Bengaluru’s Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000 (around ₹60.26 lakh) to unlock encrypted files and prevent data leaks. The breach happened on March 31, between 4:23 PM and 5 PM, and was reported to authorities on April …

MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs ends today, potentially disrupting the global cybersecurity industry. CVE, the more important of the two, is managed by MITRE with support from the U.S. National Cyber Security …

PwC has ceased operations in more than a dozen countries that its global bosses have deemed too small, risky or unprofitable, as it seeks to avoid a repeat of scandals that have plagued the accounting network. The Big Four accounting firm, which operates as a global network of locally owned …

The Australian Cyber Security Centre (ACSC) has alerted technical users in both private and public sectors about ongoing exploitation of known vulnerabilities following a new advisory highlighting the exploitation of previously known vulnerabilities in Fortinet products. Organizations are urged to take immediate action. Fortinet has detected that attackers are exploiting …

Cybersecurity platform ANY.RUN recently reported the top 10 malware threats of the week, highlighting a surge in activity for information stealers Lumma and Snake. The findings shared in a detailed post on X highlight the changing nature of cyber threats and the need for proactive tracking to reduce risks. Lumma …

In late March, TeamT5 found that a China-linked APT group exploited a critical vulnerability in Ivanti Connect Secure VPN appliances, affecting nearly twenty industries in twelve countries. At the time of the analysis, TeamT5 suspected that the group still had access to the victims’ networks. Victim countries include Austria, Australia, …

A threat actor is reportedly advertised to sell a zero-day exploit for Fortinet’s FortiGate firewalls on a dark web forum. The exploit claims allow attackers to remotely execute code and access configurations on FortiOS without needing credentials, potentially taking control of vulnerable devices. Cybersecuritynews reported the forum post observed by …

BlackHat Asia-2025 was held for four days at the Marina Bay Convention Center in Singapore in early April. Infosecbulletin covered this year’s event. Many world-renowned cybersecurity companies participated in this conference. Various companies, including EDR, XDR, API security, firewall, antivirus, penetration testing, and AI Security, participated in this expo and …

Recent incidents continue to bring this into focus with active exploitations of known vulnerabilities as investigations by Fortinet have discovered a post exploitation technique used by a threat actor. During the investigation, a threat actor was observed using known vulnerabilities (e.g. FG-IR-22-398, FG-IR-23-097, FG-IR-24-015) to gain access to Fortinet devices. …

The Cybersecurity and Infrastructure Security Agency (CISA) has released ten new advisories regarding Industrial Control Systems (ICS) to highlight serious vulnerabilities and exploits that could affect vital industrial systems. Released on April 10, 2025, these advisories offer essential information on current cybersecurity risks, aiding industries in threat prevention and protecting …