A man from Irvine, California has admitted to laundering millions connected to a massive $230 million cryptocurrency theft. He pleaded guilty to handling at least $25 million of the stolen funds. The theft ranks among the biggest single-victim crypto heists in the United States. Authorities say he played a key role in helping the group … Continued
A major cyber-espionage campaign called Operation “WrtHug” has been uncovered, targeting thousands of ASUS home and small-office routers. Security researchers say the operation is linked to China-based threat actors. The attackers quietly took control of these routers without alerting owners, and experts warn that this campaign is both global and highly sophisticated. The attackers mainly … Continued
Microsoft’s cloud service Azure detected an enormous distributed denial-of-service attack that reached record proportions. The traffic volume peaked at a staggering 15.72 terabits per second and nearly 3.64 billion packets per second. This makes it one of the largest DDoS incidents ever recorded in a cloud environment. The target of the attack was a single … Continued
A new cybersecurity report has revealed a massive leak of employee logins connected to the UK’s biggest companies. Security firm Socura, along with Flare, found over 460,000 stolen credential instances linked to FTSE 100 employees. These credentials were discovered on criminal marketplaces, forums, and dark-web platforms. The scale of exposure has raised serious concerns across … Continued
Google announced that memory-safety vulnerabilities in Android have dropped below 20% of all reported bugs for the first time. This major change is directly linked to the growing use of the Rust programming language in Android’s native code. Rust was introduced to reduce the number of dangerous memory-related issues that were common in older C … Continued
Dragon Breath, also known as APT-Q-27 or Golden Eye, has launched a new malware campaign using a tool called RONINGLOADER. This tool is designed to disable security protections on Windows systems. After weakening the system, it installs a modified form of the Gh0st RAT trojan. Researchers say the campaign shows strong technical planning and skill. … Continued
A large-scale ransomware campaign by the group known as Akira has reportedly amassed more than USD 244 million in illicit proceeds. The figure reflects recent research into the operations of this threat actor. The income stems from numerous attacks and extortion payments across organisations worldwide. Akira uses a ransomware-as-a-service (RaaS) model, allowing affiliates to carry … Continued
A serious flaw has been discovered in the web application firewall product FortiWeb by Fortinet. Attackers are exploiting it to create new administrator accounts on devices without any login credentials. This means someone could gain full control of the device simply by sending a specially crafted request. The issue was found on devices that have … Continued
Operation Endgame was a global action carried out by international law-enforcement agencies. The mission was aimed at disrupting three major cyber-crime operations: Rhadamanthys, VenomRAT and Elysium. These tools were responsible for large-scale data theft and remote attacks. The operation became one of the biggest coordinated cyber crackdowns. Authorities successfully took down 1,025 servers used to … Continued
CISA has issued an alert about a critical security flaw in WatchGuard Firebox devices after confirming that attackers are already exploiting it in the real world. The vulnerability has been added to the Known Exploited Vulnerabilities list, which highlights threats that need urgent attention. Thousands of Firebox appliances across different countries are affected by this … Continued
