A sophisticated phishing campaign is targeting organizations using Microsoft’s legacy Active Directory Federation Services (ADFS), exploiting vulnerabilities in single sign-on solutions to harvest user credentials and bypass multi-factor authentication.
The Salt Typhoon cyberattacks, attributed to a Chinese hacker group linked to the Ministry of State Security, compromised sensitive data across American telecommunications networks, raising significant national security concerns and highlighting critical flaws in digital security measures.
The Council of the European Union has imposed sanctions on three Russian hackers from GRU Unit 29155 for their involvement in significant cyberattacks against Estonian government agencies, resulting in the theft of sensitive data.
The UK government has launched a revised voluntary AI Cyber Security Code of Practice to enhance the security of AI systems and mitigate cybersecurity risks, developed in collaboration with Kainos and supported by various stakeholders.
A sophisticated one-click phishing campaign has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter) to promote fraudulent cryptocurrency schemes, with attackers employing various tactics to hijack accounts and mislead users.
In 2024, the number of actively exploited vulnerabilities rose to 768, marking a 20% increase from the previous year, highlighting ongoing challenges in cybersecurity.
