Wednesday , May 28 2025

Cyber Attack

251 Amazon-Hosted IPs Used in Exploit Scan for ColdFusion, Struts, and Elasticsearch

Scan

Cybersecurity researchers recently revealed a coordinated cloud-based scanning attack that targeted 75 different exposure points earlier this month. On May 8, 2025, GreyNoise observed activity from 251 malicious IP addresses located in Japan and hosted by Amazon. “These IPs triggered 75 distinct behaviors, including CVE exploits, misconfiguration probes, and recon …

Read More »

184 Million Leaked Credentials Discovered in Open Database

184 Million

Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak ones, and enable multi-factor authentication. Although the database is not new, it shows the ongoing circulation of leaked data from major platforms like Apple, Google, Microsoft, Amazon, Facebook, Instagram, and …

Read More »

Researchers found 200 billion files exposed in cloud buckets

200 billion

Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company focused on dark web monitoring and threat intelligence, reports its vulnerability search tool has found over 660,000 exposed buckets and 200 billion leaking files from seven major cloud providers. Filtering …

Read More »

Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed

406 incidents

From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors, with 406 incidents publicly reported as ransomware attacks, accounting for seven percent of all ransomware incidents during that time. Why Finance? The financial sector consistently ranks as one of the …

Read More »

Commvault Confirms Its Azure Cloud Environment Breach via Zero-Day Attack

Commvault

Commvault confirmed that a sophisticated cyberattack exploiting a zero-day vulnerability breached its Azure cloud environment earlier this week. On February 20, 2025, Microsoft notified Commvault of unauthorized activity in its Azure cloud environment. Commvault announced its immediate response, activating incident protocols and involving leading cybersecurity experts and law enforcement. The …

Read More »

Ticket resaler exposed ​​520,054 records size of 200 GB

Ticket

Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database with 520,054 records from an event ticket resale platform and reported it to vpnMentor. The unprotected public database had 520,054 records totaling 200 GB. It was labeled as containing customer inventory files in PDF, JPG, PNG, and JSON formats. A review of …

Read More »

Massive Attack: Hacker Actively Use 4800+ IPs To Attack Git Configuration Files

Git configuration files

A recent increase in cyber reconnaissance has endangered thousands of organizations, as GreyNoise, a global threat intelligence platform, reported a significant rise in attempts to access sensitive Git configuration files. On April 20 and 21, GreyNoise recorded over 4,800 unique IPs targeting these files, marking a record high and indicating …

Read More »

‘SessionShark’ ToolKit Bypasses Microsoft Office 365 MFA

SessionShark

The SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn about real-time attacks using fake login pages and Telegram alerts. SlashNext security experts have found a new tool, “SessionShark,” used by cyber criminals to steal Microsoft Office 365 login information. It can bypass multi-factor authentication (MFA), …

Read More »