InfoSecBulletin Cybersecurity for mankind
Reportedly, the Russian-speaking Cl0p ransomware group has executed the MOVEit campaign, affecting approximately 1,000 organizations and 60 million individuals.
It is important to highlight that these numbers encompass both entities that are directly and indirectly affected. For example, numerous organizations and millions of individuals had their information compromised through PBI, a research services provider for the pension and financial sectors.
AWS SNS misused for Data Exfiltration and Phishing
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
ALSO READ:
Google Workspace: New account security, DLP capabilities announced
Cybersecurity firm Emsisoft reported that as of August 24, they had identified a staggering number of 988 victims, affecting approximately 59,200,000 individuals.
The following organizations, including Maximus, Pôle Emploi, the Louisiana Office of Motor Vehicles, the Colorado Department of Health Care Policy and Financing, the Oregon Department of Transportation, the Teachers Insurance and Annuity Association of US, Genworth, PH Tech, Milliman Solutions, and Wilton Reassurance Company, are among those that may have compromised the personal information of over one million individuals.
Resecurity has confirmed that the number of organizations affected by the MOVEit hack is indeed substantial. On August 23rd, the organization reported its awareness of 963 public and private sector organizations worldwide that have fallen victim to this breach.
Cl0p, the group behind this campaign, is expected to make an astounding $100 million. To make matters worse, they have now escalated their tactics by leaking the data of those who have refused to pay.
According to Resecurity, on August 14 and 15, cybercriminals reportedly leaked approximately 1 Tb of data that they had allegedly stolen from 16 victims. The entities affected by this cyber attack comprise UCLA, Siemens Energy, Cognizant, as well as prominent cybersecurity companies such as Norton LifeLock and Netscout.
The data has been exposed via torrents on the surface web, making it considerably simpler for anyone to acquire the pilfered files. According to both Emsisoft and Resecurity, over 80% of the impacted organizations are based in the United States.
The MOVEit campaign used a security vulnerability in the MOVEit Transfer software. The vulnerability allowed attackers to access transferred files without authentication.
