SentinelOne reported a sophisticated cyber operation named “PurpleHaze,” attributed to Chinese cyber-espionage groups APT15 and UNC5174, which targeted over 70 organizations globally using advanced tactics, including exploiting zero-day vulnerabilities and deploying the GOREshell backdoor.
The financial services sector is experiencing a significant increase in volumetric DDoS attacks, driven by geopolitical tensions and the rise of DDoS-for-hire services, with a notable 23% rise in application-layer attacks in 2024 compared to the previous year.
As APIs become prime targets for cybercriminals, organizations face significant risks from sophisticated attacks exploiting vulnerabilities, misconfigurations, and outdated security measures.
The FBI has warned that the Badbox 2.0 botnet has compromised over a million internet-connected devices worldwide, primarily targeting low-cost, uncertified consumer electronics, particularly those running on Android-powered IoT systems in smart homes.
President Donald Trump’s new executive order aims to revamp U.S. cybersecurity by addressing foreign threats, updating encryption standards, and modifying previous initiatives from the Biden and Obama administrations.
A critical unpatched vulnerability (CVE-2025-31022) in the PayU CommercePro plugin for WordPress allows unauthorized access to user accounts, including site administrators, affecting over 5,000 installations.
The hacker group Scattered Spider, also known as UNC3944 or Octo Tempest, has been implicated in significant cyberattacks on major UK retailers, including Marks & Spencer, utilizing sophisticated social engineering and ransomware tactics that have caused substantial financial and operational disruptions.
The event emphasized the importance of mastering cybersecurity basics, focusing on human behaviors and identity controls amid rising threats like voice phishing and credential theft.
Cybercriminals are using advanced AI technologies to impersonate high-ranking US government officials in a campaign aimed at breaching their online accounts through sophisticated phishing techniques.
Phishing-related data breaches have become the leading cause of data loss, affecting 54% of cybersecurity, IT, and sustainability leaders, with 86% of organizations experiencing a data breach in the past three years.
