Sysadmins have been urged to prioritize updating a new critical vulnerability in Fortinet’s FortiSIEM solution, as exploit code is currently circulating in the wild. Published on Tuesday, CVE-2025-25256 is an escalation of privilege vulnerability with a CVSS score of 9.8. “An improper neutralization of special elements used in an OS command vulnerability in FortiSIEM may … Ler mais
Hackers exploit Microsoft flaw to breach Canada ’s House of Commons Hackers breached Canada ’s House of Commons, exploiting a recent Microsoft flaw, compromising data, according to CBC News. Threat actors reportedly breached Canada’s House of Commons by exploiting a recently disclosed Microsoft vulnerability. “The House of Commons and Canada’s cybersecurity agency are investigating a … Ler mais
More than $300 million worth of cryptocurrency linked to cybercrime and fraud schemes has been frozen due to two separate initiatives involving law enforcement and private companies. One initiative is the T3+ Global Collaborator Program launched by the T3 Financial Crime Unit (T3 FCU), a joint effort deployed almost a year ago byintelligence firm TRM … Ler mais
Cisco Talos researchers have uncovered an aggressive malware campaign active since early 2025, deploying a sophisticated multi-stage framework dubbed PS1Bot, primarily implemented in PowerShell and C#. This threat actor leverages malvertising and SEO poisoning to distribute compressed archives with file names mimicking legitimate search queries, such as “chapter 8 medicare benefit policy manual.zip” or “pambu … Ler mais
The Crypto24 ransomware group has been usingcustom utilities to evade security solutions on breached networks,exfiltrate data, and encrypt files. The threat group’searliest activity was reported on BleepingComputer forums in September 2024, though it never reached notable levels of notoriety. According to Trend Micro researchers tracking Crypto24’s operations, the hackers havehit several large organizations in the … Ler mais
Norway confirms dam intrusion by Pro-Russian hackers Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves. Norway’s Police Security Service (PST) says pro-Russian hackers seized control of a dam’s systems in April, opening outflow valves. On April 7, the attackers took control of a dam in Bremanger, western … Ler mais
ThreatFabric analysts have uncovered PhantomCard, a sophisticated NFC-based Trojan designed to relay sensitive card data from victims’ devices to cybercriminals. This malware, which primarily targets banking customers in Brazil but shows potential for global expansion, exemplifies the growing interest among threat actors in NFC relay attacks. PhantomCard operates by masquerading as a legitimate “card protection” … Ler mais
A vulnerability in KernelSU version 0.5.7 that could allow attackers to impersonate its manager application and gain root access has been uncovered by cybersecurity researchers. According to Zimperium’s zLabs researchers, the flaw highlights ongoing weaknesses in rooting and jailbreaking frameworks, which are often built by independent developers without formal security oversight. The team’s analysis, published … Ler mais
Threat actors are using topic customization as a more advanced strategy in targeted malware-delivery phishing campaigns as the environment of cyber threats changes. This method involves crafting personalized subject lines, attachment names, and embedded links to mimic authentic communications, fostering a sense of familiarity or urgency that heightens the probability of recipient engagement. According to … Ler mais
The cryptocurrency ecosystem is experiencing heightened scrutiny from both regulatory authorities and criminal organizations, as Google Play implements stringent publishing requirements for crypto applications while the FBI warns of sophisticated recovery scams targeting previous fraud victims. These developments highlight the ongoing challenges facing the digital asset industry as it seeks legitimacy while combating persistent criminal … Ler mais
