Thousands of account credentials from major cybersecurity vendors have been discovered for sale on dark web marketplaces, primarily due to the rise of infostealers, posing significant risks to both vendors and their clients.
View full story…

In 2025, the cyber threat landscape in North America is expected to be significantly influenced by geopolitical dynamics, particularly with Donald Trump as President, as threat actors from rival nation-states exploit vulnerabilities in cyberspace, posing challenges for organizations across the region.
View full story…

NCC Group reported a record high of 574 ransomware incidents in December 2024, driven by the aggressive tactics of the newly emerged extortion group Funksec and notable attacks from Black Basta, highlighting a concerning trend in the evolving threat landscape.
View full story…

The UK education sector faces a growing threat from cyberattacks, with 77% of institutions reporting breaches in the past year, driven by ransomware incidents and inadequate cybersecurity measures.
View full story…

Two ransomware groups, STAC5143 and STAC5777, are leveraging Microsoft Teams and other Microsoft 365 services to gain unauthorized access to corporate systems for data exfiltration and potential extortion.
View full story…

Recent research reveals that cybercriminals are increasingly using Zendesk’s platform for phishing campaigns and investment scams, employing tactics like brand impersonation and deceptive subdomains to target victims.
View full story…

Oracle has announced the release of patches to address 320 security vulnerabilities affecting over 90 products and services, with critical vulnerabilities scoring as high as 9.9.
View full story…

The United States Department of Justice and the FBI have executed a court-authorized operation to remotely delete a variant of the PlugX malware from over 7,000 infected computers in the US and France, highlighting the importance of international collaboration in cybersecurity efforts.
View full story…

The Digital Operational Resilience Act (DORA), effective January 17, 2025, mandates stringent cybersecurity and operational resilience requirements for financial institutions and their ICT service providers across the European Union.
View full story…

The Murdoc_Botnet, a new variant of the Mirai malware, is exploiting vulnerabilities in AVTECH IP cameras and Huawei HG532 routers, infecting over 1,370 systems globally since July 2024.
View full story…

The Salt Typhoon attack, attributed to Chinese state-sponsored hackers, has compromised major US telecommunications firms and sensitive government communications, marking a significant escalation in cyber operations targeting critical infrastructure.
View full story…

A sophisticated Android malware campaign named “Tanzeem,” linked to the Indian DoNot APT group, is designed for intelligence gathering and poses significant security risks to users in South Asia, particularly in the Kashmir region of India.
View full story…

A significant cyberattack on December 19, 2024, attributed to Russian hackers, severely compromised Ukraine’s state registers and digital infrastructure, prompting a reevaluation of the country’s cybersecurity strategies.
View full story…