On July 29, Russian airline Aeroflot announced that it had stabilized flight operations after a major cyberattack disrupted its IT infrastructure the day before. While Aeroflot described the disruption as a “technical failure,” prosecutors are investigating it as a cyberattack. Two pro-Ukraine hacking groups, Belarusian Cyber Partisans and the newly emerged Silent Crow, claimed responsibility….
Tea, a popular app that allows women to anonymously share information about potential matches, including criminal background checks and reverse image searches, suffered a major data breach in late July. Sensitive data such as driver’s licenses, private messages, selfies, and metadata revealing users’ locations was leaked online, reportedly through 4chan. The breach impacted users who…
On July 28, 2025, a malicious npm package named @kodane/patch-manager was flagged by cybersecurity researchers for deploying a cryptocurrency wallet drainer and likely generated using AI. Disguised as a utility for license validation and registry optimization in Node.js apps, the package was downloaded over 1,500 times before being removed from the npm registry. Security firm…
Read More “AI-Generated npm Package Steals Solana Wallets” »
On Friday, 25 July, Orange Group detected a cyberattack targeting one of its internal information systems.Upon discovery, Orange’s response teams working closely with Orange Cyberdefense, immediately activated containment protocols. To limit the impact, several systems were isolated, which led to temporary disruptions affecting certain management services and platforms. The impact was primarily observed among Business…
Read More “Telecom Giant Orange Files Complaint After Cyber Incident” »
Are you searching for an agile, cost-effective, and scalable ERP solution that rivals the giants like SAP, NetSuite, Oracle, and Microsoft Dynamics 365? Meet ERPNext — the open-source ERP platform that is redefining how modern businesses run their operations. What is ERPNext? ERPNext is a robust, cloud-native Enterprise Resource Planning (ERP) software that helps businesses…
In a striking revelation, the U.S. Department of Health and Human Services Office of Inspector General (HHS OIG) has uncovered major cybersecurity shortcomings at a prominent Northeastern hospital during a recent HIPAA audit. The findings serve as a wake-up call not just to one institution but to the entire healthcare ecosystem. What Was the Issue? This unnamed…
Read More “Is Your Hospital Truly Secure? HHS OIG Audit Reveals Startling Gaps” »
Soco404 and Koske exploit configs with fake pages, mining on global cloud systemsJuly 2025 Security researchers have uncovered two separate malware campaigns — Soco404 and Koske — that exploit vulnerabilities and misconfigurations in cloud environments to install cryptocurrency miners on both Linux and Windows systems. Soco404 Campaign Attributed to threat actors tracked by Wiz, Soco404…
Patchwork uses fake invites with LNK files to breach missile contractors for intel28 July 2025 The Indian-linked threat actor Patchwork (also known as APT-C-09, Dropping Elephant, Operation Hangover) has launched a spear-phishing campaign against Turkish defense contractors, aiming to collect sensitive intelligence on unmanned vehicle systems and missile programs. Geopolitical Context The timing aligns with…
UNG0901 deploys EAGLET backdoor via phishing, stealing defense data from firms like VASOJuly 2025 A cyber-espionage campaign dubbed Operation Cargo Talon is targeting the Russian aerospace and defense sectors, delivering a backdoor named EAGLET for data exfiltration. The operation has been attributed to a threat cluster identified as UNG0901 (Unknown Group 901). Primary Target The…
Fake IT workers fund cyber activities, evading sanctions via illicit revenues24 July 2025 The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Korea Sobaeksu Trading Company and three individuals Kim Se Un, Jo Kyong Hun, and Myong Chol Min for operating a clandestine IT worker network that generates revenue for North Korea’s nuclear…
