News – March 2025

March 31, 2025

A former GCHQ intern has admitted risking national security by taking top secret data home with him on his mobile phone. Hasaan Arshad, 25, pleaded guilty to an offence under the Computer Misuse Act on what would have been the first day of his trial at the Old Bailey in London. The charge related to committing ...

March 31, 2025

The Earth Alux APT group’s schemes and tactics have been uncloaked through our relentless monitoring and investigation efforts. The China-linked intrusion set is actively launching cyberespionage attacks against the government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors. The first sighting of its activity was in the second quarter of 2023; back then, it was ...

March 31, 2025

Oracle is dealing with the fallout of a double data breach — one exposing patient data at US hospitals, and another raising concerns about its cloud security. Reports over the weekend suggest a breach at Oracle Health, formerly known as Cerner, has impacted multiple US healthcare organisations and hospitals. Threat actors are believed to have stolen ...

March 30, 2025

The increasing use of solar power has exposed critical cybersecurity vulnerabilities in inverters, cloud computing services, and monitoring platforms, creating an insecure ecosystem where hackers can manipulate energy production, disrupt power grids, and steal sensitive data, posing serious risks to global energy infrastructure, experts have warned. A study by Forescout – Vedere Labs identified 46 new ...

March 29, 2025

A mother and father have said they were arrested in front of their young daughter and held in a cell for 11 hours after making “disparaging” comments about her school. Maxie Allen and Rosalind Levine Hertfordshire Constabulary officers turned up at their home after the school objected to criticisms. The couple were questioned on suspicion of ...

March 28, 2025

Water Gamayun, a suspected Russian threat actor also known as EncryptHub and Larva-208, has been exploiting the MSC EvilTwin (CVE-2025-26633), a zero-day vulnerability that was patched on March 11. In the first installment of this two-part series, Trend Research discussed in depth its discovery of an Water Gamayun campaign exploiting this vulnerability. In this blog entry, ...

March 28, 2025

On Thursday, Amnesty International published a new report detailing attempted hacks against two Serbian journalists, allegedly carried out with NSO Group’s spyware Pegasus. The two journalists, who work for the Serbia-based Balkan Investigative Reporting Network (BIRN), received suspicious text messages including a link — basically a phishing attack, according to the nonprofit. In one case, Amnesty ...

March 28, 2025

Ransomware gangs FOG and Akira continue to be the main culprits behind a number of recent cyberattacks plaguing businesses locally and across the Caribbean, a cyber-security expert has indicated. According to Rory Ebanks, director of cybersecurity at Symptai Consulting Limited, the two ransomware gangs, which both emerged in the last three years, primarily exploit vulnerabilities in ...

March 27, 2025

SonicWall Capture Labs threat research team became aware of the threat CVE-2023-22621, assessed its impact and developed mitigation measures for this vulnerability. CVE-2023-22621 is a high-severity vulnerability affecting Strapi versions 3.0.0 through 4.5.5. The flaw permits authenticated Server-Side Template Injection (SSTI), allowing a remote attacker with access to the Strapi admin panel to bypass validation checks ...

March 27, 2025

An NHS software provider has been fined £3m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS. The Advanced Computer Software Group was fined for a breach that put personal information of 79,404 people at risk, the UK’s data protection watchdog said. The firm provides IT and ...