Cyber Attack

An unknown threat cluster has targeted European healthcare organizations, deploying PlugX and ShadowPad. In some cases, these intrusions resulted in the use of ransomware called NailaoLocker. Orange Cyberdefense CERT’s Green Nailao campaign targeted a newly patched security flaw (CVE-2024-24919, CVSS score: 7.5) in Check Point network gateway products. The attacks …

The FBI and CISA reported on Wednesday that the ransomware group Ghost has been exploiting software and firmware vulnerabilities as recently as January. The group targets internet services with old, unpatched vulnerabilities that users could have addressed years ago. Cybersecurity researchers began alerting the public about the group in 2021. …

A major IoT data breach has exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device IDs. Cybersecurity researcher Jeremiah Fowler uncovered an unprotected database associated with Mars Hydro, a Chinese IoT grow light company, and LG-LED Solutions from California. He reported his findings to vpnMentor, which …

The new Astaroth Phishing Kit can bypass two-factor authentication to steal login credentials for Gmail, Yahoo, and Microsoft. It uses a reverse proxy, captures credentials in real-time, and hijacks sessions. The new phishing kit called Astaroth has been found on cybercrime networks by SlashNext threat researchers. Astaroth can bypass two-factor …

A sophisticated malware campaign is targeting military and government entities in Bangladesh. It uses social engineering to deliver malicious files disguised as official documents, aiming to infiltrate secure networks, steal credentials, and access sensitive systems. The attack starts with a WhatsApp message that forwards a file (like 508.rar) pretending to …

In January 2025, there were 510 global ransomware incidents, with Akira as the leading group and new ones like MORPHEUS and Gd Lockersec appearing. The Manufacturing sector was the main target, followed by Finance and IT, with the USA being the most affected region. This report highlights key ransomware trends, …

CYFIRMA analysis reveals a sophisticated malware campaign that exploits a major Indian bank’s brand through fake mobile apps. These apps, distributed via phishing links and social engineering, closely resemble the real bank apps, deceiving users into sharing their credentials and personal information. The malware uses advanced techniques, such as encrypted …

The Shadowserver Foundation reports that a brute force attack has been active since last month, using nearly 2.8 million IP addresses each day attempting to guess the credentials for a wide range of networking devices. A brute force attack occurs when attackers repeatedly try different usernames and passwords to access …

WhatsApp revealed that seven Italians, along with victims from over a dozen other European countries, were targeted by spyware in a widespread hacking campaign, according to the Italian government. Italy’s cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (ANC), is investigating alleged hacking attempts by Paragon Solutions, according to a statement …

The zLabs research team found a mobile malware campaign with nearly 900 malware samples aimed at Indian bank users. Analysis shows shared code, interfaces, and logos, indicating a single group behind the attacks on Android devices. Zimperium’s detection engine successfully identified these as Trojan Bankers targeting Indian financial institutions. This …