⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
Apr 28, 2025Ravie LakshmananCybersecurity / Hacking News
What happens when cybercriminals no longer need deep skills to breach your defenses? Today's attackers are armed with powerful tools that do the...
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers.
"We first became aware of this...
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation.
Singaporean cybersecurity company Group-IB...
Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks
Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022.
RomCom "employs advanced evasion...
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and...
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Apr 21, 2025Ravie LakshmananVulnerability / Threat Intelligence
Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof...
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction
Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics...
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors.
"The threat actor leverages fear-based lures delivered...
Initial Access Brokers Shift Tactics, Selling More for Less
What are IABs?
Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs...
Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability
Apr 09, 2025Ravie LakshmananEndpoint Security / Vulnerability
Microsoft has released security fixes to address a massive set of 125 flaws affecting its software products, including one vulnerability that it said...
