UK retailers under cyber attack: Co-op member data compromised
UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted…
Month: May 2025
Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks
Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks Pierluigi Paganini May 05, 2025 MintsLoader is a malware loader delivering the…
Microsoft silently fixes Start menu bug affecting Windows 10 PCs
Microsoft has silently fixed an issue that broke Start Menu jump lists for all apps on systems running Windows 10, version 22H2. The Windows 10…
Germany Most Targeted Country in Q1 2025 DDoS Attacks
Cloudflare’s Q1 2025 DDoS Threat Report: DDoS attacks surged 358% YoY to 20.5M. Germany hit hardest; gaming and telecom were among the top targets. The…
Ukrainian Extradited To U.S. For Nefilim Ransomware Scheme
Artem Stryzhak, a Ukrainian national, has been extradited from Spain to the United States to face charges related to a global ransomware operation that used…
Apache Parquet Java Vulnerability CVE-2025-46762 RCE Risk
A vulnerability has been identified in Apache Parquet Java, which could leave systems exposed to remote code execution (RCE) attacks. Apache Parquet contributor Gang Wu discovered,…
Windows 11 24H2 now ready to rollout to everyone
Microsoft announced over the weekend that the Windows 11 24H2 update is ready to roll out to all compatible PCs, excluding those with safeguard holds.…
Apache Parquet Java Vulnerability Enables Remote Code Execution
A high-severity vulnerability (CVE-2025-46762) has been discovered in Apache Parquet Java, exposing systems using the parquet-avro module to remote code execution (RCE) attacks. The flaw,…
Security Researchers Warn a Widely Used Open Source Tool Poses a ‘Persistent’ Risk to the US
“Nation states take on a strategic positioning,” says George Barnes, a former deputy director at the National Security Agency, who spent 36 years at the…
Hackers Exploit Email Fields to Launch XSS and SSRF Attacks
Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site scripting (XSS) and server-side request forgery (SSRF) attacks. These vulnerabilities, often overlooked in web…
Access reviews can be fixed – here’s how.
Regular User Access Reviews are required for regulatory compliance with standards such as SOX, HIPAA, GLBA, PCI, NYDFS, NYSDOH, and SOC 2. Additionally, increasing numbers…
Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims
A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed a surge in malicious activity tied to the Luna Moth hacking…