United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a…
Category: CyberSecurityNews
Microsoft365 Themed Attack Leveraging OAuth Redirection for Account Takeover
Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques. Threat researchers are warning organizations…
Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware
A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand. …
SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware
Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks,…
Bitdefender Warns of Multiple Vulnerabilities that Let Attackers Execute MITM Attack
Bitdefender has disclosed two critical vulnerabilities affecting its BOX v1 device that could allow network-adjacent attackers to execute Man-in-the-Middle (MITM) attacks, potentially leading to remote…
Mozilla Urging Users to Update Firefox, Else Add-ons Will Stop Working
Mozilla has issued an urgent warning to Firefox users worldwide, emphasizing the critical need to update their browsers before March 14, 2025, when a vital…
2-year-old Windows Kernel 0-day Vulnerability Exploited in the Wild
Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years. The vulnerability, tracked as CVE-2025-24983, was included in…
Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords
A significant security vulnerability has been identified in Apache NiFi, allowing potential attackers with specific access privileges to expose MongoDB authentication credentials. The vulnerability, tracked…
DeepSeek Generating Fully Working Keyloggers & Data Exfiltration Tools
Security researchers at Unit 42 have successfully prompted DeepSeek, a relatively new large language model (LLM), to generate detailed instructions for creating keyloggers, data exfiltration…
Siemens SINAMICS S200 Bootloader Vulnerability Let Attackers Compromise the Device
Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader. …
Hackers Abuse Microsoft Copilot for Sophisticated Phishing Attack
As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant. Microsoft Copilot,…
86,000+ Healthcare Staff Records Exposed from Misconfigured AWS S3 Bucket
A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. Cybersecurity…