Four Hackers Caught Exploiting Old Routers as Proxy Servers
U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks.…
Month: May 2025
iClicker Website Hacked with Fake CAPTCHA in ClickFix Attack
Popular student engagement platform iClicker’s website was compromised with a ClickFix attack. A fake “I’m not a robot” check tricked users into installing malware. Learn…
Now ransomware starts infecting Central Processing Units aka CPUs
For years, hackers have been relying on file-encrypting malware that targets storage devices, locking users out of their files and demanding a ransom in cryptocurrency…
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
May 13, 2025Ravie LakshmananVulnerability / Threat Intelligence A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to…
State and local election officials plead with Congress for election security funding
As the Trump administration takes a hatchet to the federal government’s election security work and attempts to place conditions on funding to states, state and…
Microsoft will update Office apps on Windows 10 until 2028
Microsoft has backtracked on its plan to end support for Office apps on Windows 10 later this year and announced that it will continue providing…
PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)
Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied by a proof-of-concept (PoC) exploit demonstrating partial sandbox bypass via Apple’s…
PowerSchool data breach leads to school extortion attempts
Dive Brief: Threat actors are trying to extort some public schools by threatening them with teacher and student information stolen in a December 2024 data…
An $8.4 Billion Chinese Hub for Crypto Crime Is Incorporated in Colorado
Those money laundering and scam-enabling services, however, are far from the only shady offerings found on Xinbi Guarantee’s market. Elliptic also found listings for surrogate…
Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack
British retail giant Marks & Spencer has officially confirmed that customer personal data was compromised during a cyber attack that began three weeks ago. The…
M&S says customer data stolen in cyberattack, forces password resets
Marks and Spencer (M&S) confirms that customer data was stolen in a cyberattack last month, when ransomware was used to encrypt servers. The attack occurred…
Zoom Workplace Apps Flaws Allow Hackers to Gain Elevated Access
Zoom has released multiple security bulletins addressing seven newly discovered vulnerabilities in Zoom Workplace Apps, with one rated as high severity. All vulnerabilities were disclosed…