A critical cybersecurity threat has surfaced targeting Microsoft Windows users, as detailed in the latest analysis of the FormBook malware. Documented in Part II of a comprehensive FormBook analysis blog, this malware variant poses a severe risk by enabling attackers…
Category: EN
MATLAB With Over 5 Million Customers Suffers Ransomware Attack
MathWorks, the Massachusetts-based developer of the widely used MATLAB programming platform, has confirmed that a ransomware attack severely disrupted its services for over a week, affecting millions of engineers, scientists, and students worldwide. The company finally disclosed the nature of…
Robinhood Ransomware Operator Charged for Attacking Government and Private Networks
An Iranian national has admitted his role in orchestrating one of the most damaging ransomware campaigns against U.S. infrastructure, marking a significant victory in international cybercrime prosecution. Sina Gholinejad, 37, pleaded guilty Tuesday in North Carolina federal court to charges…
APT36 & Sidecopy Hackers Attacks India’s Critical Infrastructure To Deploy Malware
A sophisticated cyber campaign dubbed Operation Sindoor has emerged as one of the most significant state-sponsored attacks targeting India’s critical infrastructure in 2025. The operation, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy, launched its initial assault on April 17,…
Securing Supply Chains – Mitigating Third-Party Risks
As global supply chains become increasingly complex and digitally interconnected, the risks posed by third-party vendors have moved from background concern to boardroom priority. In 2025, companies face a new reality: supply chain resilience is inseparable from third-party risk management,…
Hackers Mimic Popular Antivirus Site to Deliver VenomRAT & Steal Finance Data
Cybercriminals have launched a sophisticated malware campaign using a fake Bitdefender antivirus website to distribute a dangerous trio of malicious programs designed to steal financial data and maintain persistent access to victims’ computers. Security researchers have identified the fraudulent site…
Russian IT pro sentenced to 14 years forced labor for sharing medical data with Ukraine
The latest in a long line of techies to face Putin’s wrath A Russian programmer will face the next 14 years in a “strict-regime” (high-security) penal colony after a regional court ruled he leaked sensitive data to Ukraine.… This article…
BalkanID IGA Lite reduces identity risk and ensures compliance
BalkanID has unveiled its self-service Identity Governance and Administration (IGA) Lite Platform, offering flexibility and transparent pricing. Consisting of three streamlined modules: User Access Reviews (UAR) Lite, IAM Risk Analyzer Lite, and Lifecycle Management Lite, BalkanID’s IGA Lite is the…
Regulatory Compliance – Navigating Cybersecurity Laws
As digital threats escalate and technology rapidly evolves, regulatory compliance has become a defining challenge for organizations worldwide. In 2025, new and updated cybersecurity laws are reshaping how businesses protect data, manage risk, and demonstrate accountability. Navigating this complex legal…
Iranian Cyber Toufan Hackers Targeting Organizations To Steal Login Credentials
The digital battleground surrounding the Israel-Gaza conflict has intensified dramatically over the past year, with politically motivated threat actors launching sophisticated campaigns against Israeli organizations and their international partners. Among the most prominent of these groups is Cyber Toufan, an…
Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities
Google and Mozilla released patches for Chrome and FireFox to address a total of 21 vulnerabilities between the two browsers, including three rated high severity. The post Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article…
OneDrive Gives Web Apps Full Read Access to All Files
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload. The post OneDrive Gives Web Apps Full Read Access to All Files appeared first on…
Hackers Circulate Over 93 Billion Stolen User Cookies on the Dark Web
Web cookies, those ubiquitous pop-ups we routinely dismiss with a click, are small text files stored on your device by websites you visit. While cookies are essential for a seamless browsing experience—remembering your login, shopping cart, or language preferences—they also…
Location Tracking App for Foreigners in Moscow
Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence…
Mental Denial of Service: Narrative Malware and the Future of Resilience
Mental denial of service (DOS) is the manipulative content that hijacks the cognitive processing of individuals and institutions. The post Mental Denial of Service: Narrative Malware and the Future of Resilience appeared first on Security Boulevard. This article has been…
Attackers hit MSP, use its RMM software to deliver ransomware to clients
A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium confidence the threat…
Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware
A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware. The…
Robinhood Ransomware Operator Arrested for Attacks on Government and Private Networks
On May 27, 2025, Iranian national Sina Gholinejad, 37, pleaded guilty in a North Carolina federal court to charges of computer fraud and conspiracy to commit wire fraud, admitting his central role in the international Robbinhood ransomware campaign that targeted…
Proposed HIPAA Update Makes Yearly Pen Testing Mandatory
In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR). The proposed update to the HIPAA Security Rule, published on January…
CISA Releases Executive Guide on SIEM and SOAR Platforms for Rapid Threat Detection
In today’s rapidly evolving threat landscape, Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms have become foundational to organizational cybersecurity strategies. SIEM platforms collect, centralize, and analyze log data from diverse sources, such as…