Vulnerabilities
-
Turkish Espionage Group Exploits Messaging App Vulnerability to Target Kurdish Military
A Turkish espionage group, Marbled Dust, has exploited a zero-day vulnerability in the Output Messenger app to target the Kurdish military in Iraq, marking a significant shift in their cyber operations. Microsoft reveals that the attacks have been active since April 2024, urging users to upgrade their software to mitigate risk.
-
Moldova Arrests Suspect Linked to Major Ransomware Attacks on Dutch Companies
Moldovan police have arrested a 45-year-old man suspected of involvement in ransomware attacks against Dutch companies, including a significant incident impacting the Netherlands Organization for Scientific Research. The operation resulted in the seizure of over €84,000 in cash and various electronic devices.
-
GlobalX Airlines Confirms Cybersecurity Breach Within Network Infrastructure
GlobalX Airlines has confirmed a cybersecurity breach that has raised concerns over the potential theft of sensitive passenger data. The charter airline, which operates deportation flights for the US government, activated its incident response protocols to address the unauthorized access detected on May 5, 2025.
-
Major Data Breach Affects Hundreds of Thousands of Americans
A major data breach at Kelly Benefits has compromised the personal information of over 413,000 Americans, raising serious concerns about identity theft and fraud, as the firm offers credit monitoring services to affected individuals.
-
UK Launches New Software Security Code of Practice Amid Rising Cyber Threats
The UK has launched a voluntary Software Security Code of Practice aimed at enhancing the cybersecurity of software development amid rising threats. The initiative sets out 14 principles to guide vendors, emphasizing the importance of security throughout the software lifecycle. However, its voluntary nature raises concerns regarding the effectiveness of adherence and universal compliance.
-
Rising Threat: Fake AI Tools Spread Noodlophile Malware
A new wave of malware known as Noodlophile is being spread through counterfeit AI tools, misleading users into downloading malicious software under the guise of legitimate AI services.
-
Surge in Vulnerabilities Plagues SonicWall Devices, Heightening Cybersecurity Concerns
SonicWall faces a surge in vulnerabilities affecting its devices, with 20 disclosed in 2025, raising cybersecurity concerns as attackers exploit these weaknesses. The company’s efforts to patch vulnerabilities and enhance security features are underway as the threat landscape evolves.
-
Crisis in CVE Funding Sparks Urgent Rethink in Vulnerability Management
The funding crisis affecting the Common Vulnerabilities and Exposures (CVE) program has prompted urgent reassessments in how organizations manage vulnerabilities, highlighting the necessity for adapting security strategies amid a surge in disclosed vulnerabilities and evolving threats.
-
FBI Warns of Cybercriminal Exploitation of Outdated Routers
The FBI has issued a warning on the exploitation of end-of-life routers by cybercriminals who deploy malware to convert them into proxies for illicit activities. The advisory identifies several vulnerable router models, urging consumers to consider upgrading to secure alternatives.
-
Russian Hackers Deploy New LOSTKEYS Malware Using ClickFix Tactics
The Russian hacking group COLDRIVER has introduced LOSTKEYS, a new malware targeting Western advisors, journalists, and NGOs through deceptive tactics resembling ClickFix methods.
