A series of cyber-attacks against government organizations in Central Asia and the Asia-Pacific has been linked to a threat cluster known as ShadowSilk, according to new research by Group-IB. The activity, which began in 2023 and remains active as of July 2025,shows clear connections to operations previously attributed to the group YoroTrooper.What’s new now is … Ler mais
Picture this scenario: Six months after celebrating their “zero trust transformation,” a financial services firm gets hit with a devastating breach. Attackers waltzed through a supply chain vulnerability in a third-party API, bypassing all those carefully configured identity controls . The firm ticked every checkbox and met every requirement – yet here they are, scrambling … Ler mais
The Healthcare Services Group (HSGI) is alerting more than 600,000 individuals that their personal information was exposed in a security breach last year. The healthcare services provider stated that it detected unauthorized access to its network on October 7, 2024, and subsequently discovered that the intrusion had begun on September 27. The investigation that followed … Ler mais
A NVIDIA lançou um boletim de segurança para o Curador Nemo Nvidia®, abordando uma vulnerabilidade de alta severidade (CVE-2025-23307) Isso afeta todas as versões anteriores do software curador. A falha, enraizada no manuseio inadequado de arquivos fornecidos pelo usuário, permite que um arquivo maliciosamente criado seja processado pelo Curador Nemo, levando à injeção de código … Ler mais
O ator de ameaças conhecido como TAG-144, também chamado de águia cega ou APT-C-36, foi vinculado a cinco aglomerados de atividades distintos que operam de maio de 2024 a julho de 2025, direcionando principalmente as entidades governamentais colombianas nos níveis locais, municipais e federais. Este grupo de ameaças cibernéticas, ativo desde pelo menos 2018, emprega … Ler mais
MS-ISAC ADVISORY NUMBER: 2025-074 DATE(S) ISSUED: 08/20/2025 OVERVIEW: Multiple vulnerabilities have been discovered in Commvault Backup & Recovery, which when chained together, could allow for remote code execution. Commvault Backup & Recovery is a comprehensive data protection solution that offers a range of services for safeguarding data across various environments, including on-premises, cloud, and hybrid … Ler mais
Os atores de ameaças estão alavancando a marca de confiança do Fundo Estadual de Pensões da Indonésia, Pt Dana Tabungan Dan Asuransi Pegawai Negeri (Persero), ou Taspen, para implantar um malicioso Aplicação Android disfarçado de portal oficial. Este trojão bancário e spyware visam pensionistas e funcionários públicos, explorando sistemas herdados e vulnerabilidades de transformação digital … Ler mais
Citrix has released patches for three zero-day vulnerabilities in NetScaler ADC and Gateway, one of which was already being exploited by attackers. The flaws, tracked as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424, are two memory overflow vulnerabilities and an improper access control on the NetScaler Management Interface. They are all considered critical vulnerabilities, with severity score (CVSS) … Ler mais
Nice indirect prompt injection attack: Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.) It looks like an official document on company meeting policies. But inside the document, Bargury hid a 300-word malicious … Ler mais
MS-ISAC ADVISORY NUMBER: 2025-075 DATE(S) ISSUED: 08/26/2025 OVERVIEW: A vulnerability has been discovered in Apple products which could allow for arbitrary code execution. Successful exploitation could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, … Ler mais
