Cyber Attack

A recent report from Elastic reveals that threat actors misuse Amazon Web Services (AWS) Simple Notification Service (SNS) for malicious activities like data exfiltration and phishing. The research highlights potential abuse methods and ways to detect them. AWS SNS is a web service that enables users to send and receive …

Forescout Research- Vedere Labs identified a series of intrusion based on two Fortinet vulnerabilities which began with the exploitation of FortiGate firewall appliance dubbed SuperBlack. Researchers track this between late january and early March. Fortinet disclosed two authentication bypass vulnerabilities: CVE-2024-55591 in January and CVE-2025-24472 in February. When Fortinet first …

GreyNoise warns of a coordinated increase in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across various platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025. Countries …

Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked the number of victims listed by ransomware groups on their Tor-based data leak sites (DLS), which are used to shame victims and threaten data release unless ransoms are paid. Although …

NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information may have been leaked. An internal investigation revealed that some corporate customer service information from Order Information Distribution System may have been leaked. However, individual customer service information was not …

India’s Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session. The city suffered losses of Rs6,007 crore across 1,504 cybercrime cases. Cyber fraud in Pune was almost five times greater than the total losses in Mumbai, Thane, and Nagpur, which …

Cybersecurity researcher Jeremiah Fowler found that over a dozen unprotected databases from the German firm Lost and Found Software exposed 820,750 sensitive personal records about lost airport items and their owners in the U.S., Canada, and Europe. Misconfigured databases, now secured, previously exposed sensitive information such as images of lost …

Cisco Talos found that an unknown attacker has been targeting organizations in Japan since January 2025. The attacker exploited the CVE-2024-4577 vulnerability in PHP on Windows to access victims’ machines. They used the “TaoWu” plugins from the Cobalt Strike kit for further actions. A pre-configured installer script was discovered on …

On Sunday, Poland Minister for Digitalisation Krzysztof Gawkowski said that Polish cybersecurity services found unauthorized access to the IT infrastructure of the Polish Space Agency (POLSA). “In connection with the incident, the systems under attack were secured … Intensive operational activities are also underway to identify who is behind the …

Security researchers found that datasets used by companies to develop large language models included API keys, passwords, and other sensitive credentials. Large language models are dominating the online landscape, with companies promoting AI solutions that claim to solve all problems. For an AI to be effective, it needs extensive training …