Wednesday, May 14, 2025

cyber security

Ransomware Attacks Surge by 123% Amid Evolving Tactics and Strategies

The 2025 Third-Party Breach Report from Black Kite highlights a staggering 123% surge in ransomware attacks during 2024, driven largely by sophisticated exploitation of third-party vendor ecosystems. As cybercriminals refine...

Researchers Introduce Mythic Framework Agent to Enhance Pentesting Tool Performance

Penetration testing is still essential for upholding strong security procedures in a time when cybersecurity threats are changing quickly. Recently, a team of security professionals...

Swan Vector APT Targets Organizations with Malicious LNK and DLL Implants

A newly identified advanced persistent threat (APT) campaign, dubbed "Swan Vector" by Seqrite Labs, has been targeting educational institutions and mechanical engineering industries in...

Hackers Weaponize KeePass Password Manager to Spread Malware and Steal Passwords

Threat actors have successfully exploited the widely-used open-source password manager, KeePass, to spread malware and facilitate large-scale password theft. The attack, which was reported by...

Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack

British retail giant Marks & Spencer has officially confirmed that customer personal data was compromised during a cyber attack that began three weeks ago....

Zoom Workplace Apps Flaws Allow Hackers to Gain Elevated Access

Zoom has released multiple security bulletins addressing seven newly discovered vulnerabilities in Zoom Workplace Apps, with one rated as high severity. All vulnerabilities were...

PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)

Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied by a proof-of-concept (PoC) exploit demonstrating partial sandbox bypass via...

Four Hackers Caught Exploiting Old Routers as Proxy Servers

U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy...

F5 BIG-IP Vulnerability Allows Remote Command Execution

Critical security vulnerability in F5 BIG-IP systems has been discovered that allows authenticated administrators to execute arbitrary system commands, effectively bypassing security boundaries. Identified...

Scattered Spider Launches Supply Chain Attacks on UK Retail Organizations

Scattered Spider, also known as Roasting 0ktapus and Scatter Swine, has emerged as a formidable threat actor targeting UK retail organizations. Active since May 2022,...

Hackers Abuse PyInstaller to Deploy Stealthy macOS Infostealer

Jamf Threat Labs has identified a novel macOS infostealer that exploits PyInstaller, a legitimate open-source tool used to bundle Python scripts into standalone Mach-O...