338/68 Friday, September 12, 2025 The KillSec ransomware group has claimed responsibility for a cyberattack against MedicSolution, a Brazilian healthcare software provider, threatening to leak stolen data if negotiations are not initiated. According to a report by Resecurity, the incident stemmed from data exfiltration via an unsecured AWS S3 bucket, which had been left exposed […]
337/68 Friday, September 12, 2025 Cybersecurity experts at Rapid7 have issued an urgent warning about escalating cyberattacks, as the Akira ransomware group has resumed exploiting vulnerabilities in SonicWall appliances. These include critical flaws that were already abused last year. Contrary to earlier suspicions of a new zero-day exploit, the attacks are leveraging known vulnerabilities such […]
336/68 Thursday, September 11, 2025 The recent incident involving the severing of undersea internet cables in the Red Sea over the weekend significantly reduced internet speeds in several countries, particularly in the Middle East, India, and Pakistan. The International Cable Protection Committee (ICPC) stated that the cause was most likely an accident related to maritime […]
335/68 Thursday, September 11, 2025 SAP has issued security updates addressing multiple vulnerabilities, including three critical flaws affecting SAP NetWeaver and one high-severity flaw in SAP S/4HANA. The details are as follows: In addition, CVE-2025-42957 (CVSS 9.9) in S/4HANA, which was patched in August 2025, has already been confirmed as under active exploitation. While there […]
334/68 Thursday, September 11, 2025 Qantas Group, Australia’s largest airline, announced a 15% reduction in short-term performance-based compensation for senior executives, including current CEO Vanessa Hudson, amounting to $250,000. The decision was made to demonstrate accountability for the cyberattack earlier this year, which had a significant impact on customers. The pay cut was disclosed in […]
333/68 Wednesday, September 10, 2025 North Korea’s Lazarus hacking group has been leveraging the ClickFix technique to trick job seekers in the crypto and blockchain sector through fake job interviews. Victims are instructed to copy and paste malware-laden commands onto their systems, enabling attackers to steal data, siphon funds, and generate revenue to support the […]
332/68 Wednesday, September 10, 2025 Cybersecurity researchers have uncovered a new malware campaign called GPUGate, which targets IT and software development companies. The attackers rely on malvertising via Google Ads to trick users searching for popular tools such as GitHub Desktop into downloading malicious files. A key feature of this campaign is the use of […]
331/68 Wednesday, September 10, 2025 A new report from Fortinet has revealed a cyberattack campaign involving MostereRAT (Mostere Remote Access Trojan), a malware specifically designed to stealthily infiltrate and maintain long-term control over Windows systems. What makes MostereRAT stand out is its use of an uncommon programming language, its ability to disable security software, and […]
330/68 Tuesday, September 9, 2025 On August 28, 2025, cybersecurity firm Mandiant disclosed findings from its investigation into a data leak involving the Drift application. The probe revealed that hackers had compromised Salesloft’s GitHub account between March and June 2025, during which they downloaded data from private repositories, added guest users, and created new workflows. […]
329/68 Tuesday, September 9, 2025 The National Cyber and Information Security Agency of the Czech Republic (NUKIB) has issued a warning about cyber threats linked to China, highlighting that Chinese technologies and equipment are increasingly infiltrating critical sectors such as energy, healthcare, transportation, and government agencies. This poses a risk to national security, particularly through […]
