News
-
Coca-Cola Faces Cyberattack Threats from Everest and Gehenna Ransomware Groups
Coca-Cola and its bottling partner, Coca-Cola Europacific Partners (CCEP), are facing cyberattack threats from Everest and Gehenna, as both groups claim to have breached the company’s systems and stolen sensitive data.
-
International Law Enforcement Operation Takes Down Major Ransomware Infrastructure
An international crackdown dubbed Operation Endgame has led to the seizure of 300 servers and 650 domains tied to ransomware activities, successfully disrupting several major cybercrime operations and recovering significant cryptocurrency.
-
Cybercriminals Deploy Fake Ledger Apps to Steal Cryptocurrency Seed Phrases from macOS Users
Cybercriminals are increasingly using fake Ledger applications to steal seed phrases from macOS users, threatening their cryptocurrency assets. Reports from Moonlock Lab and Jamf highlight the evolution of these attacks, emphasizing the importance of downloading official applications and safeguarding sensitive data.
-
Critical Vulnerability in Windows Server 2025 Exposes Active Directory to Domain Compromise
A critical vulnerability in Windows Server 2025 allows attackers to exploit Active Directory security features, posing risks of full domain compromise. The vulnerability, dubbed the ‘BadSuccessor’ attack, enables unauthorized users to inherit privileges from legitimate accounts without detection, prompting urgent patch development from Microsoft.
-
Hackers Exploit Trimble Cityworks Vulnerability to Breach U.S. Local Governments
Chinese-speaking hackers have breached multiple U.S. local governments by exploiting a patched Trimble Cityworks vulnerability. The incident, attributed to the group UAT-6382, emphasizes the critical need for robust cybersecurity measures.
-
Critical SAMLify Vulnerability Exposes Single Sign-On Systems to Attacks
A critical vulnerability in the samlify library enables attackers to bypass Single Sign-On protections, posing a severe risk to authentication systems reliant on SAML. The flaw, tracked as CVE-2025-47949, has been assessed with a CVSS score of 9.9 out of 10.
-
Russian Cyberespionage Targets Aid Organizations Supporting Ukraine
A state-sponsored cyberespionage campaign attributed to the Russian group APT28 is targeting aid organizations linked to Ukraine, employing a variety of hacking techniques to disrupt humanitarian efforts and track aid shipments.
-
Global Authorities Disrupt Lumma Stealer Malware Operation
A coordinated effort by global authorities and tech companies has disrupted the Lumma Stealer malware operation, impacting its infrastructure and threatening its reach in the cybercrime market.
-
EU Imposes Sanctions on Stark Industries for Cyberactivity Facilitation
The European Union has imposed sanctions on Stark Industries, a web-hosting provider, and its executives for enabling cyberattacks and destabilizing activities that support Russian foreign policy, highlighting ongoing concerns regarding information manipulation and digital warfare.
-
Critical Vulnerability Discovered in Windows Server 2025 Threatens Active Directory Security
A recently discovered vulnerability in Windows Server 2025 allows attackers to escalate privileges within Active Directory, posing serious security risks until Microsoft releases a patch. Organizations are urged to take immediate precautions.
