McLaren Health Care, a major healthcare organization based in Grand Blanc, Michigan, has disclosed a significant data breach that compromised the personal information of 743,131 individuals nationwide. The breach notification, filed with the Office of the Maine Attorney General, reveals…
Tag: Cyber Security News
Hands-on Cybersecurity Threat Hunting Guide for SOC Analysts and MSSPs
This comprehensive guide provides SOC analysts and MSSP teams with practical threat hunting techniques using advanced threat intelligence platforms. Modern threat actors continuously develop sophisticated evasion techniques, making traditional detection methods insufficient for comprehensive security operations. The strategies outlined here…
Steelmaker Nucor Hacked – Attackers Gained Unauthorized Access to IT Systems
Charlotte-based steel giant Nucor Corporation disclosed a significant cybersecurity incident where threat actors gained unauthorized access to the company’s information technology infrastructure. The breach prompted temporary production shutdowns across multiple facilities as the company implemented emergency containment protocols and engaged…
Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Hacker Forums
A notorious threat actor has allegedly listed a previously unknown—or “0day”—exploit for Intelbras routers on a prominent hacker forum. This exploit poses significant risks for many users and organizations that rely on Intelbras hardware for their networking needs. The sale…
Microsoft Defender for Office 365 to Provide Detailed Results for Spam, Phishing or Clean Emails
Microsoft is set to revolutionize email security transparency with the introduction of AI-powered explanations for email submission results in Microsoft Defender for Office 365. This groundbreaking feature, leveraging large language models (LLMs), will provide clear, human-readable rationales for why messages…
Linux Firewall IPFire 2.29 Core Update 195 Released With VPN Protocol Support
IPFire has released Core Update 195 for version 2.29, marking a significant milestone with the introduction of native WireGuard VPN protocol support. This highly anticipated update transforms the open-source firewall distribution by integrating modern VPN capabilities alongside comprehensive security enhancements…
APT36 Hackers Attacking Indian Defense Personnel in Sophisticated Phishing Attack
A Pakistan-based cyber espionage group known as APT36 or Transparent Tribe has launched a highly sophisticated phishing campaign targeting Indian defense personnel, utilizing credential-stealing malware designed to establish long-term infiltration within sensitive military networks. The campaign represents a significant escalation…
Former JBLM Soldier Guilty of Attempting to Share Military Network Details with China
A former U.S. Army Sergeant with access to classified military intelligence systems has admitted to federal charges related to attempting to provide sensitive national defense information to Chinese authorities. Joseph Daniel Schmidt, 31, whose last assignment was at Joint Base…
RapperBot Attacking DVRs to Gain Access Over Surveillance Cameras to Record Video
A sophisticated botnet campaign targeting digital video recorders (DVRs) has emerged as a significant threat to surveillance infrastructure worldwide, with cybercriminals exploiting vulnerable IoT devices to build massive botnets capable of large-scale distributed denial-of-service attacks. RapperBot, a variant of the…
Shadow Vector Malware Weaponizes SVG Images to Deploy AsyncRAT and RemcosRAT
A sophisticated malware campaign dubbed Shadow Vector is actively targeting users in Colombia through malicious Scalable Vector Graphics (SVG) files that act as decoys for deploying dangerous remote access tools. The campaign distributes spear-phishing emails impersonating trusted Colombian institutions, particularly…
North Korean Hackers Weaponizes Github Infrastructure Used to Deliver Malware
A sophisticated cyber espionage campaign has emerged, demonstrating how North Korean threat actors are increasingly leveraging legitimate cloud platforms to distribute malware and establish persistent command and control infrastructure. Security researchers have uncovered a complex spearphishing operation that exploits GitHub’s…
DDoS Attack Crippling Financial Sectors, Leds to Multi-Day Outages
Recent DDoS attacks have evolved from mere nuisances to strategic threats capable of paralyzing financial institutions for extended periods. The financial services sector has emerged as the primary target of these sophisticated attacks, which are designed to overwhelm digital infrastructure…
Microsoft Family Safety Blocking All the Version of Chrome Browsers
Microsoft Family Safety’s recent update has triggered an unexpected system-wide blocking of Google Chrome browsers across all versions, creating significant operational challenges for educational institutions and families utilizing Windows devices with parental controls enabled. The issue, which emerged on June…
Microsoft Limits Windows 11 24H2 Restore Points From 90 to 60 Days
Microsoft has implemented a significant change to its Windows 11 system recovery functionality, reducing the retention period for system restore points from 90 days to 60 days in the latest security update. This modification affects Windows 11 version 24H2 users…
CoinMarketCap Doodle Image Vulnerability Triggered Malicious Code Through an API Call
CoinMarketCap, one of the world’s leading cryptocurrency data platforms, experienced a security vulnerability on June 20, 2025, when a doodle image on their homepage contained malicious code that triggered unauthorized API calls, resulting in unexpected pop-ups for users. The company’s…
Critical Meshtastic Vulnerability Let Attackers to Decrypt Private Messages
A critical security vulnerability has been discovered in Meshtastic firmware that could allow attackers to decrypt private messages sent between devices. The flaw, assigned a CVSS score of 9.5 out of 10, affects all versions above 2.5.0 and stems from…
Windows Screencast Snipping Tool Allow Users to Export Captures as GIF
Microsoft has begun rolling out a significant update to the Windows Snipping Tool that enables users to export screen recordings as GIF files, marking a notable enhancement to the productivity toolkit available on Windows 11. The new functionality, designated as…
SparkKitty Attacks iOS and Android Devices in Wild Via App Store and Google Play
Cybersecurity researchers have uncovered a sophisticated new spyware campaign called SparkKitty that has successfully infiltrated both Apple’s App Store and Google Play Store, marking a significant escalation in mobile malware distribution through official channels. This Trojan spy represents the latest…
BlueNoroff Hackers Weaponize Zoom App to Attack System Using Infostealer Malware
A sophisticated social engineering campaign leveraging the trusted Zoom platform has emerged as the latest weapon in the arsenal of North Korean state-sponsored hackers. The BlueNoroff group, a financially motivated subgroup of the notorious Lazarus Group, has been orchestrating targeted…
NCSC Warns of ‘UMBRELLA STAND’ Malware Attacking Fortinet FortiGate Firewalls
The UK’s National Cyber Security Centre (NCSC) has issued a critical warning about a sophisticated malware campaign dubbed “UMBRELLA STAND” that specifically targets internet-facing Fortinet FortiGate 100D series firewalls. This newly identified threat represents a significant escalation in attacks against…