Israel’s military intelligence unit, Unit 8200—specializing in cyber-espionage and electronic surveillance—has been using Microsoft’s cloud servers to store a vast archive of data on residents of Gaza and the West Bank. This trove, leveraged...
Fortinet has disclosed a critical vulnerability in its FortiSIEM system, already accompanied by a working exploit circulating publicly. The flaw enables a remote, unauthenticated attacker to execute arbitrary commands on the targeted system, making...
The Matrix Foundation, the organization behind the eponymous federated communication protocol, has announced the release of an unscheduled update addressing two high-severity vulnerabilities which, if successfully exploited, could have had critical consequences. According to...
Although passkeys are promoted as a passwordless, phishing-resistant, and inherently secure authentication method, Proofpoint researchers warn that such protection can be bypassed with relative ease. Under certain conditions, an attacker can force a user...
Researchers have reported a sharp surge in credential-stuffing attempts targeting Fortinet devices with SSL VPN enabled. On August 3, 2025, GreyNoise detected a wave of suspicious traffic involving more than 780 distinct IP addresses....
Researchers at ETH Zurich have unveiled a novel attack against AMD’s SEV-SNP hardware isolation mechanism, enabling a hypervisor-level adversary to extract sensitive data from protected virtual machines. Dubbed Heracles, the attack demonstrates how to...
The hacker groups ShinyHunters and Scattered Spider, once operating independently, now appear to have joined forces in a coordinated campaign to extort data from Salesforce’s corporate clients. As noted by ReliaQuest, ShinyHunters has undergone...
Bitdefender researchers have identified a previously unknown cyber-espionage group, provisionally dubbed Curly COMrades. According to the report, the threat actors are focused on maintaining long-term, covert access to the infrastructure of Georgian governmental and...
Authorities in Saint Paul, Minnesota, are still grappling with the aftermath of a cyberattack that crippled large portions of the city’s municipal operations. Responsibility for the incident has been claimed by the hacking group...
U.S. authorities have disclosed the details of a July operation against the BlackSuit ransomware syndicate, a coordinated strike that dismantled the group’s infrastructure and seized its digital assets. On July 24, in an internationally...
The North Korean cyber-espionage group Kimsuky has unexpectedly found itself in the role of victim after two hackers — identifying themselves as the “antithesis of Kimsuky’s values” — infiltrated its infrastructure and released stolen...
The ESET research team has published a detailed analysis revealing how the cyber-espionage group RomCom exploited a previously unknown path-traversal vulnerability in WinRAR (CVE-2025-8088) to stealthily install malicious software on victims’ computers. This flaw...
