A Chinese state-linked threat actor identified as Chaya_004 has been observed exploiting a critical remote code execution vulnerability in SAP NetWeaver, researchers at Forescout Vedere Labs said in a report released Tuesday. The flaw, tracked as CVE-2025-31324, carries a maximum CVSS severity score of 10.0 and has been under active exploitation since April 29, 2025. […]
A security flaw in Microsoft Bookings exposed users to significant risks by allowing attackers to alter meeting invitations and calendar details through HTML injection, researchers at ERNW reported. The vulnerability, rooted in inadequate input validation within the Bookings API, impacted fields such as `serviceNotes`, `additionalNotes`, and `body.content`. Exploitation was particularly effective via the “Reschedule” feature, […]
A Toronto school district announced that sensitive data was not deleted by a hacker, despite a ransom payment and assurances that the breach had been contained. The district had previously relied on a video provided by the hacker, which appeared to show the deletion of stolen data following the payment. PowerSchool, the third-party vendor involved, […]
Google has identified a new malware strain, dubbed LostKeys, being deployed by the Russian state-linked hacking group ColdRiver in a wave of cyberespionage attacks, according to a recent report. Since the start of the year, the group has used the malware to steal sensitive files from targets across Western governments, media organizations, think tanks, and […]
Europol has announced the takedown of several websites offering distributed denial-of-service (DDoS)-for-hire services, along with the arrest of four individuals in Poland as part of its ongoing crackdown on cybercrime. The operation targeted illicit platforms that enable users to launch DDoS attacks without technical expertise, disrupting online services by overwhelming them with traffic. The arrests […]
Qilin-linked threat actors were responsible for a significant spike in ransomware activity in April 2025, accounting for 45 breaches, according to cybersecurity researchers. The group employed a combination of the known malware SmokeLoader and a newly identified .NET-based loader dubbed NETXLOADER in a campaign first observed in November 2024. Researchers say NETXLOADER functions as a […]
Google is rolling out new artificial intelligence-based protections designed to detect online scams across its Chrome browser, Search engine, and Android operating system, the company announced Thursday. The initiative leverages Gemini Nano, Google’s on-device large language model, to enhance Safe Browsing features in Chrome version 137 on desktop platforms. By processing data locally, Gemini Nano […]
The LockBit ransomware gang’s dark web leak site was breached, with attackers defacing the portal and leaking a MySQL database tied to its affiliate backend infrastructure. A message reading “Don’t do crime — CRIME IS BAD xoxo from Prague” replaced the homepage, alongside a link to the database dump. LockBit’s operator, known as LockBitSupp, confirmed […]
Organizations and individuals across Japan are being targeted by a wave of phishing attacks leveraging a sophisticated toolkit known as CoGUI. The phishing campaign, currently circulating widely, impersonates well-known Japanese e-commerce brands such as Amazon and Rakuten in an effort to deceive recipients and harvest sensitive information. Cybercriminals deploying the CoGUI phishing kit are taking […]
A widely used npm package, *rand-user-agent*, has been compromised in a supply chain attack, injecting obfuscated code designed to deploy a remote access trojan (RAT) on users’ systems. The malicious package, which sees approximately 45,000 downloads per week, was altered to include code that covertly grants attackers backdoor access to affected machines. The tampered component […]
Pearson, one of the world’s largest education companies, has suffered a cyberattack that resulted in the theft of corporate data and customer information, according to information obtained by BleepingComputer. The breach exposed sensitive data, though the full scope of the incident and the number of affected individuals or organizations remains undisclosed. The attack highlights the […]
IXON, a Dutch provider of industrial remote access solutions, has patched two high-severity vulnerabilities in its VPN Client software that could allow local attackers to escalate privileges to system level on Windows, Linux, and macOS platforms. Tracked as CVE-2025-26168 and CVE-2025-26169, the flaws affect all versions prior to 1.4.4 and were assigned a CVSS score […]