cybersecurity threats
-
Chinese Cyber Syndicates Laundering Millions through India’s Financial System
A new report reveals that Chinese cyber syndicates are laundering over $580 million annually in India through illegal payment gateways and fake apps, posing a significant risk to the country’s financial security and economic trust.
-
Supply Chain Attack Targets Popular npm Packages with Malware Injection
A supply chain attack has compromised several popular npm packages, with researchers warning that malicious code injected through phishing campaigns could exploit maintainers’ credentials, leading to potential remote code execution.
-
Active Exploitation Campaign Targets Microsoft SharePoint Zero-Day Flaw
A critical vulnerability in Microsoft SharePoint Server, tracked as CVE-2025-53770, is currently being exploited in a large-scale attack campaign, allowing unauthorized remote code execution. Organizations are urged to implement immediate protective measures.
-
TeleMessage SGNL Exposes Sensitive Data Due to Endpoint Misconfiguration
TeleMessage SGNL, a messaging application used by U.S. agencies, has been found exposing sensitive data due to outdated configurations. Cybersecurity experts are urging immediate action to address the vulnerabilities.
-
Critical Cisco ISE Vulnerability Allows Pre-Authentication Command Execution
Cisco has issued an urgent advisory regarding a critical vulnerability in its Identity Services Engine (ISE) that allows unauthorized command execution. Rated 10/10 in severity, it was discovered by Kentaro Kawane and reported via Trend Micro. Cisco emphasizes the need for immediate action.
-
Chinese Hackers Breach U.S. National Guard Network, Compromise Sensitive Data
The Chinese hacking group Salt Typhoon has breached a U.S. Army National Guard network, compromising sensitive data and raising alarms over national cybersecurity.
-
Cybersecurity Researchers Uncover Advanced Matanbuchus 3.0 Malware Targeting Microsoft Teams
Cybersecurity experts have identified a new variant of the Matanbuchus malware that exploits Microsoft Teams. This advanced loader has sophisticated stealth capabilities, enhancing its potential for evading detection and targeting company employees through social engineering tactics.
-
Cloudflare Confirms 1.1.1.1 Outage Stemmed from Internal Misconfiguration, Not Attack
Cloudflare confirmed that a recent outage of its 1.1.1.1 Resolver service was caused by an internal misconfiguration, dismissing concerns of a cyberattack or BGP hijack. The incident led to significant disruptions for users globally, with full restoration achieved within hours.
-
Operation Eastwood Dismantles Pro-Russian Cybercrime Network NoName057(16)
Operation Eastwood has effectively disrupted the operations of the pro-Russian hacktivist group NoName057(16), conducting extensive law enforcement activities across 12 countries, despite challenges posed by the group’s core members being located in Russia.
-
New Vulnerability Found in Google Gemini: Hidden Phishing Attacks Possible
A new vulnerability in Google Gemini could allow attackers to generate seemingly legitimate email summaries that contain hidden phishing instructions. Experts urge organizations to adopt enhanced security measures to counter this threat.
