News
-
US, allies disrupt BlackSuit ransomware network; servers seized and funds frozen as researchers warn of rebranding to Chaos ransomware
U.S. and international partners disrupted the BlackSuit ransomware network, seizing servers and freezing about $1.09 million, while security researchers warn the group may have rebranded as Chaos ransomware and remain a threat.
-
Curly COMrades APT Targets Georgia and Moldova, Leveraging Ngen for Persistence, Bitdefender Warns
A new cyber espionage campaign attributed to the Curly COMrades threat actor targets Georgia and Moldova, leveraging a mix of legitimate tools and a bespoke backdoor to establish long-term access and exfiltrate credentials, according to Bitdefender.
-
Manpower data breach affecting about 144,189 individuals; FBI investigating after RansomHub claim
ManpowerGroup disclosed a data breach affecting about 144,189 individuals, with attackers gaining access to systems between December 29, 2024 and January 12, 2025. The company is cooperating with the FBI and offering free credit monitoring through Equifax. The incident was linked to a claim by the RansomHub ransomware group, which reportedly stole about 500GB of…
-
Security Flaw in Carmaker’s Online Portal Exposed Customer Data and Could Permit Remote Vehicle Access, Researchers Say
A security flaw in a major carmaker’s online dealer portal exposed customer data and could have enabled attackers to remotely unlock vehicles, prompting a fix in February 2025. Discovered by researcher Eaton Zveare, the vulnerability was described as a serious risk that underscores ongoing cybersecurity challenges in automotive online systems.
-
Netherlands says CVE-2025-6543 in Citrix NetScaler exploited to breach critical organizations
The Netherlands’ National Cyber Security Centre warned that CVE-2025-6543 in Citrix NetScaler was exploited to breach multiple critical organizations, turning a memory overflow vulnerability into remote code execution and prompting urgent upgrades to patched versions.
-
9GB Data Leak From Alleged North Korean Hacker Surfaces at DEF CON
Two hackers released a 9GB archive reportedly from a North Korean operator during DEF CON, with the material—including logs, credentials, and scripts—made available via DDoSecrets and published on Phrack; the data has been indexed and deemed authentic by researchers, though attribution remains uncertain.
-
WinRAR Addresses Critical Zero-Day Vulnerability Exploited in Active Attacks
WinRAR has released an urgent update to address a critical zero-day vulnerability, CVE-2025-8088, that is actively being exploited to execute arbitrary code through malicious archive files. Users are strongly advised to upgrade to version 7.13.
-
Over 29,000 Microsoft Exchange Servers Remain Vulnerable to Severe Exploit
Over 29,000 Microsoft Exchange servers remain unpatched against a critical security flaw, CVE-2025-53786, which allows attackers to escalate privileges and potentially compromise entire domains. This vulnerability has prompted emergency directives from U.S. federal agencies to enforce patching.
-
Connex Credit Union Faces Data Breach Affecting Over 172,000 Members
Connex Credit Union has disclosed a data breach affecting over 172,000 members, revealing unauthorized access to personal and financial information, while warning members about potential phishing scams.
-
U.S. Federal Judiciary Confirms Cyberattack on Case Management System
The U.S. Federal Judiciary has confirmed a cyberattack on its electronic case management systems, leading to increased cybersecurity measures to protect sensitive court documents. Enhanced protections are in response to rising sophisticated cyber threats affecting public and private sectors. The breach reportedly exposed confidential information across multiple federal districts.
