217/68 Tuesday, June 17, 2025 Researchers from Symantec have disclosed a targeted ransomware attack carried out in May 2025 by the Fog Ransomware group against a financial company in Asia. The attackers employed a combination of penetration testing tools and monitoring software rarely seen in typical ransomware operations, including Syteca, GC2, Adaptix, and Stowaway. Notably, […]
216/68 Monday, June 16, 2025 Palo Alto Networks has released multiple security patches across its products, including fixes for seven privilege escalation vulnerabilities and a set of Chrome security updates for the Prisma Access Browser. The most critical flaw, CVE-2025-4232 (CVSS score: 7.1), is an improper neutralization of wildcards in the log collection feature of […]
215/68 Monday, June 16, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert on June 12, warning that ransomware groups are actively exploiting a critical vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software to breach victims in supply chain-style attacks. The flaw, tracked as CVE-2024-57727, affects SimpleHelp versions 5.5.7 and […]
214/68 Friday, June 13, 2025 Google and Mozilla have released critical security updates for their Chrome and Firefox browsers, addressing four high-severity memory-related vulnerabilities that could lead to remote code execution (RCE), data leaks, or remote system takeover. The fixes are included in Chrome version 137 and Firefox version 139, both rolled out on Tuesday, […]
213/68 Friday, June 13, 2025 INTERPOL, in collaboration with law enforcement agencies from 26 countries, has successfully dismantled a major cybercrime syndicate operating across the Asia-Pacific region under Operation Secure. The coordinated effort led to the arrest of 32 suspects in Vietnam, Sri Lanka, and Nauru, along with the seizure of 117 Command-and-Control (C2) servers […]
212/68 Thursday, June 12, 2025 SAP has released its June 2025 security updates, addressing multiple vulnerabilities, including a critical flaw in SAP NetWeaver tracked as CVE-2025-42989, with a CVSS score of 9.6. This vulnerability allows authenticated attackers to bypass authorization checks and escalate privileges, posing significant risks to system integrity and availability. The flaw resides […]
211/68 Thursday, June 12, 2025 Google has patched a significant security vulnerability that could have exposed users’ recovery phone numbers. The flaw allowed malicious actors to brute-force the recovery phone number associated with a Google account using only partial information—such as the account’s display name and a few known digits of the phone number. This […]
210/68 Wednesday, June 11, 2025 Global industrial technology company Sensata Technologies has issued a data breach notification to current and former employees following a ransomware attack that occurred in April 2025. The company confirmed that unauthorized access to internal systems took place between March 28 and April 6, 2025, during which threat actors were able […]
209/68 Wednesday, June 11, 2025 OpenAI has announced that it has suspended numerous ChatGPT accounts found to be linked to state-sponsored threat actors, particularly from Russia and China. The move follows internal investigations revealing that these accounts were being used to support malicious activities worldwide—including employment scams, social engineering, and cyber espionage. According to OpenAI’s […]
208/68 Tuesday, June 10, 2025 The FBI has issued a warning about the widespread outbreak of BadBox 2.0 malware, which is reportedly infecting millions of IoT devices globally. The affected devices are primarily manufactured in China, including smart TV boxes, projectors, and infotainment systems, many of which are preloaded with malware either during manufacturing or […]
