Critical Vulnerability Discovered in SailPoint’s IdentityIQ Software A significant security vulnerability has been identified in SailPoint’s IdentityIQ identity and access management (IAM) software, potentially exposing sensitive data stored in application directories. The flaw, designated CVE-2024-10905, carries a maximum CVSS score…
Stealth Malware Campaign Targets Middle Eastern Entities A sophisticated malware campaign has been uncovered, targeting government bodies, military organizations, law firms, and financial institutions predominantly in the Middle East. Initiated as early as 2019, the campaign leverages malicious Microsoft Excel…
Could the portrayal of heists in entertainment be more than mere fiction? The French television series Lupin recently seemed to foreshadow a dramatic theft at the Louvre, which unfolded on the morning of October 19. This incident saw professional thieves…
In a significant security breach, JumpCloud has confirmed that a sophisticated nation-state actor infiltrated its systems, targeting a select group of its customers. Shortly following a reset of API keys for affected clients, Bob Phan, Chief Information Security Officer (CISO)…
Endpoint Security, Litigation, Standards, Regulations & Compliance U.S. Court Bars NSO Group from WhatsApp and Orders Destruction of Hacking Code Chris Riotta (@chrisriotta) • October 20, 2025 Image: Shutterstock/NSO Group/ISMG A significant legal ruling from a U.S. district court has…
Cybersecurity Incident: Dodo and iPrimus Email Accounts Compromised In a recent incident, Vocus Group has confirmed a significant data breach affecting its telecommunications brands, Dodo and iPrimus. The breach has led to the unauthorized access of approximately 1,600 Dodo email…
Critical Vulnerability Discovered in Veeam Service Provider Console Veeam has issued immediate security updates addressing a significant vulnerability within its Service Provider Console (VSPC). This flaw poses a serious risk, enabling potential remote code execution on vulnerable systems. The vulnerability,…
A recent phishing campaign has emerged, leveraging socially engineered SMS messages to deliver malware to Android devices. This operation appears to impersonate Iranian governmental and social security entities, aiming to extract credit card information and facilitate financial theft from victims’…
A federal court ruling has mandated that NSO Group, a prominent spyware manufacturer, must cease using its Pegasus application to target WhatsApp users. This significant decision, delivered by Judge Phyllis J. Hamilton of the U.S. District Court for the Northern…
Conor Brian Fitzpatrick, the founder of the now-defunct BreachForums site, has entered a guilty plea in connection with various charges linked to the cybercrime forum he ran, which also included possession of child pornography. This significant development, first reported by…
