Risk
-
Fortinet patches critical FortiSIEM vulnerability CVE-2025-25256 as exploit code surfaces in the wild
Fortinet issued patches for a critical FortiSIEM vulnerability (CVE-2025-25256) after exploit code appeared in the wild. The flaw enables unauthenticated code execution through crafted CLI requests across multiple FortiSIEM versions. Upgrades to fixed releases are recommended, and administrators should limit access to the phMonitor port if upgrades are not feasible. Indicator coverage may be limited…
-
Charon Ransomware Campaign Targets Middle East Public Sector and Aviation, Analysts Say
A new ransomware family named Charon has been detected targeting the Middle East’s public sector and aviation, employing advanced techniques to evade detection and disrupt victims, with attribution still unclear and ongoing debate among researchers.
-
US, allies disrupt BlackSuit ransomware network; servers seized and funds frozen as researchers warn of rebranding to Chaos ransomware
U.S. and international partners disrupted the BlackSuit ransomware network, seizing servers and freezing about $1.09 million, while security researchers warn the group may have rebranded as Chaos ransomware and remain a threat.
-
Curly COMrades APT Targets Georgia and Moldova, Leveraging Ngen for Persistence, Bitdefender Warns
A new cyber espionage campaign attributed to the Curly COMrades threat actor targets Georgia and Moldova, leveraging a mix of legitimate tools and a bespoke backdoor to establish long-term access and exfiltrate credentials, according to Bitdefender.
-
Manpower data breach affecting about 144,189 individuals; FBI investigating after RansomHub claim
ManpowerGroup disclosed a data breach affecting about 144,189 individuals, with attackers gaining access to systems between December 29, 2024 and January 12, 2025. The company is cooperating with the FBI and offering free credit monitoring through Equifax. The incident was linked to a claim by the RansomHub ransomware group, which reportedly stole about 500GB of…
-
Netherlands says CVE-2025-6543 in Citrix NetScaler exploited to breach critical organizations
The Netherlands’ National Cyber Security Centre warned that CVE-2025-6543 in Citrix NetScaler was exploited to breach multiple critical organizations, turning a memory overflow vulnerability into remote code execution and prompting urgent upgrades to patched versions.
-
New Attack Technique Leveraging Windows Domain Controllers Threatens Cybersecurity
Researchers at SafeBreach have unveiled a new technique known as Win-DDoS, which exploits vulnerabilities in Windows domain controllers to facilitate powerful DDoS attacks. The findings highlight significant risks to cybersecurity, necessitating a reevaluation of current defenses against such threats.
-
Discovery of Malicious Go Packages Exposes Supply Chain Vulnerabilities
Recent cybersecurity research highlights a critical vulnerability in the Go programming ecosystem with the discovery of 11 malicious packages designed for covert data exfiltration on Windows and Linux systems. The malware exploits the decentralized nature of Go modules, undermining developer confidence.
-
Cisco Reveals Data Breach Affecting User Accounts Amid Vishing Attack
Cisco Systems has reported a data breach involving user accounts due to a voice phishing incident. Basic profile information was compromised, but the company asserts that no sensitive data was affected. Cisco is taking measures to strengthen security following the incident.
-
Stealthy PXA Stealer Targets Thousands Globally, Exposing Personal Data
The PXA Stealer malware has infected over 4,000 victims in 62 countries, leading to significant breaches of passwords, credit card data, and browser cookies, with stolen information sold on Telegram marketplaces.
