North Korea’s state-backed hacking group, Lazarus, has launched a sophisticated cyberattack campaign aimed at software developers and cryptocurrency users, according to SecurityScorecard’s STRIKE Team. The campaign, dubbed Operation Marstech Mayhem, leverages GitHub…
Category: English
Apple Issues Urgent Update to Fix USB Security Flaw
Apple has released an urgent security update to address a critical vulnerability, CVE-2025-24200, affecting iPhones and iPads. This flaw compromises USB Restricted Mode, a security feature designed to block unauthorized access through…
Millions of Infected Devices Power Massive Brute-Force Attack on VPNs
Cybersecurity researchers have uncovered a large-scale hacking campaign using millions of compromised devices to launch brute-force attacks against Virtual Private Networks (VPNs) and other internet-connected systems. The Shadowserver Foundation, a threat monitoring…
HPE Data Breach Exposes Sensitive Information in Midnight Blizzard Attack
Hewlett Packard Enterprise (HPE) has begun notifying state attorney general offices about a data breach that exposed sensitive personal information, including Social Security numbers and credit card details. The breach, which occurred…
Microsoft Warns of Exposed ASP.NET Keys Enabling Attacks
Microsoft has identified over 3,000 publicly exposed ASP.NET machine keys that could allow threat actors to execute code injection attacks on enterprise servers. The company’s Threat Intelligence team reported that in December,…
Paragon Spyware Targets Victims Across Europe, Italy Investigates
WhatsApp has exposed a large-scale hacking operation targeting victims across more than a dozen European countries, including seven Italians, with advanced spyware. Italy’s Agenzia per la Cybersicurezza Nazionale (ANC) is investigating the…
New NCSC Guidelines Strengthen Security for Edge Device Manufacturers
The UK’s National Cyber Security Centre (NCSC), in collaboration with international partners, has issued new guidelines aimed at enhancing the security and forensic capabilities of edge devices. These devices, including routers, IoT…
Federal Cybersecurity at Risk Amid Musk’s DOGE Involvement
Recent reports have sparked major concerns among cybersecurity experts and government officials regarding Elon Musk and his advisory group, the Department of Government Efficiency (DOGE). Since January 20, DOGE members have allegedly…
State-Sponsored Hackers Leverage Gemini AI for Cyber Operations
State-sponsored advanced persistent threat (APT) groups are increasingly experimenting with Google’s Gemini assistant to boost productivity and gather intelligence for cyber operations. According to a recent report by Google’s Threat Intelligence Group…
Critical RCE Vulnerability Discovered in D-Link DSL-3788 Routers
A critical unauthenticated Remote Code Execution (RCE) vulnerability has been discovered in D-Link DSL-3788 routers, allowing attackers to take full remote control of affected devices. The flaw impacts firmware versions v1.01R1B036_EU_EN and…