Risk
-
Indian Police Crack Down on Cybercriminal Syndicate with Ties to Southeast Asia
Andhra Pradesh police arrest 33 individuals involved in a cybercrime syndicate modeled after Southeast Asian operations, revealing a complex fraud scheme targeting customers in the US, Australia, and the UK.
-
New Russian Cyberespionage Group Linked to Dutch Police Data Breach
A newly identified Russian cyberespionage group, Laundry Bear, has been connected to a serious data breach of the Dutch police, raising concerns over the security of sensitive information within European Union and NATO contexts.
-
Chinese Hackers Exploit Zero-Day Vulnerability in Cityworks, Warns Cisco Talos
Cisco Talos has raised alarms over active cyberattacks by Chinese hackers exploiting a zero-day vulnerability in Trimble Cityworks, affecting local U.S. government agencies and enabling remote code execution.
-
Critical XSS Vulnerability in Zimbra Collaboration Suite Exploited by Hackers
A critical XSS vulnerability (CVE-2024-27443) has been discovered in Zimbra’s CalendarInvite feature, exploited by the Sednit hacking group. Users are urged to patch their systems urgently.
-
Critical Flaw Discovered in Windows Server 2025 Poses Risk to Active Directory Users
A critical security vulnerability in Windows Server 2025, discovered by Akamai researchers, poses serious risks to Active Directory users, enabling potential attackers to gain unauthorized access to any AD user account. With Microsoft yet to release a patch, organizations are urged to implement immediate protective measures.
-
Chinese Cyber Spies Exploit Ivanti EPMM Flaws to Target EU and US Organizations
A Chinese cyber espionage group has been exploiting critical vulnerabilities in Ivanti’s software to breach various organizations across Europe and the United States, raising alarms over the potential security risks. The two vulnerabilities, CVE-2025-4427 and CVE-2025-4428, have enabled attackers to gain unauthorized access to sensitive data and systems.
-
Security Flaw in GitLab’s AI Assistant Exposes Source Code to Attackers
A significant vulnerability in GitLab’s AI coding assistant, Duo, has been discovered, allowing potential theft of source code and injection of malicious instructions, prompting urgent security measures from GitLab.
-
Coca-Cola Faces Cyberattack Threats from Everest and Gehenna Ransomware Groups
Coca-Cola and its bottling partner, Coca-Cola Europacific Partners (CCEP), are facing cyberattack threats from Everest and Gehenna, as both groups claim to have breached the company’s systems and stolen sensitive data.
-
International Law Enforcement Operation Takes Down Major Ransomware Infrastructure
An international crackdown dubbed Operation Endgame has led to the seizure of 300 servers and 650 domains tied to ransomware activities, successfully disrupting several major cybercrime operations and recovering significant cryptocurrency.
-
Critical Vulnerability in Windows Server 2025 Exposes Active Directory to Domain Compromise
A critical vulnerability in Windows Server 2025 allows attackers to exploit Active Directory security features, posing risks of full domain compromise. The vulnerability, dubbed the ‘BadSuccessor’ attack, enables unauthorized users to inherit privileges from legitimate accounts without detection, prompting urgent patch development from Microsoft.
