Latest Intelligence
US Student to Plead Guilty Over PowerSchool Hack
Matthew Lane, a US student, is set to plead guilty for hacking PowerSchool using stolen credentials and for extorting a telecoms provider. This incident highlights ongoing concerns regarding cybersecurity vulnerabilities in educational software systems.
How to Detect Phishing Attacks Faster: Tycoon2FA Example
Phishing attacks pose a significant threat as a single email can compromise entire systems, leading to credential theft and unauthorized access. As phishing techniques evolve, automated solutions are becoming less effective, highlighting the need for improved detection methods.
Cellcom Service Disruption Caused by Cyberattack
Cellcom has confirmed that a significant service disruption lasting a week was due to a cyberattack. This incident highlights the vulnerabilities faced by wireless carriers and the potential impact on their customers.
Dero miner zombies biting through Docker APIs to build a cryptojacking horde
Kaspersky experts have identified a cryptojacking campaign that exploits the Docker API to deploy a Dero crypto miner in containerized environments. This highlights the growing threat of cryptojacking in cloud infrastructures and the need for enhanced security measures.
Google DeepMind Unveils Defense Against Indirect Prompt Injection Attacks
Google DeepMind has introduced a new defense mechanism to combat indirect prompt injection (IPI) attacks, which are a growing threat in the cybersecurity landscape. This development is significant as it addresses the evolving nature of these attacks, aiming to enhance the security of AI systems.
Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities
Wiz has issued a warning about the ongoing exploitation of two recent Ivanti vulnerabilities that allow threat actors to perform unauthenticated remote code execution. This exploitation poses significant risks to affected systems, highlighting the urgency for remediation.
Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit
The 2025 Threat Detection & Incident Response (TDIR) Summit is being held virtually on May 21st, focusing on the crucial aspects of cybersecurity threat detection and incident response. This event highlights the significance of staying updated on the latest threats and response strategies in the ever-evolving cybersecurity landscape.
Up to 25% of Internet-Exposed ICS Are Honeypots: Researchers
Research indicates that a significant portion of industrial control systems (ICS) exposed to the internet, potentially up to 25%, may actually be honeypots rather than genuine devices. This raises concerns about the security landscape and the tactics used by attackers to gather information or mislead security efforts.
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
Cybersecurity researchers have identified a malicious campaign that uses JavaScript injections to redirect mobile users to a fraudulent Chinese adult-content Progressive Web App. This method of attack highlights a significant concern in mobile security, particularly regarding the exploitation of PWAs for scams.
Ransomware Attack Forces Kettering Health to Cancel Procedures
Kettering Health has been forced to cancel both inpatient and outpatient procedures due to a ransomware attack that has led to a system-wide outage. This incident highlights the ongoing threat of ransomware in the healthcare sector and its significant impact on patient care.
Critical OpenPGP.js Vulnerability Allows Spoofing
A critical vulnerability in OpenPGP.js, identified as CVE-2025-47934, allows attackers to spoof message signature verifications. This flaw poses significant risks to the integrity of secure communications utilizing this library.
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
Google Chrome has introduced a feature in its built-in Password Manager that automatically changes compromised passwords when detected during sign-in. This enhancement aims to improve user security by simplifying the process of managing compromised credentials.
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
Hazy Hawk, a threat actor, exploits misconfigurations in DNS records to hijack abandoned cloud resources from major organizations, including Amazon and Microsoft. The hijacked domains are repurposed to deliver scams and malware, highlighting significant security risks associated with cloud misconfigurations.
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
Over 100 fake Chrome extensions have been discovered that are designed to hijack user sessions, steal credentials, and inject advertisements. These malicious extensions are created by an unknown threat actor and pose significant risks to users by masquerading as legitimate tools.
NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch
VMware has released security patches addressing vulnerabilities that could lead to data leakage, command execution, and denial-of-service attacks. Notably, one of the vulnerabilities has been flagged by NATO, underscoring its significance and urgency for users to apply the patches.