Cybersecurity Articles

222/68 Thursday, June 19, 2025 GreyNoise has reported widespread exploitation attempts targeting CVE-2023-28771, a critical Remote Code Execution (RCE) vulnerability (CVSS score: 9.8) affecting Zyxel devices’ IKE decoder via UDP port 500. On June 16, 2025, GreyNoise detected attack attempts from 244 unique IP addresses over a short timeframe, with primary targets located in the […]

221/68 Thursday, June 19, 2025 Cybersecurity researchers at Todyl have uncovered a new variant of the ClickFix malware, dubbed “LightPerlGirl”, on June 13, 2025. This variant was found embedded in a compromised WordPress-based travel website, used as part of a “waterholing” attack—a tactic where attackers lure victims through otherwise trusted websites. The site mimicked a […]

220/68 Wednesday, June 18, 2025 Trend Micro has released a report on a newly discovered ransomware strain named “Anubis”, which poses a serious threat due to its unique dual-functionality: it not only encrypts files but also features a “wipe mode” that permanently erases file contents. This destructive behavior makes data recovery impossible, even if the […]

219/68 Wednesday, June 18, 2025 Cyber threat analysts from Google’s Threat Intelligence Group (GTIG) have warned that the hacker group Scattered Spider has shifted its focus to targeting insurance companies in the United States. The group is employing tactics previously seen in attacks on the retail sector in both the U.K. and the U.S. According […]

218/68 Tuesday, June 17, 2025 WestJet, the second-largest airline in Canada, has confirmed a cyberattack that disrupted access to its internal systems and applications. The incident caused service interruptions for some users, although the company emphasized that flight safety has not been affected. In response, WestJet has activated its incident response team to investigate and […]

217/68 Tuesday, June 17, 2025 Researchers from Symantec have disclosed a targeted ransomware attack carried out in May 2025 by the Fog Ransomware group against a financial company in Asia. The attackers employed a combination of penetration testing tools and monitoring software rarely seen in typical ransomware operations, including Syteca, GC2, Adaptix, and Stowaway. Notably, […]

216/68 Monday, June 16, 2025 Palo Alto Networks has released multiple security patches across its products, including fixes for seven privilege escalation vulnerabilities and a set of Chrome security updates for the Prisma Access Browser. The most critical flaw, CVE-2025-4232 (CVSS score: 7.1), is an improper neutralization of wildcards in the log collection feature of […]

215/68 Monday, June 16, 2025 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert on June 12, warning that ransomware groups are actively exploiting a critical vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software to breach victims in supply chain-style attacks. The flaw, tracked as CVE-2024-57727, affects SimpleHelp versions 5.5.7 and […]

214/68 Friday, June 13, 2025 Google and Mozilla have released critical security updates for their Chrome and Firefox browsers, addressing four high-severity memory-related vulnerabilities that could lead to remote code execution (RCE), data leaks, or remote system takeover. The fixes are included in Chrome version 137 and Firefox version 139, both rolled out on Tuesday, […]

213/68 Friday, June 13, 2025 INTERPOL, in collaboration with law enforcement agencies from 26 countries, has successfully dismantled a major cybercrime syndicate operating across the Asia-Pacific region under Operation Secure. The coordinated effort led to the arrest of 32 suspects in Vietnam, Sri Lanka, and Nauru, along with the seizure of 117 Command-and-Control (C2) servers […]