- Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan
May 13, 2025
In July 2024, Trend Micro disclosed the TIDRONE campaign, in which threat actors targeted Taiwan’s military and satellite industries. During their investigation, Trend Micro researchers discovered that multiple compromised entities were using the same enterprise resource planning (ERP) software. This led the researchers to engage with the ERP vendor, through which they uncovered additional details that ...
- Horabot Unleashed: A Stealthy Phishing Threat
May 12, 2025
In April, FortiGuard Labs observed a threat actor using phishing emails with malicious HTML files to spread Horabot, malware that primarily targets Spanish-speaking users. It is known for using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email credentials, harvest contact lists, and install banking ...
- Mitel Releases Security Advisory for Mitel SIP Phones
May 12, 2025
Mitel has released security advisory addressing two vulnerabilities in Mitel SIP Phones including Mitel 6800 Series, 6900 Series, 6900w Series and 6970 Conference Unit. CVE-2025-47188 has a CVSSv3 base score of 9.8 and is a ‘command injection’ vulnerability that could allow an unauthenticated attacker to inject and execute arbitrary commands on the device. Exploitation could lead ...
- Marbled Dust leverages zero-day in Output Messenger for regional espionage
May 12, 2025
Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. These exploits have resulted in collection of related user data from targets in Iraq. Microsoft Threat ...
- Turkish intel busts cyber espionage ring stealing personal data
May 10, 2025
Türkiye’s National Intelligence Organization (MIT) has dismantled a cyber espionage network that sought to steal personal and financial data from citizens by imitating corporate identities through fake cell towers, security sources said Saturday. After months of investigations and surveillance, seven foreign nationals were caught red-handed in a joint operation with Istanbul police and prosecutors, sources said, ...
- Cisco Releases May 2025 IOS XE Software Security Advisory Bundled Publication
May 8, 2025
Cisco has released 20 security advisories that describe 26 vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Cisco IOS (internetwork operating system) is the operating system used on Networking devices. Cisco IOS XE is a modular version of that operating system, used on newer enterprise networking devices. Cisco has released software updates that ...
- Ransomware group Lockbit appears to have been hacked
May 8, 2025
The ransom-seeking cybercriminals behind the extortion group Lockbit appear to have suffered a breach of their own, according to a rogue post to one of the group’s websites and security analysts who follow the gang. On Wednesday one of Lockbit’s darkweb sites was replaced with a message saying, “Don’t do crime CRIME IS BAD xoxo from ...
- Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds
May 8, 2025
The relentless battle against online fraud is a constant evolution, a digital chase where security teams and malicious actors continually adapt. The increasing sophistication of attacks is blurring the lines between legitimate user behavior and impersonation attempts. The campaign we are exposing today is a reminder that even the most advanced security technologies do not dissuade ...
- A timeline of South Korean telco giant SKT’s data breach
May 8, 2025
In April, South Korea’s telco giant SK Telecom (SKT) was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, equivalent to almost half of the country’s 52 million residents. At a National Assembly hearing in Seoul on Thursday, SKT chief executive Young-sang Ryu said about 250,000 users have ...
- Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)
May 7, 2025
In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access (“SMA”) 100 series appliances (SMA 200, 210, 400, 410, 500v). These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access to an SMA SSLVPN user account can chain these vulnerabilities to make a sensitive system directory writable, ...
- Russia: Damage from phone scammers in Russia exceeded $2.1 bln in 2024
May 7, 2025
More than 640,000 cases of remote fraud were reported in Russia in 2024, while the damage they caused exceeded 170 billion rubles ($2.1 bln), the Public Relations Center of the Federal Security Service (FSB), reported. According to the FSB, “the measures taken stopped the functioning of the illicit virtual communications center, seized more than 1,200 SIM ...