Vulnerabilities
-
Coordinated Scanning Operation Targets Exposed Systems in Japan
A recent coordinated reconnaissance campaign involving 251 malicious IP addresses aims at exploiting vulnerabilities in web infrastructure, according to cybersecurity firm GreyNoise. The firm warns that organizations should take immediate action to block these IPs to reduce exposure.
-
Iranian Hacker Pleads Guilty in Major Ransomware Case Involving Robbinhood Scheme
Sina Gholinejad, an Iranian national, has pleaded guilty in the U.S. for his role in a ransomware scheme that caused tens of millions in losses to American cities, including a significant attack on Baltimore, which suffered over $19 million in damages.
-
Significant BGP Incident Disrupts Global Internet Connectivity
A recent BGP messaging incident on May 20, 2025, led to major disruptions in internet connectivity, affecting multiple networks globally due to a corrupted BGP Update. Investigations revealed involvement from several major autonomous systems and highlighted the urgent need for improved error handling among network vendors.
-
NASA Faces Security Risks from Open Source Software Vulnerabilities
Recent findings by security researcher Leon Juranić reveal that NASA’s in-house developed open source software harbors serious vulnerabilities, posing risks of potential system breaches. With inadequate vulnerability reporting mechanisms and security practices observed, the findings call for immediate improvements to safeguard against cyber threats.
-
Everest Ransomware Group Leaks Sensitive Coca-Cola Employee Data
The Everest ransomware group has leaked sensitive employee data of 959 Coca-Cola employees, revealing personal and corporate information, heightening cybersecurity risks across the organization.
-
Adidas Reports Data Breach Following Hack of Customer Service Provider
Adidas has disclosed a data breach after attackers exploited a vulnerability in a third-party customer service provider, exposing customer contact data. The company has launched an investigation and is notifying affected consumers.
-
Chinese Hackers Exploit Zero-Day Vulnerability in Cityworks, Warns Cisco Talos
Cisco Talos has raised alarms over active cyberattacks by Chinese hackers exploiting a zero-day vulnerability in Trimble Cityworks, affecting local U.S. government agencies and enabling remote code execution.
-
Source Code of SilverRAT Remote Access Trojan Leaked Online
The source code of the SilverRAT remote access trojan has leaked online, exposing its capabilities and raising concerns over cybersecurity risks as criminals may now exploit this tool.
-
NIST Introduces New Metric for Identifying Likely Exploited Vulnerabilities in Cybersecurity
NIST has introduced a new metric, Likely Exploited Vulnerabilities (LEV), to help organizations identify which software vulnerabilities are most likely to have been exploited in cyberattacks, calling for collaboration from the cybersecurity community to validate this methodology.
-
Cybersecurity Breaches Expose Sensitive Information and Target Malware Groups
Recent cybersecurity incidents have highlighted the vulnerability of sensitive information within government communications and exposed serious lapses in security among major corporations. Key developments include the breach of TeleMessage, ongoing law enforcement operations against malware groups, and alarming discoveries of unsecured databases containing millions of login credentials.
