Cyber Attack

ELUSIVE COMET is a threat actor conducting a sophisticated attack campaign that uses Zoom’s remote control feature to access victims’ computers without permission. The ELUSIVE COMET operation begins with attackers masquerading as legitimate media organizations, specifically “Bloomberg Crypto,” to invite high-profile targets for interviews. Invitations are sent through social media, …

A data leak involving 8 million UK healthcare worker records, including IDs and financial information, was caused by a misconfigured database from the UK software firm Logezy, which specializes in employee data management. Cybersecurity researcher Jeremiah Fowler from vpnMentor discovered this issue. Fowler’s investigation found nearly 8 million unprotected records, …

Bengaluru’s Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000 (around ₹60.26 lakh) to unlock encrypted files and prevent data leaks. The breach happened on March 31, between 4:23 PM and 5 PM, and was reported to authorities on April …

The Australian Cyber Security Centre (ACSC) has alerted technical users in both private and public sectors about ongoing exploitation of known vulnerabilities following a new advisory highlighting the exploitation of previously known vulnerabilities in Fortinet products. Organizations are urged to take immediate action. Fortinet has detected that attackers are exploiting …

Cybersecurity platform ANY.RUN recently reported the top 10 malware threats of the week, highlighting a surge in activity for information stealers Lumma and Snake. The findings shared in a detailed post on X highlight the changing nature of cyber threats and the need for proactive tracking to reduce risks. Lumma …

In late March, TeamT5 found that a China-linked APT group exploited a critical vulnerability in Ivanti Connect Secure VPN appliances, affecting nearly twenty industries in twelve countries. At the time of the analysis, TeamT5 suspected that the group still had access to the victims’ networks. Victim countries include Austria, Australia, …

The U.S. Treasury Department’s Office of the Comptroller of the Currency said on Tuesday, opens new tab that emails of executives and other employees of the agency were hacked, blaming longstanding vulnerabilities for the breach. The U.S. financial regulator said it had told Congress the breach involved unauthorized access to …

Israeli cybersecurity firm Check Point has responded to a hacker who claimed to have stolen valuable information from its systems. Over the weekend, a hacker named CoreInjection claimed in a BreachForums post that they were selling data allegedly stolen from Check Point for 5 Bitcoin (around $430,000). The threat actor …

Safety Detectives’ Cybersecurity Team found a forum post where a threat actor shared a .CSV file with over 200 million records from X users. The team discovered data in a forum post on the surface web. This popular forum features message boards for database downloads, leaks, cracks, and similar topics. …

The Federal Bureau of Investigation (FBI) is probing the cyberattack at Oracle (ORCL.N), opens new tab that has led to the theft of patient data, Bloomberg News reported on Friday, citing a person familiar with the matter. Earlier this month, Oracle alerted some healthcare customers that sometime after January 22, …