Saturday , June 21 2025

Cyber Attack

Russia detects first SuperCard malware attacks via NFC

NFC

Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC) software, indicating a potential test for a larger operation. This report details SuperCard, a malicious version of NFCGate, made for sharing NFC data between two nearby devices. Cybercriminals have exploited …

Read More »

Income Property Investments exposes 170,000+ Individuals record

170000

Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal information, social security numbers, and other sensitive data. The publicly exposed database was not password-protected or encrypted. It contained 170,360 records with a total size of 116.24GB. The dataset features …

Read More »

ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

GreyNoise

GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel’s IKE affecting UDP port 500. The attack centers around CVE-2023-28771, a high-severity remote code execution vulnerability (CVSS 9.8) affecting Zyxel Internet Key Exchange (IKE) packet decoders over UDP port 500. Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On …

Read More »

Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems

internal systems

WestJet, Canada’s second-largest airline, is looking into a cyberattack that has affected some internal systems during its response to the breach. “WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users,” reads a security advisory on WestJet’s site. “We …

Read More »

Paraguay 7.4 Million Citizen Records Leaked on Dark Web

Resecurity found 7.4 million records of Paraguayan citizens’ personal information leaked on the dark web today. Last week, cybercriminals attempted to sell this data for $7.4 million, or $1 per citizen. A ransomware group is extorting the country, marking a major cybersecurity event, with a deadline set for Friday, June …

Read More »

SoftBank: Over 137,000 personal info leaked

SoftBank

SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked by a contracted outsourcing firm. In response, the company intends to end its contract with the provider and will collaborate with the police to assess future actions. SoftBank announced that …

Read More »

CVE-2025-24016
Critical Wazuh RCE Actively Exploited by Mirai Botnets

Mirai Botnets

The Security Intelligence and Response Team (SIRT) at Akamai has found that multiple Mirai-based botnets are exploiting CVE-2025-24016, a critical RCE vulnerability in Wazuh servers. This flaw, which has a CVSS score of 9.9, allows remote attackers to execute arbitrary Python code through unsanitized JSON inputs in the Wazuh Distributed …

Read More »

Fortinet flaws now exploited in Qilin ransomware attacks

Qilin ransomware

The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qilin (also tracked as Phantom Mantis) surfaced in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name and has since claimed responsibility for over …

Read More »