Iranian pleads guilty to RobbinHood ransomware attacks, faces 30 years
An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S.…
Month: May 2025
Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs
The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government…
FBI Warns About Silent Ransom Group Targeting Law Firms
The FBI is warning that a threat group is using IT-themed social engineering calls and callback phishing emails to gain remote access to systems and…
Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack
An Iranian national has admitted in US federal court that he helped run the Robbinhood ransomware crew behind a series of extortion attacks that crippled…
Windows 11 Notepad Introduces AI-Powered Writing with Copilot Integration
Microsoft’s venerable Notepad, a staple of Windows since the 1980s, is undergoing its most significant transformation yet. With the latest Windows 11 Insider builds, Notepad…
Hackers Exploit Craft CMS Vulnerability to Inject Cryptocurrency Miner Malware
Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense…
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
May 27, 2025Ravie LakshmananCloud Security / Threat Intelligence Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into…
What are the best practices for securing AWS tech stacks?
Amazon Web Services (AWS) has become the lifeblood of millions of modern businesses, both big and small. But while this popular cloud platform enables them…
Hackers Imitate OneNote Login to Steal Office365 & Outlook Credentials
A sophisticated phishing campaign targeting Italian and U.S. users through fake Microsoft OneNote login prompts designed to harvest Office 365 and Outlook credentials. The attack…
Hackers Use Fake OneNote Login to Capture Office365 and Outlook Credentials
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and U.S. users, utilizing a chain of free cloud platforms and…
Security vs. usability: Why rogue corporate comms are still an issue
Internal and external comms are an age-old minefield for security leaders, with teams balancing security with usability. In some cases, insecure comms systems can turn…
US authorities charge 16 in operation to disrupt DanaBot malware
U.S. authorities on Thursday charged 16 defendants in a massive global operation to disrupt the Russia-based cybercrime group behind the DanaBot malware. DanaBot infected more…