-
DanaBot malware operators exposed via C2 bug added in 2022
A recent law enforcement action has highlighted a significant vulnerability within the DanaBot malware operation, attributed to updates introduced in June 2022. This vulnerability has led to the identification, indictment, and dismantling of key aspects of its operation. DanaBot operates…
-
Supply chain attack hits Gluestack NPM packages with 960K weekly downloads
A significant supply chain attack recently targeted NPM, compromising 16 popular Gluestack ‘react-native-aria’ packages. With over 950,000 weekly downloads, these packages were infiltrated to include malicious code functioning as a Remote Access Trojan (RAT). The compromise was identified on June…
-
ViLE gang members sentenced for extortion, police portal breach
Two members of the cybercriminal organization known as ViLE have been sentenced for their involvement in a sophisticated hacking and extortion scheme targeting a federal law enforcement web portal. This case underscores the growing threat posed by cybercriminals and the…
-
Exploit details for max severity Cisco IOS XE flaw now public
Recent disclosures regarding a critical vulnerability in Cisco IOS XE Wireless LAN Controllers (WLC) have raised significant cybersecurity concerns. This flaw, identified as CVE-2025-20188, poses an arbitrary file upload risk that could be exploited by attackers, emphasizing the urgent need…
-
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Mozilla has swiftly addressed a critical issue tied to the recent release of Firefox 139.0.1. This emergency update was necessitated by significant graphical artifacts reported by users with NVIDIA GPUs after installing the Tuesday update. Initially released on May 27,…
-
Adidas warns of data breach after customer service provider hack
German sportswear giant Adidas recently reported a significant data breach that stemmed from an attack on a third-party customer service provider. This incident underscores the critical importance of cybersecurity in the retail sector and highlights the vulnerabilities associated with third-party…
-
US indicts leader of Qakbot botnet linked to ransomware attacks
The U.S. government has officially indicted Rustam Rafailevich Gallyamov, a Russian national identified as the leader of the notorious Qakbot botnet operation. This malware has compromised over 700,000 computers, serving as a vehicle for various ransomware attacks that inflicted significant…
-
O2 UK patches bug leaking mobile user location from call metadata
A Critical Vulnerability in O2 UK’s VoLTE and WiFi Calling: An Analytical Overview A significant flaw in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling presents a considerable cybersecurity risk by potentially exposing users’ geographical locations and…
-
Microsoft confirms May Windows 10 updates trigger BitLocker recovery
Microsoft has recently confirmed that some users of Windows 10 and Windows 10 Enterprise LTSC 2021 are experiencing issues with their systems booting into BitLocker recovery mode following the installation of the May 2025 security updates. This situation raises significant…
Must-Read Posts
- Adidas warns of data breach after customer service provider hack
- AI in Cybersecurity: Revolutionizing Defense Against Emerging Threats
- Apiiro unveils free scanner to detect malicious code merges
- Apple fined €150 million over App Tracking Transparency issues
- Chase will soon block Zelle payments to sellers on social media
