Qilin Becomes Top Ransomware Group Amid RansomHub Chaos
Qilin became the top ransomware group in April amid uncertainty over the status of RansomHub, according to a Cyble blog post published today. RansomHub’s data…
Month: May 2025
House appropriators have reservations — or worse — about proposed CISA cuts
House appropriators on Tuesday challenged proposed budget cuts for the Cybersecurity and Infrastructure Security Agency, with Democrats saying the Trump administration was disturbingly moving money…
Microsoft 365 Copilot and Office Apps Now Protected by SafeLinks at Click Time
Microsoft announced a major update aimed at bolstering the cybersecurity of its flagship AI-powered productivity assistant, Microsoft 365 Copilot, and its suite of Office apps.…
How to Protect Your Business Against This Evolving Threat
Cybercriminals aren’t always loud and obvious. Sometimes, they play it quiet and smart. One of the tricks of making the rounds is called ClickFix. It…
Samsung MagicINFO flaw exploited days after PoC publication
Samsung MagicINFO flaw exploited days after PoC exploit publication Pierluigi Paganini May 06, 2025 Threat actors started exploiting a vulnerability in Samsung MagicINFO only days…
Apache Parquet exploit tool detect servers vulnerable to critical flaw
A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The…
Ransomware Attacks on Food & Agriculture Industry Surge 100% – 84 Attacks in Just 3 Months
The food and agriculture industry is facing an unprecedented wave of cybersecurity threats in 2025, with ransomware attacks doubling in the first quarter compared to…
Critical Langflow RCE flaw exploited to hack AI app servers
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and…
Microsoft Alerts That Default Helm Charts May Expose Kubernetes Apps to Data Leaks
Microsoft’s cybersecurity research team has issued a stark warning about the risks of using default Helm charts and Kubernetes deployment templates, revealing that popular cloud-native…
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. Samsung MagicINFO Server…
UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion
UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider, has transitioned from niche SIM swapping operations targeting telecommunications organizations to…
The Cyber Attacks Disney Didn’t See Coming
Disney was hit by two major 2024 cyberattacks, an ex-employee’s sabotage and a hacker’s AI trap, exposing internal flaws and stealing 1.1TB of sensitive data.…