The U.S. Federal Cybersecurity Agency has issued a warning about a surge in targeted attacks involving commercial surveillance tools and remote-access software. Threat actors have increasingly focused on users of popular messaging platforms, seeking...
A recent incident involving malicious files in the 3D-graphics ecosystem has revealed how vulnerable even familiar tools can become when used alongside automated features. On popular model-sharing platforms, attackers have begun uploading Blender projects...
The escalating saga surrounding the Salesforce ecosystem data breach has taken a new turn after the group ShinyHunters publicly claimed responsibility for its role in the incident. The events, unfolding over several months, have...
A recently patched vulnerability in Microsoft’s Windows Server Update Services has triggered a wave of attacks involving one of the most notable espionage tools of recent years. The incidents underscore how swiftly adversaries move...
A new scheme for distributing malicious links through browser push notifications is rapidly gaining traction and drawing the attention of security specialists. It is built upon the Matrix Push C2 platform, designed to covertly...
The servicing chain of the U.S. mortgage market has suffered a new disruption following an incident at SitusAMC — a key link responsible for supporting mortgage transactions, processing payments, and storing document packages for...
An updated patch set for the GRUB2 bootloader has been released publicly, addressing six vulnerabilities at once, most of which stem from accessing memory after it has been freed. Such flaws could potentially allow...
The United Kingdom’s National Crime Agency has announced that it has dismantled an intricate financial network used by intelligence services to bankroll the operations of a spy ring linked to former Wirecard executive Jan...
Hackers gained access on 10 November to Princeton University’s database, which contained the personal information of individuals connected to the institution — alumni, donors, and students. In October, similar breaches struck the University of...
Israel’s NSO Group is attempting to overturn a ruling by a California federal court that ordered the company to cease using WhatsApp’s infrastructure to deliver its Pegasus spyware. The legal dispute has dragged on...
Specialists from Group-IB have released an in-depth analysis of the long-running UNC2891 campaign, which demonstrates how inventive modern attack schemes against ATM networks have become. At the center of the operation was a compact...
The NAFFCO company—renowned for large-scale fire-safety projects throughout the Middle East—has found itself at the center of intense discussion following a dark-web post alleging a massive data breach. The incident has drawn widespread attention...
