The Chinese-backed Silver Fox APT group has launched a sophisticated malware campaign exploiting vulnerabilities in trojanized Philips DICOM viewers to infiltrate healthcare networks and access sensitive patient data.
A surge in cyber-attacks attributed to the Ghostwriter threat actor, linked to the Belarusian government, has been observed, utilizing weaponized Excel documents and advanced obfuscation techniques to target Ukrainian governmental bodies and opposition groups in Belarus.
AI-generated synthetic identities are increasingly exploiting advanced technologies like deepfakes to bypass biometric security systems, posing significant risks to businesses and financial institutions.
A sophisticated botnet operation is exploiting vulnerabilities in Microsoft 365’s authentication process to conduct large-scale password-spraying attacks, primarily affecting organizations in Western countries.
Ransomware actors are increasingly targeting data exfiltration, with over 80% of attacks in 2024 utilizing this method, resulting in faster breaches and significant challenges for network security.
In 2024, the healthcare sector has become the primary target for cybercriminals, experiencing a significant increase in ransomware attacks that have compromised over 25.6 million healthcare records and resulted in substantial financial losses.
A critical cross-site scripting vulnerability, tracked as CVE-2025-24752, has been found in the Essential Addons for Elementor plugin, potentially affecting over two million WordPress websites before being patched by WPDeveloper.
Apple has announced the discontinuation of its Advanced Data Protection feature for new iPhone users in the UK due to government pressure for a backdoor to access encrypted data, raising significant privacy concerns.
A recent study reveals that 80% of manufacturing firms experienced a significant increase in cyber incidents over the past year, primarily targeting converged IT and OT systems, with many companies unprepared for the heightened risks.
Andrew Shenkosky, a 29-year-old Michigan resident, has been indicted on multiple charges including wire fraud and identity theft for allegedly purchasing and using 2,500 stolen login credentials from a dark web marketplace.
