LockBit has remained one of the most dominant ransomware-as-a-service (RaaS) groups in the world since its emergence as ABCD ransomware in 2019 and official launch as LockBit in 2020. Despite high-profile setbacks including international law enforcement takedowns in early 2024…
Tag: EN
U.S. Congressional Budget Office Hit by Cyberattack, Sensitive Data Compromised
The Congressional Budget Office (CBO), which serves as Congress’s official financial advisor, has been targeted in a suspected cyberattack by suspected foreign actors. The breach exposed sensitive financial research data that lawmakers rely on to make crucial budgeting decisions and…
Bank of England says JLR’s cyberattack contributed to UK’s unexpectedly slower GDP growth
This kind of material economic impact from online crooks thought to be a UK-first The Bank of England (BoE) has cited the cyberattack on Jaguar Land Rover (JLR) as one of the reasons for the country’s slower-than-expected GDP growth in…
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files. The post LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices appeared first on Unit 42. This article has…
Attackers Exploit Active Directory Sites to Escalate Privileges and Compromise Domain
Security researchers have uncovered a dangerous attack vector targeting Active Directory Sites, a critical yet often overlooked component of enterprise network infrastructure. According to a recent technical analysis by Quentin Roland, attackers can exploit ACL-based attack paths within AD Sites…
New Android Malware ‘Fantasy Hub’ Spies on Users’ Calls, Contacts, and Messages
Russian-based threat actors are actively distributing a sophisticated Android Remote Access Trojan called “Fantasy Hub” via Telegram-based Malware-as-a-Service channels, marking a significant escalation in mobile-focused cybercrime. Fantasy Hub represents a dangerous convergence of advanced evasion techniques, social engineering tactics, and…
Mexico City Is the Most Video-Surveilled Metropolis in the Americas
Despite 83,000 public cameras, crime in Mexico City remains high—and widespread surveillance raises myriad ethical issues. This article has been indexed from Security Latest Read the original article: Mexico City Is the Most Video-Surveilled Metropolis in the Americas
‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones
A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch. This article has been indexed from Security News | TechCrunch Read the original article: ‘Landfall’ spyware abused…
DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz
Google’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared. The post DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz appeared first on SecurityWeek. This article has been…
The Shift Toward Zero-Trust Architecture in Cloud Environments
As businesses grapple with the security challenges of protecting their data in the cloud, several security strategies have emerged to safeguard digital assets and ensure compliance. One such security strategy is called zero-trust security. Zero-trust architecture fosters the ‘never trust, always verify’ principle and emphasizes the need to authenticate users…
Attackers upgrade ClickFix with tricks used by online stores
Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded tutorial…
Chrome 142 Update Patches High-Severity Flaws
An out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution. The post Chrome 142 Update Patches High-Severity Flaws appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome…
The Congressional Budget Office Was Hacked. It Says It Has Implemented New Security Measures
The Congressional Budget Office confirmed it had been hacked, potentially disclosing important government data to malicious actors. The post The Congressional Budget Office Was Hacked. It Says It Has Implemented New Security Measures appeared first on SecurityWeek. This article has…
Simulating Cyberattacks to Strengthen Defenses for Smart Buildings
Smart buildings face rising IoT cyber threats. Learn how simulations, AI, and red or purple teaming can strengthen defenses and improve incident response. The post Simulating Cyberattacks to Strengthen Defenses for Smart Buildings appeared first on Security Boulevard. This article has been…
Enterprise Credentials at Risk – Same Old, Same Old?
Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made…
Motion Picture Association Takes Meta To Task Over PG-13 Label
Motion Picture Association tells Meta to disassociate its filters for teenagers’ Instagram accounts from PG-13 rating This article has been indexed from Silicon UK Read the original article: Motion Picture Association Takes Meta To Task Over PG-13 Label
Netherlands Believes Nexperia Chip Shipments Set To Resume
Dutch economy minister says he believes shipments of Nexperia chips from China to resume soon, as automakers experience shortages This article has been indexed from Silicon UK Read the original article: Netherlands Believes Nexperia Chip Shipments Set To Resume
Security vs. Compliance: What’s the Difference?
Security and compliance—a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. The truth is, they can be.…
Amazon WorkSpaces For Linux Vulnerability Let Attackers Extract Valid Authentication Token
Amazon has disclosed a significant security vulnerability in its WorkSpaces client for Linux that could allow unauthorized users to extract valid authentication tokens and gain unauthorized access to other users’ WorkSpaces. The vulnerability, tracked as CVE-2025-12779, affects multiple client versions…
Cavalry Werewolf Attacking Government Organizations to Deploy Backdoor for Network Access
In July 2025, a sophisticated hacker group known as Cavalry Werewolf executed a targeted campaign against Russian government institutions, compromising critical infrastructure through coordinated phishing operations. The discovery of this campaign reveals a complex attack chain designed to establish persistent…