Cisco has confirmed the active exploitation of a medium-severity cross-site scripting vulnerability (CVE-2014-2120) in its Adaptive Security Appliance, prompting immediate action from affected organizations.
View full story…

An international law enforcement operation, known as Operation Passionflower, successfully dismantled MATRIX, an encrypted messaging platform used by organized crime for serious illicit activities, leading to multiple arrests and the seizure of significant assets.
View full story…

The North Korean-linked Kimsuky group has escalated its phishing attacks, utilizing advanced malwareless techniques to target various sectors, including researchers and financial institutions, to steal credentials.
View full story…

ENGlobal Corporation, a Texas-based contractor for the US energy sector, is facing significant operational disruptions due to a ransomware attack that began on November 25, 2024, raising concerns about national energy security and the vulnerabilities of critical infrastructure providers.
View full story…

A recent report highlights that while security professionals view generative AI as beneficial for enhancing threat detection, it also poses significant risks, particularly in phishing and malware attacks, necessitating updated cybersecurity strategies.
View full story…

Interpol’s Operation Haechi V successfully disrupted cyber-enabled financial crimes across more than 40 countries, resulting in over 5,500 arrests and the seizure of $400 million linked to various fraudulent schemes.
View full story…

A sophisticated phishing campaign targets individuals through fraudulent emails, using intentionally corrupted DOCX documents that exploit Microsoft Word’s recovery feature to bypass security measures and capture login credentials.
View full story…

Criminals, including paedophiles and scammers, are increasingly misusing AI technology, particularly deepfakes, leading to significant financial losses and necessitating urgent adaptations in law enforcement and cybersecurity measures.
View full story…

Mikhail Pavlovich Matveev, a notorious ransomware operator known as WazaWaka, has been arrested in Russia for his involvement in numerous cyberattacks, including extorting over $75 million from victims and targeting critical infrastructure.
View full story…

Zero Trust security emphasizes continuous verification and minimal trust assumptions to mitigate risks from modern cyber threats, enhancing organizational resilience and productivity.
View full story…

In 2025, small and medium-sized businesses will face increased cybersecurity threats from AI-driven attacks and advanced social engineering tactics, necessitating significant investment and strategic responses to safeguard their digital environments.
View full story…

Amazon Web Services (AWS) has introduced a new service called AWS Security Incident Response (SIR) to automate and enhance the management of cybersecurity incidents for organizations, providing centralized communication and 24/7 access to its Customer Incident Response Team.
View full story…

The United States is facing a surge in cyberattacks from the Chinese hacking group Volt Typhoon, which has successfully infiltrated critical infrastructure systems, raising significant national security concerns.
View full story…

A sophisticated cyber campaign utilizing an advanced variant of SmokeLoader has been identified, targeting critical sectors in Taiwan, including manufacturing, healthcare, and information technology, through phishing emails and exploiting outdated security vulnerabilities.
View full story…