Month: June 2025

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive data

 A sophisticated new social engineering technique called ClickFix has exploded across the cyberthreat landscape, experiencing an unprecedented surge of 517% between the second half of 2024 and the first half…

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious," Trellix researchers Nico Paulo

 Since 2018, the advanced persistent threat group APT-C-36, commonly known as Blind Eagle, has emerged as a formidable cyber adversary targeting critical sectors across Latin America. This sophisticated threat actor…

As tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktivist threat landscape. Read More  

 Mitsubishi Electric has disclosed a critical authentication bypass vulnerability affecting 27 different air conditioning system models, potentially allowing remote attackers to gain unauthorized control over building HVAC systems. The vulnerability,…

A British national arrested earlier this year in France was charged by the US Department of Justice in connection with a string of major cyberattacks. Read More  

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. "This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control

[[{"value":"The proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts. The post Bipartisan Bill Aims to Block…

 Read More  

 WhatsApp has unveiled a groundbreaking new feature that leverages artificial intelligence to help users quickly navigate their unread messages.  The messaging platform announced on June 25, 2025, the introduction of…

 A significant security vulnerability in Hewlett-Packard Enterprise OneView for VMware vCenter (OV4VC) platform that could allow attackers with limited access to escalate their privileges to administrative levels.  The vulnerability, tracked…

 A sophisticated phishing campaign affecting more than 70 organizations by exploiting Microsoft 365’s Direct Send feature. This novel attack method allows threat actors to spoof internal users and deliver phishing…

In today's cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day. Read More  

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects is