A cyberattack on Crisis24’s OnSolve CodeRED platform disrupted emergency alerts for cities, counties, police and fire agencies across the U.S. The INC Ransom group claims responsibility, with stolen resident data, clear-text passwords and a rollback to older backups now forcing agencies to rebuild their notification capabilities and review credential hygiene.
Everest claims it breached Money Mart and stole more than 80,000 internal files from a “National Money Mart Company DataBase,” turning the attack into a major consumer financial data breach. This analysis explains how the Money Mart ransomware attack unfolded, why a payday-loan provider makes an attractive target, and what the incident means for customers and other financial-services firms.
CISA is warning that state-linked threat actors are actively using commercial spyware and remote access trojans to hijack Signal and WhatsApp accounts, weaponize linked devices and deploy zero-click exploits. This article breaks down the campaigns, the tools involved and the specific hardening steps high-value targets should take immediately.
A cyberattack on real-estate finance vendor SitusAMC has raised the risk that documents tied to major banks, including JPMorgan and Citi, may have been exposed. This analysis explains what we know so far, how attackers leverage third-party providers, and what banks and customers should do next.
Between 2024 and 2025, China-linked APT31 conducted a stealthy espionage campaign targeting Russian IT contractors and government integrators. The group masked its command-and-control using legitimate cloud services such as Yandex Cloud and OneDrive, deployed loaders like CloudyLoader via DLL side-loading, and maintained long dwell times within compromised networks. This article decodes APT31’s tool-kit, tactics and persistence model, and offers detection and response guidance for defenders.
Salesforce has flagged a significant incident where applications published by Gainsight enabled unauthorized access to customer data via OAuth tokens. This article breaks down what happened, why third-party integrations are the new attack surface, and how defenders can respond immediately.
Researchers uncovered serious AI bugs across Meta, Nvidia, Microsoft and open-source inference frameworks after tracking a ShadowMQ deserialization pattern built on ZeroMQ and Python pickle. At the same time, new research shows how Cursor’s AI IDE can be hijacked via rogue MCP servers, turning developer workstations into high-value malware delivery platforms if teams ignore AI supply-chain security.
The Washington Post reports a staff data breach tied to an Oracle E-Business Suite zero-day. Nearly 10,000 employees and contractors receive notices as responders verify scope and guide credit protection.
Apache OpenOffice 4.1.16 fixes seven vulnerabilities that allowed silent external content loading and possible memory corruption during CSV import. Update immediately, restrict DDE and Calc external data sources, and replace templates that embed remote URLs. Verify the new prompts and monitor document-triggered network fetches
Rhadamanthys suffered a coordinated disruption as “customers” lost access to panels and servers. With certificate-only logins and Tor sites offline, credential theft pipelines broke. Use the lull to rotate passwords, revoke tokens, scrub loaders, and harden identity before operators relaunch under a new brand.