Category: Cyber

This week’s cybersecurity landscape highlights how both private enterprises and government institutions remain under relentless attack from a variety of threat actors. From ransomware gangs targeting ministries in Latin America to critical vulnerabilities in industrial systems, the risks continue to evolve across geographies and sectors. Key incidents include breaches at Plex, LNER, and Vietnam’s National…

Read More “Weekly Cyber Intelligence Brief Global Threats & Breaches” »

This week’s Cybersecurity Intelligence Weekly (Sept 1–7, 2025) highlights a series of high-impact incidents shaping the global threat landscape. From large-scale manufacturing disruptions at Jaguar Land Rover and Bridgestone to critical zero-day exploits in WhatsApp, Apple, and Sitecore, the week underscores the growing risks faced by enterprises and individuals alike. The report also covers state-sponsored campaigns, massive…

Read More “Cybersecurity Intelligence Weekly, Global Threat Landscape (Sept 1–7, 2025)” »

APT29 compromised popular sites by injecting obfuscated JavaScript that quietly redirected around 10% of visitors to actor‑controlled domains. These pages mimicked Cloudflare’s auth flow exactly, leading users to generate and enter Microsoft device authentication codes effectively allowing attackers to enroll their own devices. Who’s Affected & What’s at RiskAny user visiting a compromised website could…

Read More “Amazon Disrupts APT29 Watering Hole Campaign” »

During the 12-day conflict in June 2025, Iranian state-sponsored hacking groups and hacktivist proxies operated with greater coordination against Israel than previously documented, according to research from Security Scorecard’s STRIKE Team and the Middle East Institute. More than 178 Iranian-affiliated actors conducted operations ranging from influence campaigns to data theft. The state-backed group Imperial Kitten…

Read More “Iranian Cyber Offensive Shows Unprecedented Coordination” »

Cybersecurity firm Guardio has uncovered a new campaign, ClickFix, that weaponizes fake CAPTCHA verification pages to trick users into executing malicious commands marking a major evolution from 2024’s fake browser update scams. Victims encounter CAPTCHA pages branded with Google reCAPTCHA or Cloudflare logos, but instead of solving a puzzle, they’re instructed to perform keyboard shortcuts…

Read More “CAPTCHA geddon’ Click Fix Malware Campaign Emerges” »

Researchers from Palo Alto Networks Unit 42 have uncovered a state-sponsored Chinese threat actor tracked as Storm-2603 by Microsoft and CL-CRI-1040 by Unit 42 exploiting four critical Microsoft SharePoint vulnerabilities (CVE-2025–49704, CVE-2025–49706, CVE-2025–53770, CVE-2025–53771) to deliver a custom malware suite dubbed Project AK47. Active since March 2025, the campaign uses the ToolShell exploit chain to…

Read More “Chinese Hackers Exploit SharePoint Flaws in ‘Project AK47’ Campaign” »

A sophisticated North Korean cyber campaign has resurfaced, deploying twelve malicious NPM packages to infiltrate developer systems and steal cryptocurrency. The attack exploits supply chain trust in open-source repositories, with threat actors posing as interviewers who instruct developers to install infected packages during coding tests. Once installed, the malware a Beavertail variant scans for crypto…

Read More “North Korean Hackers Launch NPM Supply Chain Attack” »

On July 30, the National Company Law Tribunal (NCLT) Kolkata bench faced a cybersecurity breach during an online court hearing when an unknown individual hijacked the session to display inappropriate content. The disruption began around 2:52 pm and lasted for three to four minutes, halting proceedings. According to a complaint filed with the Bidhannagar Cyber…

Read More “Cyber Breach Disrupts NCLT Kolkata Virtual Hearing” »

Cybersecurity researchers have uncovered a Vietnamese-speaking hacking group running a highly evasive, multi-stage campaign to steal sensitive information from over 4,000 victims across 62 countries. The most affected regions include South Korea, the U.S., the Netherlands, Hungary, and Austria. Active since late 2024, the group has recently refined its techniques to bypass antivirus tools and…

Read More “Vietnamese Hackers Run Global Data Theft Campaign” »