Everest claims it breached Money Mart and stole more than 80,000 internal files from a “National Money Mart Company DataBase,” turning the attack into a major consumer financial data breach. This analysis explains how the Money Mart ransomware attack unfolded, why a payday-loan provider makes an attractive target, and what the incident means for customers and other financial-services firms.
A misconfigured default in the HashiCorp Vault Terraform Provider created a HashiCorp Vault bypass vulnerability in LDAP-backed environments, allowing attackers to authenticate without valid credentials. This analysis explains CVE-2025-13357, real-world impact, and concrete hardening steps for Vault and Terraform.
CISA is warning that state-linked threat actors are actively using commercial spyware and remote access trojans to hijack Signal and WhatsApp accounts, weaponize linked devices and deploy zero-click exploits. This article breaks down the campaigns, the tools involved and the specific hardening steps high-value targets should take immediately.
A Russian-linked threat actor is hiding Stealc V2 infostealer inside Blender project files shared on 3D model marketplaces. By abusing Blender’s Auto Run Python Scripts feature, the campaign turns legitimate-looking character rigs into a delivery vector that steals browser, wallet, VPN and messaging credentials from creative workstations.
The infamous Shai-hulud worm has resurfaced in the npm ecosystem with a new Sha1-hulud variant. By executing during preinstall, hijacking popular packages, stealing GitHub and cloud secrets, and wiping developer home directories when exfiltration fails, this worm turns supply-chain compromise into both an access play and a destructive weapon.
Germany’s cybersecurity agency BSI now urges webmail providers to enable 2FA by default instead of hiding strong authentication behind optional settings. The new guidance ties default two-factor authentication, passkeys, and robust recovery flows to stronger webmail security and greater digital sovereignty in Germany.
A cyberattack on real-estate finance vendor SitusAMC has raised the risk that documents tied to major banks, including JPMorgan and Citi, may have been exposed. This analysis explains what we know so far, how attackers leverage third-party providers, and what banks and customers should do next.
Quantum encryption promises stronger security, yet it also strains satellite hardware, bandwidth and mission design. Switzerland’s Armed Forces now redesign their space architecture to handle quantum-era threats, “harvest-now, decrypt-later” campaigns and the limits of legacy spacecraft.
ShadowPad operators are exploiting WSUS vulnerability CVE-2025-59287 to gain SYSTEM-level access on Windows servers. By chaining insecure deserialization, PowerCat reverse shells and DLL side-loading, they turn trusted patching infrastructure into a stealth delivery vector for a mature, modular backdoor.
Pixel 10 finally delivers real Pixel to iPhone file sharing. By linking Android’s Quick Share with Apple’s AirDrop over a peer-to-peer bridge, Google removes the need for sketchy third-party tools while giving security teams a clearer, audited path to manage cross-platform file transfers.