Palo Alto Networks’ Unit 42, the cybercrime group tracked as Muddled Libra also known as Scattered Spider or UNC3944 has demonstrated remarkable resilience and adaptation in 2025, following international law enforcement disruptions in late 2024. Despite federal charges against five…
Tag: EN
New “ToolShell” Exploit Chain Attacking SharePoint Servers to Gain Complete Control
A critical new threat targeting Microsoft SharePoint servers through a sophisticated exploit chain dubbed “ToolShell.” This multi-stage attack combines previously patched vulnerabilities with fresh zero-day exploits to achieve complete system compromise, affecting SharePoint Enterprise Server 2016, SharePoint Server 2019, and…
Leak Zone Dark Web Forum Database Exposes 22 Million Users’ IP Addresses and Locations
A major cybersecurity breach has exposed the browsing activities of users visiting one of the internet’s most notorious illegal marketplaces. On Friday, July 18, cybersecurity firm UpGuard discovered an unprotected Elasticsearch database containing approximately 22 million records of web requests,…
Allianz Life Data Breach Impacts Most of 1.4 Million US Customers
Allianz subsidiary said the information of customers, financial professionals and employees was compromised as a result of a hack. The post Allianz Life Data Breach Impacts Most of 1.4 Million US Customers appeared first on SecurityWeek. This article has been…
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Picture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate mailbox—the front door for most attackers—is still guarded by what is effectively a 1990s-era filter. This isn’t a balanced approach.…
Naval Group Denies Hack Claims, Alleges “Reputational Attack”
Despite claims by a hacker, French defense company Naval Group has detected no intrusions into its IT environments at the time of writing This article has been indexed from www.infosecurity-magazine.com Read the original article: Naval Group Denies Hack Claims, Alleges…
Inside Laundry Bear: Unveiling Infrastructure, Tactics, and Procedures
Dutch intelligence agencies AIVD and MIVD, alongside Microsoft Threat Intelligence, have identified Laundry Bear also tracked as Void Blizzard as a sophisticated Russian state-sponsored advanced persistent threat (APT) group active since at least April 2024. This actor has focused on…
Scattered Spider targets VMware ESXi in using social engineering
Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software exploits. The cybercrime group Scattered Spider (aka 0ktapus, Muddled Libra, Octo Tempest, and UNC3944) is targeting VMware ESXi hypervisors in…
Microsoft SharePoint Zero-Day
Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to…
Women’s Dating App “Tea” Data Leak Exposes 13,000 User Selfies
Tea, a women-only dating safety app that allows users to review and share information about men they’ve dated anonymously, has suffered a significant data breach that exposed approximately 72,000 user images, including 13,000 sensitive selfies and photo identification documents submitted…
Threat Actors Claim Breach of Airpay Payment Gateway
Cybercriminals have reportedly claimed a successful breach of Airpay, an Indian payment gateway service, raising serious concerns about the security of financial data and customer information. The allegations surfaced on underground forums where threat actors are allegedly offering access to…
400,000 WordPress Websites Exposed by Post SMTP Plugin Vulnerability
A critical security vulnerability has been discovered in the popular Post SMTP plugin for WordPress, potentially exposing over 400,000 websites to account takeover attacks. The vulnerability, tracked as CVE-2025-24000, affects versions 3.2.0 and below of the plugin, allowing even low-privileged…
BlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site Seizure
The emerging Chaos ransomware appears to be a rebranding of BlackSuit, which had its leak site seized by law enforcement. The post BlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site Seizure appeared first on SecurityWeek. This article has been…
US Marine AI Start-Up Raises First External Funding
Following US Navy contract, start-up Spear AI raises $2.3m in funding to double headcount as it applies AI to subsea acoustic data This article has been indexed from Silicon UK Read the original article: US Marine AI Start-Up Raises First…
Tesla Plans San Francisco Robotaxi Launch This Weekend
Tesla chief executive reportedly tells staff Robotaxi service to launch as soon as this weekend, as company looks to offset declining sales This article has been indexed from Silicon UK Read the original article: Tesla Plans San Francisco Robotaxi Launch…
JD.com In Advanced Talks To Buy German Electronics Chain
Chinese e-commerce giant JD.com in advanced talks to buy German retail chain operator Ceconomy as it seeks European expansion This article has been indexed from Silicon UK Read the original article: JD.com In Advanced Talks To Buy German Electronics Chain
Malicious ISO File Used in Romance Scam Targeting German Speakers
Sublime Security reveals a cunning romance/adult-themed scam targeting German speakers, leveraging Keitaro TDS to deliver an AutoIT-based malware loader. Learn how this sophisticated campaign operates, its deceptive tactics, and the hidden payload. This article has been indexed from Hackread –…
Hackers Compromise Intelligence Website Used by CIA and Other Agencies
Unidentified hackers have successfully breached a critical intelligence website used by the CIA and other U.S. agencies to manage sensitive government contracts, according to the National Reconnaissance Office (NRO), the spy satellite service that operates the compromised platform. The cyberattack…
12 Best Infrastructure Monitoring Tools in 2025
Infrastructure monitoring tools are critical for ensuring IT infrastructure’s optimal performance, availability, and security. These tools provide comprehensive visibility into the health and status of various infrastructure components, including servers, networks, storage systems, and applications. Infrastructure monitoring tools help detect…
Hackers Breach Intelligence Portal Used by the CIA and Other Agencies
Unidentified hackers have successfully compromised a critical intelligence website operated by the National Reconnaissance Office, marking a significant security breach affecting the CIA and multiple government agencies. The attack targeted the Acquisition Research Center website, which serves as a crucial…