267/68 Thursday, July 24, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued a joint advisory on Tuesday warning of a surge in ransomware attacks attributed to the […]
266/68 Wednesday, July 23, 2025 ExpressVPN, one of the world’s leading VPN providers, has released an urgent patch to address a vulnerability in its Windows client software. The issue was discovered when it was found that using the Remote Desktop Protocol (RDP) could cause certain traffic to leak outside the VPN tunnel. This exposed users’ […]
265/68 Wednesday, July 23, 2025 A recent investigation by cybersecurity firm Group-IB has revealed the growing prevalence of cybercriminal networks leveraging “fake receipt generators” available through a platform called MaisonReceipts. This website offers fraudulent receipts mimicking over 21 well-known retail brands across the United States, the United Kingdom, and the European Union. The service is […]
264/68 Tuesday, July 22, 2025 Hewlett-Packard Enterprise (HPE) has issued a security advisory regarding critical vulnerabilities in Aruba Instant On Access Points, Wi-Fi devices designed for small to medium-sized businesses. A hardcoded password was discovered in the firmware of affected devices, allowing unauthorized attackers to bypass authentication and access the Web Interface without admin privileges. […]
263/68 Tuesday, July 22, 2025 On July 18, 2025, CrushFTP disclosed an active zero-day exploitation of a critical vulnerability tracked as CVE-2025-54309, with a CVSS severity score of 9.0. The flaw stems from improper AS2 verification handling in the disabled DMZ Proxy feature, allowing remote attackers to escalate privileges to admin access via HTTPS protocol. […]
262/68 Monday, July 21, 2025 Japan’s cybersecurity authorities, in collaboration with Europol and the FBI, have released a free decryption tool for victims of the Phobos and 8Base ransomware strains, allowing affected users to recover their encrypted files without paying ransom. The tool is available for download on the Japanese Police Agency’s website and the […]
261/68 Monday, July 21, 2025 Cybersecurity researchers have uncovered details about “Massistant,” a mobile forensic analysis tool used by Chinese law enforcement to extract data from confiscated smartphones. Developed by SDIC Intelligence Xiamen Information Co., Ltd.-formerly known as Meiya Pico-the tool reflects the company’s specialization in electronic data forensics and network security technologies. According to […]
260/68 Friday, July 18, 2025 Luxury fashion brand Louis Vuitton has officially confirmed that the data breach affecting customer information in the United Kingdom, South Korea, and Turkey originated from the same incident. The company suspects a connection to the notorious ransomware group ShinyHunters, which has a track record of attacking major organizations worldwide. According […]
259/68 Friday, July 18, 2025 Cybersecurity researchers have uncovered a new strain of malware, “BADBOX 2.0,” which has been found pre-installed in over one million Android-based IoT devices across 222 countries. This dangerous malware turns smart devices into proxy nodes in a global botnet, enabling cybercriminals to conduct large-scale fraud and malicious cyber activities. Due […]
258/68 Thursday, July 17, 2025 Belk, a major U.S. department store chain, has confirmed it was the target of a cyberattack between May 7–11, 2025. According to the company’s statement, unauthorized actors gained access to internal systems and exfiltrated sensitive company documents. The ransomware group “DragonForce” has claimed responsibility for the attack, stating it stole […]
