Blacklock ransomware, also known as “El Dorado” or “Eldorado,” emerged as one of the most aggressive ransomware-as-a-service (RaaS) operations in early 2025. The group rapidly accelerated attacks across multiple sectors including electronics, academia, religious organizations, defense, healthcare, technology, and government…
Tag: EN
Cloudflare Announces OpenPubkey SSH to Integrate Single-Sign-on With SSH
Cloudflare announced the open-sourcing of OPKSSH (OpenPubkey SSH) on March 25, 2025. This technology integrates single sign-on (SSO) with SSH authentication, eliminating the need for manual SSH key management. Previously owned by BastionZero (acquired by Cloudflare), the code has been…
Meta AI Will Begin Rolling Out Across 41 European Countries
After nearly a year of regulatory hurdles, Meta has finally begun deploying its conversational AI assistant across the European Union and neighboring countries this week. The rollout, which covers 41 European countries and 21 overseas territories, marks Meta’s largest global…
GLPI Open-source ITSM Tool Vulnerability Let Attackers Inject Malicious SQL Queries
A critical vulnerability in GLPI, a widely-used open-source IT Service Management (ITSM) platform tracked as CVE-2025-24799, enables unauthenticated attackers to perform SQL injection attacks through the inventory endpoint. This flaw can lead to remote code execution (RCE), potentially resulting in…
Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages. The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and they found it. There’s currently no indication that the Firefox bug (CVE-2025-2857)…
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and…
Safeguarding Patient Data and Embracing Emerging Technologies
The healthcare industry is particularly vulnerable to cybersecurity threats due to the valuable data it processes; Protected Health Information (PHI) is among the most sensitive and valuable data in existence. As the past few years have shown, the consequences of…
Mozilla fixed critical Firefox vulnerability CVE-2025-2857
Mozilla addressed a critical vulnerability, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Mozilla has released security updates to address a critical flaw, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Recently, Google addressed a similar vulnerability, tracked…
Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Cisco Talos is actively tracking an ongoing campaign, targeting users in Ukraine with malicious LNK files which run a PowerShell downloader since at least November 2024. This article has been indexed from Cisco Talos Blog Read the original article: Gamaredon…
How businesses can manage their dark web exposure in 2025
The ‘dark web’ – a segment of the internet that often requires distinct access methods – has long been a hub for cybercrime that hackers adopted as a safe haven to trade data leaks, hacking tools and all things related…
Kuala Lumpur Airport Suffered Cyberattack – Hackers Demanded US$10 Million Ransom
Malaysia’s Prime Minister Anwar Ibrahim confirmed on Tuesday that hackers demanded a US$10 million ransom following a sophisticated cyberattack that disrupted critical systems at Kuala Lumpur International Airport (KLIA) over the weekend. The security breach, which occurred on March 23,…
Weaponized Google Ads Attacking DeepSeek Users to Deliver Malware
Cybercriminals have launched a sophisticated attack campaign leveraging Google’s sponsored search results to target users searching for DeepSeek, the increasingly popular AI platform. The attack uses convincingly crafted fake advertisements that appear at the top of Google search results, mimicking…
Mozilla Releases Urgent Patch for Windows Users Following Recently Exploited Chrome Zero-day
Mozilla has released an emergency security update for its Firefox browser on Windows systems to address a critical vulnerability that could allow attackers to escape browser sandboxes and potentially gain control of affected systems. The patch comes shortly after Google…
New Lucid PhAAS Platform Leveraging RCS & iMessage to Bypass Detections
A sophisticated new phishing platform named Lucid has emerged as a significant cybersecurity threat, targeting 169 entities across 88 countries globally. Developed by Chinese-speaking threat actors, this Phishing-as-a-Service (PhAAS) platform operates through 129 active instances and over 1,000 registered domains.…
New ‘Lucid’ Phishing Platform Abuses iMessage, Android RCS to Slip Past Defenses
A sophisticated cybercrime service known as “Lucid” is exploiting vulnerabilities in Apple’s iMessage and Android’s Rich Communication Services (RCS), allowing cyberthieves to conduct large-scale phishing attacks with alarming success. Operated by Chinese-speaking threat actors, this Phishing-as-a-Service (PhaaS) platform enables scammers…
Cyber Crisis Management Plan: Shield for Brand Reputation
Despite advances in security technology, cybersecurity attacks and data breaches are increasingly common as attackers keep discovering new vulnerabilities and infiltration methods. Organizations now understand that a cyberattack or data breach is often inevitable—it’s typically a question of when, not…
State of Cloud Security Report 2025
Key Insights and Strategies for Protecting Cloud Environments Introduction Cloud adoption is continuing to transform the IT infrastructure and security landscapes by delivering unmatched scalability and flexibility. Multi-cloud strategies further enhance these advantages but introduce unique challenges, prompting organizations to…
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. “PJobRAT can steal SMS messages, phone contacts, device and app information,…