Cybercrime

July 29, 2025

Gunra ransomware was first observed in April 2025 in a campaign that targeted Windows systems using techniques inspired by the infamous Conti ransomware. Trend Micror monitoring of the ransomware landscape revealed that threat actors behind Gunra have expanded with a Linux variant, signaling a strategic move toward cross-platform targeting. The novel ransomware group has already made ...

July 29, 2025

Scattered Spider (also known as, UNC3944, Scatter Swine, Oktapus, Octo Tempest, Storm-0875, and Muddled Libra) engages in data extortion and several other criminal activities. Scattered Spider threat actors use multiple social engineering techniques—including push bombing—and subscriber identity module (SIM) swap attacks, to obtain credentials, install remote access tools, and/or bypass multi-factor authentication (MFA). According to public ...

July 29, 2025

Orange, a French telecommunications giant and one of the largest phone providers in the world, announced on Monday that it was the victim of an unspecified cyberattack. In the announcement, the company said that it detected a cyberattack “on one of its information systems” on July 25, and that it proceeded to “isolate potentially affected services ...

July 29, 2025

Microsoft released an advisory for CVE-2025-53770, a critical Remote Code Execution (RCE) vulnerability affecting on-premise SharePoint servers. This vulnerability has been exploited in the wild as a zero-day by an unknown threat actor prior to the disclosure from Microsoft. The vulnerability is described as an unauthenticated deserialization of untrusted data issue, and has a CVSS base ...

July 29, 2025

Gaming kit maker Endgame Gear has confirmed it was the victim of a supply chain attack which saw unidentified threat actors break into its website and replace a legitimate configuration tool with a trojanized version containing malware. In an announcement posted on the company’s website, it said on June 26 2025, someone managed to replace a ...

July 28, 2025

The infamous ScatteredSpider ransomware group is using VMware instances to target critical infrastructure organizations in the US, researchers have warned. In the campaign, the hackers do not exploit any vulnerabilities, but instead go for “aggressive, creative, and particularly skilled” social engineering. They first reach out to their victim’s IT desk, impersonating an employee, and asking for ...

July 28, 2025

Russia’s Aeroflot airline has cancelled 49 round-trip flights to and from Moscow due to an IT system failure, the air carrier reported. The press service of the Prosecutor General’s Office of Russia said that the airline’s information systems were brought down by a hacker attack. The carrier warned of adjustments to its flight schedule, including delays ...

July 28, 2025

NASCAR has confirmed it suffered a cyberattack and a data breach in April 2025 which saw personal information of racing fans allegedly stolen. The organization filed data breach reports with attorneys general in multiple US states, describing what had happened, and how it responded, noting the attack started on March 31, 2025, and was spotted – ...

July 26, 2025

This analysis is a follow-up to the investigation titled ‘Intrusion into Middle East Critical National Infrastructure’, conducted by the FortiGuard Incident Response Team (FGIR), which investigated a long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East. The report revealed that threat actors had installed numerous web shell servers on the compromised system. In ...

July 26, 2025

U.S. insurance giant Allianz Life has confirmed to TechCrunch that hackers stole the personal information of the “majority” of its customers, financial professionals, and employees during a mid-July data breach. When reached by TechCrunch, Allianz Life spokesperson Brett Weinberg confirmed the breach. “On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based ...