Hackers have launched a supply chain attack targeting Telegram data through malicious RubyGems packages that impersonate popular Fastlane CI/CD plugins, according to a report from BleepingComputer. The attackers uploaded two fraudulent libraries to the RubyGems repository, where developers typically obtain trusted components for building and deploying applications. By mimicking Fastlane tools, the packages aimed to […]
The European Union has unveiled a comprehensive Cyber Blueprint aimed at streamlining crisis management across member states, establishing a unified response framework, and reinforcing cross-border coordination. The initiative is designed to improve the EU’s collective resilience against large-scale cyber incidents by enabling faster, more coordinated responses among national authorities. The blueprint introduces a structured approach […]
Hundreds of dashboard interfaces used to control U.S. water utility systems have been found accessible on the open internet, according to researchers at Censys. The exposed human-machine interfaces (HMIs), which are commonly used in industrial control systems, were misconfigured in a way that allowed anyone with a web browser to view sensitive control-room data. Investigators […]
Hackers are leveraging fake Gitcode and DocuSign websites to distribute the NetSupport Remote Access Trojan (RAT), according to a report from The Hacker News. The campaign uses lookalike domains that mimic legitimate platforms to deceive users into downloading the malware. Once installed, NetSupport RAT grants attackers remote control over compromised systems, enabling them to steal […]
A newly identified data-wiping malware known as “PathWiper” is being deployed in targeted attacks against critical infrastructure in Ukraine, aiming to disrupt essential operations across the country. The malware is designed to erase data irreversibly, posing a significant threat to the stability and functionality of national systems. The attacks appear to be part of a […]
The Interlock ransomware group has taken credit for a cyberattack on Kettering Health, a healthcare network, and has released data it claims was stolen during the breach. The group posted samples of the allegedly compromised information on its leak site, asserting that the files were extracted from Kettering Health’s internal systems. The scope of the […]
Microsoft has launched a new European Security Program aimed at disrupting cybercriminal networks and state-sponsored threat actors operating across the continent. Announced in Berlin on June 4, the initiative targets ransomware groups and nation-state actors from Russia, China, Iran and North Korea. It leverages artificial intelligence to boost threat intelligence sharing with governments in all […]
Authorities have dismantled BidenCash, a notorious online marketplace used for trafficking stolen credit card data and personal information. In the coordinated operation, law enforcement agencies seized 145 domains linked to the illicit platform, effectively halting its operations. BidenCash had gained notoriety for facilitating the trade of compromised financial data, offering access to stolen credit cards […]
Cisco has issued a security patch for a vulnerability in its Identity Services Engine (ISE) that could expose sensitive data in cloud environments, including Amazon Web Services, Microsoft Azure and Oracle Cloud Infrastructure. The flaw affected cloud-based deployments of the ISE platform, which is widely used for identity and access control in enterprise networks. According […]
A newly identified strain of ransomware known as Lyrix is actively targeting Windows systems worldwide, according to reporting from GBHackers News. The malware distinguishes itself with advanced capabilities designed to evade detection, raising concerns among cybersecurity professionals. Attackers leveraging Lyrix have already compromised numerous machines, deploying techniques that allow the ransomware to bypass traditional security […]
The U.S. government has filed a forfeiture complaint to seize $7.7 million in funds allegedly laundered by North Korean IT workers, according to federal authorities. The money, which has been frozen for over two years, is believed to be tied to operations conducted by individuals working on behalf of North Korea through covert employment in […]
A newly identified strain of data-wiping malware, dubbed PathWiper, has been detected targeting critical infrastructure in Ukraine, according to cybersecurity researchers. The malicious software exhibits characteristics similar to previous wipers associated with Sandworm, a hacking group linked to disruptive cyber operations. The attack marks another instance of destructive malware being deployed against Ukrainian systems amid […]