Mandiant researchers have uncovered an attack targeting legacy installations of the Sitecore platform. The attackers exploited a demonstration ASP.NET key that had been publicly included in official documentation until 2017. This flaw, tracked as...
Censys Inc., the developer of the eponymous internet-mapping tool, has warned of attempts by government entities to exploit its research program under the guise of academic projects. The company is set to present a...
Hackers launched a large-scale attempt to steal funds from the Brazilian company Sinqia S.A., a provider of financial IT services. The incident occurred on August 29 and targeted the infrastructure of Pix, Brazil’s instant...
Jaguar Land Rover has disclosed a cyberattack that forced the company to temporarily shut down several critical systems. The incident had a significant impact on manufacturing and retail operations, though preliminary assessments indicate that...
Cloudflare has reported blocking the largest volumetric DDoS attack ever recorded, with traffic peaking at an astonishing 11.5 terabits per second. In such attacks, adversaries overwhelm targets with massive floods of data, saturating network...
The hacker collective LunaLock has introduced a new twist to the classic extortion playbook, preying on the fears of artists and their clients. On August 30, the site Artists&Clients—a platform connecting independent illustrators with...
The research group Deep Specter Research has uncovered a multilayered scheme of phishing and brand impersonation that quietly operated for years on Google Cloud and Cloudflare infrastructure. According to their findings, attackers systematically acquired...
A California resident has found himself at the center of a high-profile criminal case involving ransomware extortion attacks. According to the U.S. Department of Justice, the defendant allegedly participated in the distribution of the...
Researchers at Armis Labs have uncovered ten severe vulnerabilities in Copeland’s E2 and E3 industrial controllers, widely deployed by the world’s largest retail chains and cold storage providers. These devices manage refrigeration systems, HVAC,...
The Office of the Attorney General of Pennsylvania (OAG) has confirmed that it fell victim to a large-scale ransomware attack that crippled its servers and caused significant delays in both criminal and civil proceedings....
The APT group Silver Fox has integrated a previously unknown vulnerable driver, WatchDog Antimalware, signed by Microsoft, into its attack chains. Exploiting this driver, the attackers disable defenses even on fully updated Windows 10...
Cisco Talos specialists have uncovered more than 1,100 instances of Ollama—a framework designed for running LLM models locally—exposed directly to the internet. Around 20% of these were active, serving models vulnerable to unauthorized access,...
