Charon Ransomware targets Middle East with APT attack methods New Charon ransomware targets Middle East public sector and aviation, using APT-style tactics, EDR evasion, and victim-specific ransom notes. Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The … Ler mais
The mayor of Saint Paul, Minnesota’s capital city, has confirmed that the Interlock ransomware gang is responsible for a cyberattack that disrupted many of the city’s systems and services in July. On July 29th, Minnesota Governor Tim Walz activated the National Guard in response to the crippling cyberattack that had affected St. Paul’s digital services … Ler mais
Trend Micro researchers have uncovered a novel ransomware family dubbed Charon, deployed in a sophisticated campaign targeting the public sector and aviation industry in the Middle East. This operation employs advanced persistent threat (APT)-style techniques, including DLL sideloading via a legitimate Edge.exe binary (originally cookie_exporter.exe) to load a malicious msedge.dll loader known as SWORDLDR. Discovery … Ler mais
Manpower, one of the world’s largest staffing companies, is notifying nearly 145,000 individuals that their information was stolen by attackers who breached the company’s systems in December 2024. Together with Experis and Talent Solutions, the company is part of ManpowerGroup, a multinational corporation with over 600,000 workers in more than 2,700 offices and serving over … Ler mais
A self-proclaimed Ukrainian Web3 team targeted a community member during an interview’s first round by instructing them to clone and run a GitHub repository named EvaCodes-Community/UltraX. Suspecting foul play, the individual contacted the SlowMist security team, who conducted a thorough analysis and uncovered malicious components embedded within the project’s dependencies. With consent, SlowMist issued a … Ler mais
Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach Hackers leaked 2.8M sensitive records from Allianz Life, exposing data on business partners and customers in ongoing Salesforce data theft attacks. Hackers leaked 2.8 million sensitive records of US insurance giant Allianz Life, exposing data on business partners and customers as part of … Ler mais
Google has released a critical security update for its Chrome browser, addressing six security vulnerabilities, including three high-severity flaws that could potentially allow arbitrary code execution on affected systems. The stable channel update, version 139.0.7258.127/.128 for Windows and Mac, and 139.0.7258.127 for Linux, was announced on August 12, 2025, and will roll out to users … Ler mais
A critical security vulnerability in Fortinet’s FortiWeb web application firewall has been discovered that allows unauthenticated attackers to bypass authentication and impersonate any existing user on affected devices. The flaw, tracked as CVE-2025-52970 and dubbed “Fort-Majeure” by its discoverer, stems from improper parameter handling in the application’s cookie parsing mechanism. Vulnerability Details and Impact The … Ler mais
Security researchers have discovered a critical vulnerability in Fortinet’s FortiSIEM platform that enables remote attackers to execute unauthorized commands without authentication. The flaw, tracked as CVE-2025-25256, has achieved a maximum CVSS score of 9.8 and poses an immediate threat to organizations worldwide as practical exploit code has already been discovered circulating in the wild. Vulnerability … Ler mais
Security researchers at Cymulate Research Labs have discovered a critical zero-click NTLM credential leakage vulnerability that successfully bypasses Microsoft’s security patch for CVE-2025-24054, demonstrating that the original fix was incomplete and leaving millions of Windows systems exposed to sophisticated attacks. The newly identified vulnerability, assigned CVE-2025-50154, allows attackers to extractNTLMv2-SSP hasheswithout any user interaction, even … Ler mais
