The British Library fell victim to a ransomware attack by the Rhysida group, resulting in the exfiltration of personal information due to vulnerabilities in the Terminal Services server and lack of MFA.
Threat actor Magnet Goblin targets edge devices and public-facing services in US medical, manufacturing, and energy-sector organizations by exploiting 1-day vulnerabilities.
BianLian threat actor has shifted towards extortion activities, targeting organizations in various industries by exploiting vulnerabilities in the TeamCity continuous integration server for initial access.
Attackers are actively exploiting the CVE-2023-22527 vulnerability in Atlassian Confluence Data Center and Confluence Server, using in-memory payloads to execute arbitrary code and control compromised servers.
Attackers exploit legitimate Dropbox email address to distribute malware and steal credentials, bypassing multi-factor authentication.
Swiss federal administration data breached by Play ransomware group, sensitive information exposed.
