Category: Security Affairs

A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting the energy, oil, and gas sectors. It abuses Microsoft’s ClickOnce deployment…

Read more →

Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten, and Mint Sandstorm) is targeting Israeli journalists, cybersecurity experts, and academics with phishing attacks,…

Read more →

British national Kai West, aka IntelBroker, was charged in U.S. for a global hacking scheme that stole and sold data, causing millions in damages. Kai West (25), a British national, has been charged in the U.S. for operating as ‘IntelBroker,’…

Read more →

Cisco released patches to address two critical vulnerabilities in ISE and ISE-PIC that could let remote attackers execute to code as root. Cisco addressed two critical vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, in Identity Services Engine (ISE) and ISE Passive…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet…

Read more →

New Citrix flaw ‘CitrixBleed 2’ lets attackers steal session cookies without logging in, echoing a previously exploited vulnerability. A new flaw in Citrix NetScaler ADC and Gateway, dubbed ‘CitrixBleed 2‘ (CVE-2025-5777, CVSS v4.0 Base Score of 9.3), can allow unauthenticated…

Read more →

Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks. Unknown threat actors are distributing a trojanized version of SonicWall NetExtender SSL VPN app to steal user credentials. The legitimate NetExtender app…

Read more →

Mainline Health Systems disclosed a data breach that impacted over 100,000 individuals. Mainline Health Systems is a nonprofit Federally Qualified Health Center founded in 1978 in Portland, Arkansas, serving Southeast Arkansas . With over 30 locations across multiple counties—including in-school…

Read more →

Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies. Current methods to stop cryptocurrecy mining botnets are pool bans…

Read more →

Prometei botnet activity has surged since March 2025, with a new malware variant spreading rapidly, Palo Alto Networks reports. Palo Alto Networks warns of a spike in Prometei botnet activity since March 2025, the researchers observed a new variant spreading…

Read more →

The U.S. House banned WhatsApp on official devices over security concerns, citing risks flagged by the Chief Administrative Officer. The U.S. House has banned WhatsApp on government devices due to data security concerns. Similar restrictions apply to AI tools like…

Read more →

Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell…

Read more →

U.S. warns of cyberattacks by pro-Iranian groups after launching airstrikes on Iran’s nuclear sites amid the Iran –Israel war starting June 13, 2025. The Iran conflict raises cyber threat levels in the U.S., with likely low-level attacks by pro-Iranian hacktivists…

Read more →

Canada and FBI warn of China-linked APT Salt Typhoon targeting Canadian telecom firms in ongoing cyber espionage operations. The Canadian Centre for Cyber Security and the FBI warn that China-linked APT cyber espionage group Salt Typhoon, is targeting Canadian telecom…

Read more →

The ransomware attack that hit McLaren Health Care in 2024 exposed the personal data of 743,000 individuals. McLaren Health Care is notifying over 743,000 people of a data breach discovered on August 5, 2024. McLaren discovered suspicious activity on its…

Read more →

American steel giant Nucor confirms hackers stole data in a May cyberattack, following its earlier disclosure of the incident. Nucor, North America’s largest steel maker, confirmed hackers stole some data in a May cyberattack, following its earlier disclosure of the…

Read more →

Cyber Fattah leaked thousands of records on athletes and visitors from past Saudi Games, per U.S.-based cybersecurity firm Resecurity. Resecurity (USA) identified the threat actors associated with the “Cyber Fattah” movement leaked thousands of records containing information about visitors and…

Read more →

UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M–£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category…

Read more →

Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying.…

Read more →

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran…

Read more →