A newly discovered threat actor known as BERT has introduced a ransomware variant capable of forcibly shutting down VMware ESXi virtual machines, significantly disrupting recovery operations. First identified in April 2025, the BERT ransomware kills ESXi processes before encryption begins, targeting hybrid IT environments across Asia, Europe, and the U.S. Security analysts track the group […]
Authorities in Milan arrested a Chinese national last week for alleged involvement in cyberespionage activities tied to the Silk Typhoon hacking group. The suspect, described as a China spy linked to Silk, is accused of targeting U.S. organizations and government agencies on behalf of a state-sponsored operation. Silk Typhoon, known for its sophisticated intrusion methods, […]
Security researchers have released proof-of-concept exploits for a critical Citrix NetScaler vulnerability known as CitrixBleed2. Tracked as CVE-2025-5777, the flaw enables attackers to easily steal user session tokens, raising concerns about widespread exploitation if systems remain unpatched. The disclosed exploits demonstrate how the vulnerability can be leveraged with minimal effort, putting organizations at immediate risk. […]
Hackers siphoned nearly $140 million from six Brazilian banks by exploiting login credentials purchased from an employee at C&M, a company specializing in financial connectivity services. The C&M worker received just $920 in exchange for the sensitive access, which attackers later used to orchestrate one of the country’s most damaging cyber heists. The breach targeted […]
AT&T has agreed to pay $177 million to settle claims linked to data breaches that occurred in 2019 and 2024. The breaches exposed sensitive customer information, prompting legal action and regulatory scrutiny. The settlement aims to compensate affected individuals and resolve legal disputes stemming from the incidents. The resolution follows investigations into how unauthorized actors […]
Hackers infiltrated Nova Scotia Power’s critical systems, compromising the personal data of nearly 300,000 individuals, according to the findings of an internal investigation. The Nova Scotia Power hack gave attackers access to sensitive information, including driver’s license numbers, Canadian Social Insurance details, and bank account information. Investigators confirmed that the breach involved unauthorized access to […]
A newly identified ransomware group known as Bert has launched a series of cyberattacks against organizations across several continents, focusing primarily on the healthcare and technology sectors. Researchers at Trend Micro revealed that the Bert Ransomware hits Technaturally, disrupting operations and compromising data in targeted industries that often struggle with outdated cybersecurity defenses. The attackers […]
Qantas Airways is facing a ransomware extortion attempt after hackers breached its systems and claimed to have stolen sensitive data tied to millions of customers. In a statement, the airline confirmed that threat actors are now demanding payment, marking the latest development in the ongoing cyberattack. Qantas extorted after hackers accessed internal data, possibly affecting […]
IBM has identified critical vulnerabilities in its Cloud Pak System, revealing new cyber risks for enterprise users. The disclosed IBM Cloud Pak flaws could allow remote attackers to manipulate system functions by exploiting HTML injection and prototype pollution issues. Security researchers at GBHackers News highlighted the potential for these bugs to undermine system integrity, leaving […]
Grafana has released critical security updates addressing four high-severity vulnerabilities found in its Image Renderer plugin and Synthetic Monitoring Agent’s Chromium component. The flaws, which stem from outdated Chromium libraries, posed significant risk to users running affected versions. The Grafana fixes high-risk issues by updating the underlying Chromium browser dependency, which both plugins rely on […]
Identity-related cyber incidents have surged dramatically, totaling 19,000 attacks from 2024 through the first quarter of 2025. According to Infosecurity Magazine, identity cyberattacks jumped 156% compared to 2023, signaling a sharp escalation in threats targeting user credentials and verification systems. The spike highlights the growing urgency for organizations to strengthen identity management protocols. Cybersecurity professionals […]
A newly identified spyware campaign has compromised over 100 victims within Russia’s industrial sector, according to cybersecurity firm Kaspersky. Based in Moscow, the company reported that the malware has infiltrated several dozen organizations, though it declined to name specific targets. Spyware hits Russian industrial systems as attackers continue to exploit vulnerabilities in the country’s critical […]