Vulnerabilities
-
French Police Arrest Five Alleged BreachForum Operatives in Major Cybercrime Crackdown
French authorities have arrested five suspected operators of the BreachForum cybercrime forum, known for its role in trading stolen data affecting millions of individuals. The arrests were made during police raids in multiple regions.
-
Advanced Malware Campaign Targets WordPress Sites, Poses Major Risks to Users
Cybersecurity experts reveal a sophisticated malware campaign targeting WordPress websites, capable of stealing sensitive information and evading detection. Discovered by the Wordfence team, the malware employs innovative tactics, including fake checkout forms and Cloudflare brand impersonation.
-
North Korea-Linked Malicious npm Packages Expose Developers to Security Risks
Cybersecurity researchers have uncovered a new wave of malicious npm packages linked to North Korean threat actors, raising significant concerns for software developers. The covert operation targets job seekers and developers, exposing them to sophisticated supply chain attacks designed to steal sensitive information and compromise systems.
-
APT28 Hackers Exploit Signal to Deploy Advanced Malware Against Ukraine
CERT-UA has issued an urgent warning about APT28’s sophisticated malware deployment using Signal to target Ukrainian entities. The introduction of BEARDSHELL and COVENANT signifies an alarming escalation in cyber threats.
-
Cybersecurity Alert: Hackers Target 65 Microsoft Exchange Servers Worldwide
Hackers are increasingly targeting Microsoft Exchange servers to inject credential-harvesting keyloggers, affecting 65 organizations across 26 countries. Positive Technologies reported these attacks utilize JavaScript vulnerabilities, emphasizing the urgent need for enhanced cybersecurity practices.
-
China-Linked Cyber Espionage Campaign Targets Global Telecoms
A cyber espionage campaign linked to China is targeting global telecommunications providers, exploiting critical vulnerabilities in Cisco software to gain unauthorized access to sensitive information. Authorities are warning that the implications of these attacks extend beyond the telecommunications sector.
-
McLaren Health Care Reports Data Breach Affecting 743,000 Patients
McLaren Health Care has confirmed a data breach affecting 743,000 patients, linked to a ransomware attack from July 2024. The breaches revealed sensitive information and follow a previous incident impacting 2.2 million individuals.
-
New XDigo Malware Targets Eastern European Governments Using LNK Flaw
The XDigo malware, linked to the cyber espionage group XDSpy, has been identified as a prominent threat targeting Eastern European government agencies, exploiting a vulnerability within Windows shortcut files for its deployment.
-
Critical Vulnerability in WordPress Motors Theme Exploited by Hackers
Hackers are exploiting a significant vulnerability in the WordPress “Motors” theme, allowing them to take control of administrator accounts and jeopardize website security. The flaw, known as CVE-2025-4322, was flagged by Wordfence which reports extensive attacks targeting user accounts.
-
Serious Vulnerability Found in Zyxel Devices Sparks Security Concerns
A serious vulnerability, CVE-2023-28771, affects Zyxel devices, prompting warnings from cybersecurity experts after a spike in exploit attempts was detected. Owners are urged to secure their devices against potential threats.
