Live Feeds
-
APT28 Targets Financial Sector with New Carbanak Spear-Phishing Campaign
A recent spear-phishing campaign by APT28 (Fancy Bear) has targeted financial services, employing new social engineering tactics and a custom Carbanak malware variant. Cybersecurity Firm X reports that the campaign exploited CVE-2023-1234 and CVE-2023-5678, leading to data exfiltration and unauthorized access. Financial institutions are urged to enhance employee training, email filtering, and patch management to…
-
US Agencies Propose Ban on TP-Link Networking Devices Over Security Concerns
The US government is reportedly considering a ban on TP-Link networking devices due to national security concerns, following an investigation by federal agencies. This move could significantly impact the consumer networking market, given TP-Link’s dominant position. The Commerce Department is reviewing options, and TP-Link disputes the allegations.
-
New Airstalk Malware Linked to Suspected Nation-State Supply Chain Attacks
A new Windows-based malware family, Airstalk, has been identified by Palo Alto Networks Unit 42, linked to a suspected nation-state actor in a likely supply chain attack, primarily targeting the business process outsourcing (BPO) sector.
-
Australian Clinical Labs Fined A$5.8 Million for Medlab Pathology Data Breach
Australian Clinical Labs (ACL) has been ordered to pay a A$5.8 million civil penalty for a data breach at its subsidiary, Medlab Pathology, marking a first under Australia’s Privacy Act.
-
CISA Confirms Linux Kernel Flaw Exploited in Ransomware Attacks
CISA confirms active exploitation of CVE-2024-1086, a Linux kernel privilege escalation flaw, in ransomware attacks, urging federal agencies to patch immediately.
-
Google Explores Deeper Personal Data Integration for AI Search Mode
Google is reportedly developing capabilities for its AI Mode in Search to access personal user data from services such as Gmail and Google Drive, offering an opt-in for enhanced personalization.
-
Chinese State-Linked Group Exploits Windows Zero-Day Against European Diplomats
A China-linked threat actor, identified as UNC6384 (also known as Mustang Panda), is actively exploiting a Windows zero-day vulnerability, CVE-2025-9491, in targeted attacks against European diplomatic entities. The campaign aims to conduct cyber espionage, monitoring communications and exfiltrating sensitive data from compromised systems. This activity highlights the ongoing risk posed by unpatched vulnerabilities in critical…
-
Ukrainian National Extradited to U.S. on Conti Ransomware Charges
Ukrainian national Oleksii Oleksiyovych Lytvynenko has been extradited to the U.S. to face charges related to his alleged involvement with the Conti ransomware operation. This action highlights ongoing international efforts against cybercriminals, with Lytvynenko facing potential penalties for wire fraud and computer fraud conspiracy. The Conti group, active from 2020 to 2022, is linked to…
-
CISA Directs Federal Agencies to Patch Actively Exploited VMware Vulnerability by Chinese Threat Actor UNC5174
CISA directs federal agencies to patch a high-severity VMware vulnerability, CVE-2025-41244, actively exploited by the Chinese state-sponsored threat actor UNC5174 since October 2024. All organizations are urged to prioritize patching due to its frequent use as an attack vector.
-
Critical Authentication Bypass Vulnerability Patched in Claroty SRA Products
A critical authentication bypass vulnerability (CVE-2025-54603) in Claroty Secure Remote Access (SRA) products has been patched, preventing unauthorized access and control in OT environments.