219/68 Wednesday, June 18, 2025 Cyber threat analysts from Google’s Threat Intelligence Group (GTIG) have warned that the hacker group Scattered Spider has shifted its focus to targeting insurance companies in the United States. The group is employing tactics previously seen in attacks on the retail sector in both the U.K. and the U.S. According […]
218/68 Tuesday, June 17, 2025 WestJet, the second-largest airline in Canada, has confirmed a cyberattack that disrupted access to its internal systems and applications. The incident caused service interruptions for some users, although the company emphasized that flight safety has not been affected. In response, WestJet has activated its incident response team to investigate and […]
217/68 Tuesday, June 17, 2025 Researchers from Symantec have disclosed a targeted ransomware attack carried out in May 2025 by the Fog Ransomware group against a financial company in Asia. The attackers employed a combination of penetration testing tools and monitoring software rarely seen in typical ransomware operations, including Syteca, GC2, Adaptix, and Stowaway. Notably, […]
216/68 Monday, June 16, 2025 Palo Alto Networks has released multiple security patches across its products, including fixes for seven privilege escalation vulnerabilities and a set of Chrome security updates for the Prisma Access Browser. The most critical flaw, CVE-2025-4232 (CVSS score: 7.1), is an improper neutralization of wildcards in the log collection feature of […]
215/68 Monday, June 16, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert on June 12, warning that ransomware groups are actively exploiting a critical vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software to breach victims in supply chain-style attacks. The flaw, tracked as CVE-2024-57727, affects SimpleHelp versions 5.5.7 and […]
214/68 Friday, June 13, 2025 Google and Mozilla have released critical security updates for their Chrome and Firefox browsers, addressing four high-severity memory-related vulnerabilities that could lead to remote code execution (RCE), data leaks, or remote system takeover. The fixes are included in Chrome version 137 and Firefox version 139, both rolled out on Tuesday, […]
213/68 Friday, June 13, 2025 INTERPOL, in collaboration with law enforcement agencies from 26 countries, has successfully dismantled a major cybercrime syndicate operating across the Asia-Pacific region under Operation Secure. The coordinated effort led to the arrest of 32 suspects in Vietnam, Sri Lanka, and Nauru, along with the seizure of 117 Command-and-Control (C2) servers […]
212/68 Thursday, June 12, 2025 SAP has released its June 2025 security updates, addressing multiple vulnerabilities, including a critical flaw in SAP NetWeaver tracked as CVE-2025-42989, with a CVSS score of 9.6. This vulnerability allows authenticated attackers to bypass authorization checks and escalate privileges, posing significant risks to system integrity and availability. The flaw resides […]
211/68 Thursday, June 12, 2025 Google has patched a significant security vulnerability that could have exposed users’ recovery phone numbers. The flaw allowed malicious actors to brute-force the recovery phone number associated with a Google account using only partial information—such as the account’s display name and a few known digits of the phone number. This […]
210/68 Wednesday, June 11, 2025 Global industrial technology company Sensata Technologies has issued a data breach notification to current and former employees following a ransomware attack that occurred in April 2025. The company confirmed that unauthorized access to internal systems took place between March 28 and April 6, 2025, during which threat actors were able […]
