulnerability in the samlify library enables attackers to bypass Single Sign-On protections, posing a severe risk to authentication systems reliant on SAML. The flaw, tracked as CVE-2025-47949, has been assessed with a CVSS score of 9.9 out of 10.
-
Russian Cyberespionage Targets Aid Organizations Supporting Ukraine
A state-sponsored cyberespionage campaign attributed to the Russian group APT28 is targeting aid organizations linked to Ukraine, employing a variety of hacking techniques to disrupt humanitarian efforts and track aid shipments.
-
Global Authorities Disrupt Lumma Stealer Malware Operation
A coordinated effort by global authorities and tech companies has disrupted the Lumma Stealer malware operation, impacting its infrastructure and threatening its reach in the cybercrime market.
-
EU Imposes Sanctions on Stark Industries for Cyberactivity Facilitation
The European Union has imposed sanctions on Stark Industries, a web-hosting provider, and its executives for enabling cyberattacks and destabilizing activities that support Russian foreign policy, highlighting ongoing concerns regarding information manipulation and digital warfare.
-
Critical Vulnerability Discovered in Windows Server 2025 Threatens Active Directory Security
A recently discovered vulnerability in Windows Server 2025 allows attackers to escalate privileges within Active Directory, posing serious security risks until Microsoft releases a patch. Organizations are urged to take immediate precautions.
-
SK Telecom Confirms Massive Malware Breach Impacting Millions of Subscribers
SK Telecom has confirmed a substantial cybersecurity breach affecting the USIM data of around 27 million subscribers, with malware traces dating back to 2022. The company is taking extensive measures to secure its network, including offering free SIM replacements for affected customers.
-
Emerging Threat: Nitrogen Ransomware Targets Financial Sector in US, UK, and Canada
The Nitrogen ransomware strain has emerged as a significant threat to financial organizations in the US, UK, and Canada, encrypting crucial data and demanding hefty ransoms from victims. Cybersecurity experts warn that its sophisticated tactics pose a severe risk to unprepared entities.
-
Chinese Hackers Unleash MarsSnake Backdoor in Targeted Attacks on Saudi Organization
ESET has revealed that a China-aligned hacker group known as UnsolicitedBooker is targeting an unnamed Saudi Arabian organization with a new backdoor called MarsSnake, exploiting spear-phishing tactics to gain access to crucial information.
-
Malicious PyPI Packages Target Social Media Accounts, Researchers Warn
Cybersecurity researchers have identified malicious packages on the Python Package Index (PyPI) that exploit stolen email addresses to target TikTok and Instagram accounts, raising concerns about user security.
