421/68 Friday, October 24, 2025 Researchers from Darktrace have disclosed that the Chinese-linked APT group Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, UNC5807, and RedMike) breached a major European telecom company in July 2025 by exploiting a Citrix NetScaler Gateway vulnerability as the initial access vector. The attack began with the exploitation of […]
420/68 Friday, October 24, 2025 Taiwanese networking equipment manufacturer TP-Link has released two security advisories this week regarding four critical vulnerabilities affecting more than ten models of its Omada Gateway devices across the ER, G, and FR series. The company has already issued firmware updates to address these flaws and strongly advises all users of […]
419/68 Wednesday, October 22, 2025 Japanese retailer Muji has announced the temporary suspension of its online store after logistics partner Askul Corporation suffered a ransomware attack. The incident disrupted Muji’s product delivery systems and impacted its main website, preventing customers from browsing or placing online orders, as well as checking their purchase history via the […]
418/68 Wednesday, October 22, 2025 Researchers from The Shadowserver Foundation have discovered that more than 75,835 WatchGuard Firebox devices exposed to the internet worldwide are vulnerable to a critical flaw tracked as CVE-2025-9242 (CVSS 9.3). This vulnerability could allow remote code execution without authentication. The majority of exposed devices are located in Europe and North […]
417/68 Wednesday, October 22, 2025 The concept of Bring Your Own Device (BYOD), where employees use personal devices for work, is now expanding into a new risk area known as Bring Your Own Car (BYOC). At the recent BSides NYC conference, researchers from cybersecurity firm Threatlight showcased a new proof-of-concept (PoC) attack demonstrating how a […]
416/68 Tuesday, October 21, 2025 Envoy Air, a regional airline under American Airlines, has confirmed that it was affected by a cyberattack targeting Oracle E-Business Suite (EBS) systems, carried out by the Cl0p ransomware group, which is linked to the FIN11 cybercrime syndicate. The attackers added American Airlines to their leak site on the dark […]
415/68 Tuesday, October 21, 2025 ConnectWise has rolled out the Automate 2025.9 security update to fix two critical vulnerabilities in its Automate Remote Monitoring and Management (RMM) software that could allow attackers to carry out Man-in-the-Middle (MiTM) attacks by intercepting and manipulating communications between agents and servers. The first flaw, CVE-2025-11492 (CVSS 9.6, Critical), stems […]
414/68 Tuesday, October 21, 2025 Threat actors are using the popular short-video platform TikTok to distribute information-stealing malware by posting short clips that claim to teach viewers how to unlock or activate software and services for free – for example, Windows, Microsoft 365, Adobe Photoshop, Spotify Premium, and Netflix. The technique used in these attacks […]
413/68 Monday, October 20, 2025 The European Union law enforcement agency Europol announced the successful takedown of a cybercrime network operating under a Cybercrime-as-a-Service (CaaS) model, as part of Operation SIMCARTEL. The network offered SIM Farm rental services that enabled global online crimes such as phishing and investment fraud. The operation included 26 raids, resulting […]
412/68 Monday, October 20, 2025 Researchers at Fortinet have revealed that the hacker group Winos 4.0 (also known as ValleyRAT) is expanding its operations from China and Taiwan into Japan and Malaysia, using phishing campaigns to distribute the HoldingHands RAT (also tracked as Gh0stBins), a Remote Access Trojan that enables remote control of compromised machines. […]
