Cyber Attack

Storm-0501 has erased data and backups after stealing information from a victim’s Microsoft Azure environment in a new cloud based ransomware attack. Microsoft Threat Intelligence recently provided details of the tactics deployed by the actor tracked as Storm-0501 in a blog published on August 27. Sherrod DeGrippo, director of Microsoft …

It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over 15 billion accounts …

Research by Group-IB has linked cyber-attacks on government organizations in Central Asia and the Asia-Pacific to a threat group called ShadowSilk. The activity started in 2023 and is still ongoing in July 2025, showing clear links to the YoroTrooper group. What’s different now is the size and structure of the …

A new malware campaign is targeting various network devices, including routers from DrayTek, TP-Link, Raisecom, and Cisco. In July 2025, researchers found a stealthy loader spreading by taking advantage of unauthenticated command injection flaws in embedded web services. Compromise starts with simple HTTP requests that deliver a specific downloader script …

Cybersecurity researcher Jeremiah Fowler found an unprotected database with 957,434 records belonging to an Ohio organization that assists people in obtaining certified medical marijuana cards. The database contained personal information, including PII, driver’s licenses, medical records, Social Security numbers, and other sensitive data. The publicly exposed databases were not password-protected …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included the critical Trend Micro Apex One vulnerability, CVE-2025-54948, in its Known Exploited Vulnerabilities (KEV) Catalog due to active exploitation. Trend Micro Apex One is a popular endpoint security platform that detects and responds to malware and other security threats. However, …

A threat actor named “Chucky_BF” has advertised on a cybercrime forum that they are selling a “Global PayPal Credential Dump 2025” with over 15.8 million email and plaintext password pairs. The 1.16GB dataset in plain text reportedly contains sensitive credentials from PayPal accounts worldwide, indicating a significant breach. According to …

Researchers have identified a new Crypto24 ransomware campaign, which they describe as a “dangerous evolution” in cybersecurity threats. According to Trend Micro researchers, recent attacks by Crypto24 actors display a combination of advanced evasion techniques and custom tools that can disable EDR solutions — including Trend Micro’s own Vision One …

UK telecoms company Colt suffered a cyberattack by the Warlock ransomware gang. The attack began on Tuesday, 12th August, around 11 am BST, initially reported as a technical issue. By Thursday, 14th August, Cold announced they were addressing a cyber incident affecting Colt Technology Services, including hosting, porting services, Colt …

Fortinet warns customers of a critical security flaw in FortiSIEM which it said there exists an exploit in the wild. CVE-2025-25256 is a critical vulnerability with a CVSS score of 9.8 out of 10. “An improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability [CWE-78] …