InfoSecBulletin Cybersecurity for mankind
Researchers unveiled a new ransomware, called SEXi, that poses a threat to VMware ESXi servers. Additionally, it is believed to have scored its first victim which is a hosting provider.
Intel 471 reported a surge in smishing attacks from a group of threat actors, called The Com, which uses sophisticated social engineering tactics to target organizations in the telecommunications, IT, and industry sectors.
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
Proofpoint’s Threat Research team identified a rise in the use of a new Latrodectus loader malware in campaigns throughout February and March. The malware is being distributed by the TA577 threat actor.
Sucuri researchers found a new variant of Magento Shoplift malware that executed a malicious script on a website to perform credit card skimming attacks and data theft.
NIST awarded nearly $3.6 million to 18 education and community organizations across 15 states in an effort to build the workforce needed to safeguard enterprises from cybersecurity threats.
