The French Ministry of Education experienced a major data breach claimed by the Stormous ransomware group, exposing sensitive information of over 40,000 individuals. This attack threatens the security of personal data for students and staff across France, highlighting vulnerabilities in national education infrastructure. #Stormous #DataBreach…
Tag: EMAIL
The U.S. CISA has added critical vulnerabilities in Erlang/OTP SSH and Roundcube Webmail to its KEV catalog due to active exploitation risks. These flaws could allow remote command execution and email theft, posing significant threats to affected systems. #Erlang #Roundcube…
Rare Werewolf, an APT group, has targeted Russia and CIS countries using legitimate software and phishing tactics to deploy cryptojackers and facilitate remote access. The group’s activities include using PowerShell scripts, remote desktop tools, and decoy documents, complicating detection efforts. #RareWerewolf #APT #Cryptojacking…
Google addressed a security flaw that could allow attackers to brute-force recovery phone numbers and leak sensitive account information. The vulnerability was exploited through a deprecated form that lacked anti-abuse protections, but has since been fixed by Google. #BruteforceAttack #AccountRecoveryVulnerability…
Over 80,000 Roundcube webmail servers are affected by a critical remote code execution vulnerability, CVE-2025-49113, which has been exploited in attacks. The flaw, present in versions 1.1.0 to 1.6.10, involves PHP Object Injection through flawed logic and un-sanitized parameters, enabling threat actors to compromise servers. #RoundcubeVulnerability #CVE2025-49113…
The ransomware claim reports that the threat actor stormous accessed data from education.gouv.fr, exposing the personal information of over 40,000 individuals, including email addresses, passwords, dates, login URLs, names, and regions. The impacted country is France. #France
A threat actor named Sophia01 is selling a dataset allegedly stolen from SCP Spain, containing over 150,000 records with sensitive personal and financial information. SCP Spain was previously breached on June 15, 2024, indicating ongoing vulnerabilities or data resale activities. #SCPSpain #DataBreach #ThreatActorSophia01…
Kimsuky, a North Korea-linked threat group, has launched an advanced multi-platform attack targeting Korean users through social engineering and sophisticated malware. The campaign demonstrates the group’s evolving tactics, including the use of Facebook, email, and Telegram to infiltrate and exfiltrate data from victims. #Kimsuky #AppleSeed #RemoteAccessTrojan #SocialEngineering…
Silent Push Enterprise Edition enhances security operations by enriching indicators with extensive context, enabling automated, proactive threat detection and response at scale across multiple SOAR platforms. Integrations with Cortex XSOAR, Splunk SOAR, Torq, Swimlane, Tines, and ServiceNow streamline workflows, reduce manual triage, and improve detection and mitigation of emerging threats. #SilentPush…
Recent cyberattacks in Texas and Illinois have led to the theft of sensitive personal data, including crash reports and employee information. These incidents highlight vulnerabilities in government systems and the importance of robust cybersecurity measures. #TxDOT #HFS #data breach…
Researchers discovered a flaw in Google’s legacy recovery form that allowed brute-force attacks on user phone numbers, risking phishing and SIM-swapping. Google addressed the issue by deprecating the vulnerable endpoint, enhancing account security. #GoogleVulnerability #BruteForceAttacks
A cybercrime group called DarkGaboon has been conducting targeted ransomware attacks on Russian companies across multiple sectors, using LockBit 3.0 ransomware and phishing emails in Russian. Although their methods are similar to other LockBit operations, DarkGaboon operates independently and primarily targets financial departments with malicious documents. #DarkGaboon #LockBit3.0 #RussianCyberattacks…
Guardz is a cybersecurity startup focused on providing an all-in-one platform for small and medium-sized businesses, securing $56 million in Series B funding. The company’s AI-powered detection and response platform integrates multiple security functions and expands its reach in the U.S. market. #SentinelOne #MSPs…
Librarian Ghouls, an APT group targeting Russian and CIS entities, employs legitimate third-party software and scripting rather than custom malware for its attacks, focusing on credential theft and deploying a crypto miner. Their ongoing campaign features phishing emails, remote access tools, and complex infection stages, with hundreds of victims primarily in Russia and neighboring countries. #LibrarianGhouls #RareWerewolf #Rezet #XMRig #AnyDesk
OpenAI announced the shutdown of ChatGPT accounts linked to Russian-speaking threat actors and Chinese nation-state hacking groups, exploiting AI for malware development, social media automation, research, and cyber campaigns. These groups used the models for developing malware, bypassing security, and executing disinformation and espionage activities. #ScopeCreep #UNC2630 #APT15 #CyberThreatActors…