A college student has been sentenced to four years in federal prison for orchestrating a PowerSchool cyberattack that compromised sensitive education data. The case highlights growing concerns over insider-driven breaches targeting school information systems.
A newly discovered backdoor, dubbed Net-CAPI, has infiltrated multiple Russian government networks by hijacking Windows cryptographic services. Analysts believe the tool, developed by a sophisticated threat group, uses advanced evasion and persistence methods to hide within legitimate system operations—making detection nearly impossible.
A U.S. court ordered Israeli spyware maker NSO Group to halt operations targeting WhatsApp and reduced damages in Meta’s lawsuit. The decision reinforces accountability for private surveillance firms accused of breaching digital privacy.
The Silver Fox group, long known for precision-targeted malware operations, has extended its Winos 4.0 campaign into Japan and Malaysia. Security experts now observe the deployment of HoldingHands RAT through malicious PDF attachments and deceptive software installers.
Zimbra Collaboration’s RSS feed parser has a newly disclosed SSRF vulnerability (CVE-2025-25065). Attackers can abuse it to access internal endpoints and internal services that should remain isolated. This article explains how the flaw works, its potential impact, and how you can defend your environment.
Sixty-four South Koreans were repatriated from Cambodia and are now under investigation for alleged involvement in large-scale online scam networks. Their return follows a scandal involving a student’s death, prompting Seoul to launch a crackdown on illicit recruitment and fraud operations.
ConnectWise has patched two critical vulnerabilities (CVE-2025-11492 & CVE-2025-11493) in its Automate platform that allowed adversary-in-the-middle attacks on software updates. MSPs and on-prem deployments must upgrade immediately to prevent malicious update injection and integrity bypass.
Belgian chains such as Brico and Carrefour are increasingly playing AI-generated, royalty-free music in their stores to cut licensing costs. This shift could slash 25–28 % of public performance income for local artists, warn rights organizations. Here’s how the technology works, the risks it raises, and what defenses stakeholders must consider.
Envoy Air confirmed it was targeted in a Clop-linked campaign exploiting vulnerabilities in Oracle E-Business Suite. While the airline asserts no passenger data was affected, business records may have been stolen. This write-up breaks down the tactics, likely exploited CVEs, impacts, and what organizations must do next.
Shadowserver has identified over 266,000 F5 BIG-IP devices exposed to remote attack after a breach revealed undisclosed vulnerabilities. Organizations must act now to mitigate potential exploitation.