Today, we identified a new data breach involving the Algerian Ministry of Pharmaceutical Industry, with threat actor MORH4x listing 34.4GB of internal data for sale on breach forums. The actor claims the breach includes extensive documentation related to Algeria’s pharmaceutical imports, personnel, inventory management, and psychotropic drug control. The actor explicitly framed the breach as … Continued
A new wave of deceptive websites mimicking as the Google Play Store has emerged, distributing SpyNote, a notorious Android malware. These malicious sites are hosted on newly registered domains and designed to trick visitors into downloading infected applications by mimicking legitimate Play Store pages. Attack Chain According to researchers, these sites employ a clean user … Continued
The cryptocurrency community is once again in the crosshairs of cybercriminals, according to a new report by ReversingLabs. In a series of ongoing attacks, threat actors are using increasingly stealthy methods to compromise Web3 wallets and siphon off crypto assets-this time by manipulating open-source packages. The security researchers have identified a campaign involving a malicious … Continued
The Jenkins project issued a new security advisory for vulnerabilities affecting its Docker’s image deliverables, including jenkins/ssh-agent and the deprecated jenkins/ssh-slave. Vulnerability Details The advisory outlines a medium-severity vulnerability (CVSS) related to host key reuse in SSH build agent Docker images, which may allow attackers to impersonate Jenkins SSH build agents under some conditions. This … Continued
Today, we identified that a threat actor known as Phantom Atlas has listed more than 13GB of internal data from Algeria’s state-run MGPTT (Post & Telecom) for sale on breachforums. The listed material reportedly includes personal data, confidential documents, strategic records, and full databases tied to the organization. In addition to MGPTT, Phantom Atlas also … Continued
Trend Research has revealed that a September 2024 security update by NVIDIA left a critical vulnerability (CVE-2024-0132) in the NVIDIA Container Toolkit only partially patched — putting systems at risk of container escape attacks. NVIDIA Patch Falls Short In September 2024, NVIDIA released a security update to fix CVE-2024-0132, a critical vulnerability in the NVIDIA … Continued
Adobe has rolled out a big round of security updates addressing more than 20 vulnerabilities-some of them critical-in ColdFusion versions 2025, 2023, and 2021. These vulnerabilities could allow attackers to read arbitrary files or execute malicious code on affected systems. Among the 30 vulnerabilities identified in ColdFusion, 11 have been classified as critical, including: CVE-2025-24446 … Continued
Yesterday, we found that Iran’s geospatial data had been listed for sale on BreachForums, a well-known cybercrime marketplace. The listing, made by a user going bu the alias “natsec”, claims to offer sensitive information related to more than 350 critical infrastructure sites across Iran. The leak comes at a time of escalating tensions between Iran … Continued
A recently discovered vulnerability, tracked as CVE-2025-30401, affected WhatsApp Desktop for Windows. The flaw involved a spoofing problem where the application displayed attachments based on their MIME type but opened them using the system handler associated with the file extension. This allowed attacker to craft malicious files using MIME types and extensions, tricking users into executing harmful … Continued
Today we discovered a post on Breach Forums in which a threat actor known as “placenta” claims to be selling a massive dataset of scraped Discord messages. According to the post, the actor is offering 348,392,718 individual records, allegedly obtained from Discord servers and spanning users primarily in the United States, France, and Russia. 🚨 … Continued
