Latest Intelligence
Chinese Hackers Hit Drone Sector in Supply Chain Attacks
The China-linked hacking group Earth Ammit has conducted multi-wave supply chain attacks targeting the drone sector in Taiwan and South Korea. This disruption highlights the growing threat to critical technology sectors from state-sponsored cyber activities.
Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws
Two ransomware groups and several Chinese APTs are actively exploiting recent vulnerabilities in SAP NetWeaver, highlighting a significant security threat to organizations using this software. The exploitation of these flaws underscores the urgent need for companies to address such vulnerabilities to protect their systems.
5 BCDR Essentials for Effective Ransomware Defense
Ransomware has become a sophisticated threat that can severely damage organizations by exploiting legitimate IT tools for attacks. Microsoft has highlighted the misuse of its Quick Assist tool by cybercriminals to facilitate these destructive operations.
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
A Russia-linked cyber espionage group has exploited a zero-day vulnerability in MDaemon and other webmail servers through cross-site scripting (XSS) attacks, as reported by ESET. This operation, named Operation RoundPress, began in 2023 and highlights the ongoing threat posed by advanced persistent threats (APTs) in targeting critical infrastructure.
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
Researchers have identified a malicious npm package called 'os-info-checker-es6' that uses Unicode steganography to conceal its harmful code. This package employs a Google Calendar event short link to deliver a subsequent payload to compromised systems, highlighting the evolving tactics used in cyberattacks.
Canadian Electric Utility Lists Customer Information Stolen by Hackers
Nova Scotia Power has reported a cyberattack that resulted in the theft of a variety of personal and financial information from its customers. This incident highlights the ongoing risks that electric utilities face from cyber threats, emphasizing the need for robust cybersecurity measures.
Australian Human Rights Commission Discloses Data Breach
The Australian Human Rights Commission has reported an inadvertent exposure of data submitted through its website's complaint form. This breach raises significant concerns about the handling of sensitive information by public institutions.
Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’
Google has released a Chrome 136 update to address a high-severity vulnerability that is currently being exploited publicly. This update is significant as it helps protect users from potential attacks leveraging this flaw.
Operation RoundPress
ESET researchers have identified a Russia-aligned espionage operation that exploits XSS vulnerabilities to target webmail servers. This operation highlights the ongoing threat to webmail services and the need for enhanced security measures to protect sensitive communications.
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy
Google has released updates for Chrome to address four security issues, including a high-severity vulnerability (CVE-2025-4664) that is actively being exploited. This vulnerability involves insufficient policy enforcement in a component known as Loader, which could lead to cross-origin data leaks.
Infosec Layoffs Aren't the Bargain That Boards May Think
The article discusses how layoffs in the information security sector may seem like a cost-saving measure for boards, but they come with significant hidden costs, such as increased insider threats and weakened cybersecurity defenses. These factors can ultimately give skilled adversaries an advantage, highlighting the importance of maintaining robust security teams.
AI Agents May Have a Memory Problem
A study by Princeton University and Sentient reveals that AI agents can be easily manipulated into exhibiting harmful behavior by introducing false 'memories' into their decision-making data. This raises significant concerns about the reliability and security of AI systems in various applications.
Using a Calculator to Take Guesswork Out of Measuring Cyber Risk
Organizations struggle with the complexity of accurately measuring their cyber risk due to various influencing factors. Resilience's risk calculator tool offers a solution by allowing organizations to assess their cyber risk based on their specific variables, enabling them to make better-informed security decisions.
Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack
Ivanti has reported that zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) have been exploited in a limited number of cases. These vulnerabilities are linked to open source libraries and pose significant risks to affected customers.
Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware
Google has introduced an 'Advanced Protection' mode for Android to enhance security for high-risk users against sophisticated mobile malware. This feature consolidates multiple protective measures into a single toggle, addressing the growing threat of surveillance spyware.