Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion. The hackers now abusenative cloud features to exfiltrate data, wipe backups, and destroy storage accounts, thereby applying pressure and extorting victims without deploying traditional ransomware encryption … Ler mais
As autoridades sul-coreanas extraditaram com sucesso um suspeito importante em uma operação de hackers em larga escala que resultou no peculato de mais de 38 bilhões de vitórias (aproximadamente US $ 28,5 milhões) de vítimas de alto nível. O indivíduo, identificado como o Sr. G, um nacional chinês de 34 anos, foi repatriado da Tailândia … Ler mais
Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows, macOS, and Linux systems. The malware uses OpenAI’s gpt-oss:20b model through the Ollama API to dynamically generate the malicious Lua scripts from hard-coded prompts. How PromptLock works According toESET researchers, PromptLock is written in Golang … Ler mais
Falhas de travessia de caminho como o zip Slip, que dão a hackers a capacidade de alterar os sistemas de arquivos enquanto descomprimem, continuam sendo um sério perigo no mundo em constante mudança de ameaças de segurança cibernética. Essa vulnerabilidade, decorrente da validação inadequada de entrada em utilitários de compressão, permite que os adversários incorporem … Ler mais
The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet. FreePBX is an open-source PBX (Private Branch Exchange) platform built on top of Asterisk, widely used by businesses, call centers, and service providers to manage voice communications, … Ler mais
Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775 Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775(CVSS score: 9.2) is … Ler mais
A cyberattack on Miljödata, an IT systems supplier for roughly 80% of Sweden’s municipal systems, has caused accessibility problems in more than200 regions of the country. In addition to the service disruption, there are concerns that attackers also stole sensitive data. Local media reportthat the threat actor demanded a ransom of 1.5 (currently around $168,000) … Ler mais
U.S. CISA adds Citrix NetScalerflaw to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScalerflaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Citrix NetScalerflaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrixaddressedthree security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) … Ler mais
The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon global hacking campaigns to three China-based technology firms. According to the joint advisories [NSA, NCSC], Sichuan Juxinhe Network Technology Co. Ltd., Beijing Huanyu Tianqiong Information Technology Co., and Sichuan Zhixin … Ler mais
A new Software Acquisition Guide: Supplier Response Web Tool has been released by the US Cybersecurity and Infrastructure Security Agency (CISA) to improve security in software procurement. The free, interactive platform is designed to assist IT leaders, procurement officersand software vendors in strengthening cybersecurity practices throughout the acquisition process. The tool builds on CISA’s Software … Ler mais
