OpenPLC ScadaBR flaw actively exploited in the wild
The flaw was exploited by a pro-Russian hacktivist group known as TwoNet in an attack on a honeypot disguised as water treatment facility.
Cybersecurity News - Page 39
Europol, Swiss, and German authorities dismantle Cryptomixer mixer
Authorities seized three servers in Switzerland, along with the platform’s domain.
Cyber Security Week in Review: November 28, 2025
In brief: An Oracle IM flaw exploited in the wild, Russia’s Gamaredon and North Korea’s Lazarus have been observed working together, and more.
South Korea’s financial sector hit by Qilin supply-chain ransomware attack
The attackers are believed to have gained initial access by compromising a managed service provider.
New macOS malware chain uses staged scripts, decoys and Go-based backdoor
Jamf attributes the activity to FlexibleFerret, a North Korea-linked threat group known for social-engineering lures.
Tor introduces new Counter Galois Onion encryption to bolster network security
CGO introduces wide-block encryption and tag chaining to thwart tagging attacks.
Cybercriminals stole over $262M via ATO fraud
Since January 2025, the FBI has received over 5,100 reports of these scams, with losses totaling more than $262 million.
RomCom deploys Mythic Agent via SocGholish fake update attacks
This is the first time that a RomCom payload has been observed being distributed by SocGholish.
DeepSeek-R1 produces flawed code when prompts touch on topics China considers politically sensitive
When prompts contain references that the CCP is likely to view as sensitive, the risk of severe security flaws can rise by up to 50%.
Second wave of Sha1-Hulud npm attacks hits hundreds of packages
Just like the original Shai-Hulud attack, the new operation steals secrets and uploads them to GitHub.
Showing elements 381 - 390