The Dutch National Cyber Security Centre (NCSC-NL) has confirmed that a major security hole in Citrix NetScaler devices, tracked as CVE-2025-6543, has been exploited by hackers to break into several important organisations in the Netherlands. The attacks were carried out quietly, with the intruders trying to erase any traces of what they had done, making … Continued
Connex Credit Union has confirmed that a major cyberattack exposed the personal information of approximately 172,000 individuals. The affected group includes current and former members, along with others connected to the credit union. The organization has called this one of the most serious security incidents in its history. The breach occurred in early June 2025 … Continued
Security researchers from SafeBreach Labs have discovered a new set of denial-of-service (DoS) vulnerabilities in Windows, known as Win-DoS and Win-DDoS. These flaws allow attackers to abuse publicly accessible Windows domain controllers to generate massive amounts of traffic, turning them into a large-scale distributed denial-of-service (DDoS) botnet without the need for malware. The team identified … Continued
Columbia University has confirmed a major data breach that impacted nearly 870,000 people. Those affected include current and former students, job applicants, staff members, and even some of their family members. The incident is one of the largest security breaches reported by a U.S. university in recent years. The first signs of trouble appeared on … Continued
Air France and KLM have disclosed a data breach that has affected some of their customers. The incident happened through a third-party service provider that helps the airline group manage customer communication. This platform was compromised by attackers who were able to access limited customer information. The airlines confirmed that the breach impacted customers who … Continued
Security researchers from Cisco Talos have discovered five major security vulnerabilities in the firmware of Dell laptops. These flaws affect Dell’s ControlVault3 and ControlVault3+ chips, which are responsible for handling sensitive operations like biometric authentication and password storage. The vulnerabilities have been named “ReVault” and impact over 100 Dell Latitude and Precision laptop models commonly … Continued
A massive cyberattack campaign has been discovered targeting TikTok Shop users. Security researchers have found over 15,000 fake domains that are being used to trick users into downloading malware and stealing their cryptocurrency. This campaign, named “ClickTok” by cybersecurity firm CTM360, is one of the largest TikTok-related scams seen to date. The attackers are creating … Continued
Mozilla has recently issued a warning to Firefox add-on developers about a phishing campaign that is actively targeting their accounts. This campaign is specifically aimed at developers who use the addons.mozilla.org (AMO) platform to upload and manage their extensions. The attackers are trying to trick developers into handing over their login credentials by sending them … Continued
A hacking group named Storm-2603 has recently been found exploiting security weaknesses in Microsoft SharePoint servers. Their goal is to break into organizations and deploy ransomware. What’s really concerning is that they’re using a new kind of backdoor that works through DNS, which helps them control infected systems secretly over the internet. These attacks are … Continued
Many cybersecurity professionals recognize that the Security Information and Event Management (SIEM) space is undergoing major transformation — but opinions differ on where it’s headed. About 40% believe SIEM capabilities should be integrated into broader platforms like Extended Detection and Response (XDR) or Endpoint Detection and Response (EDR). In contrast, 35% still see value in … Continued
