Policy
-
New XDigo Malware Targets Eastern European Governments Using LNK Flaw
The XDigo malware, linked to the cyber espionage group XDSpy, has been identified as a prominent threat targeting Eastern European government agencies, exploiting a vulnerability within Windows shortcut files for its deployment.
-
Critical Vulnerability in WordPress Motors Theme Exploited by Hackers
Hackers are exploiting a significant vulnerability in the WordPress “Motors” theme, allowing them to take control of administrator accounts and jeopardize website security. The flaw, known as CVE-2025-4322, was flagged by Wordfence which reports extensive attacks targeting user accounts.
-
Cyberattack Disrupts Iranian State-Owned Bank Amid Escalating Tensions
A cyberattack by the group Predatory Sparrow has taken Bank Sepah offline, disrupting services amid heightened military tensions between Iran and Israel. The attack underscores the rising prominence of cyber warfare in geopolitical conflicts.
-
Security Flaw in LangChain’s LangSmith Exposes Users to Data Theft
A security flaw in LangChain’s LangSmith platform has been revealed, allowing hackers to potentially intercept sensitive user data. The vulnerability has now been patched, but researchers caution about the risks associated with such cyber threats.
-
WestJet Investigates Cyberattack Disrupting Operations and Services
WestJet is investigating a cyberattack that has disrupted access to its internal systems and app, affecting service for users. The airline is working with law enforcement and Transport Canada to contain the situation.
-
Cloudflare Outage Not Linked to Security Incident, Data Remains Safe
Cloudflare has confirmed that a recent service outage was not caused by a security incident. The outage, which lasted 2.5 hours, stemmed from a failure in the underlying storage infrastructure affecting its crucial Workers KV system. The company assures that all user data remains safe and plans to enhance system resilience moving forward.
-
Trump Administration’s New Cybersecurity Executive Order Shifts Focus and Strategies
The Trump administration’s new cybersecurity executive order pivots sharply from past policies, introducing measures that aim to reinforce national security and tackle emerging digital threats while drawing criticism for its political implications and potential efficacy.
-
Hackers Exploit Voice Phishing to Breach Corporate Systems
A group of hackers known as UNC6040 is exploiting voice phishing to gain access to corporate systems, particularly targeting Salesforce, with tactics that rely on manipulating employees rather than exploiting technical vulnerabilities.
-
New PathWiper Malware Targets Ukrainian Infrastructure, Analysts Warn of Ongoing Cyber Threats
A new data wiper malware named PathWiper has targeted critical infrastructure in Ukraine, highlighting the ongoing cyber threats posed by advanced persistent threat actors linked to Russia. Cisco Talos has detailed the malware’s capabilities and its similarities with previously observed threats.
