The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding malicious actors exploiting unencrypted persistent cookies from the F5 BIG-IP Local Traffic Manager (LTM) module for reconnaissance within target networks. This technique enables attackers to identify additional non-internet-facing…
New research reveals a sophisticated cyber campaign orchestrated by an actor with suspected connections to Pakistan, targeting government and energy sectors in South and Central Asia. The threat actor has primarily focused on deploying a remote access Trojan on compromised…
One of the most formidable hacking entities globally, the Russian state-backed group known as Sandworm, has executed a series of destructive cyberattacks amid the ongoing conflict with Ukraine, according to recent findings released by cybersecurity researchers. In April, Sandworm specifically…
On Tuesday, Microsoft publicly acknowledged that the LAPSUS$ hacking group had achieved “limited access” to its systems, coinciding with a revelation from Okta, an identity authentication services provider, indicating that nearly 2.5% of its customer base may have been affected…
Governance & Risk Management, Operational Technology (OT) OTsec India Steering Committee Examines Cyberthreats, Compliance Challenges, and Innovation Opportunities Joshua Cunningham-Marsh, Matthew Robertson • November 6, 2025 The OTsec India Summit is a pivotal two-day event bringing together over 200 leaders…
Local Authority Unintentionally Exposes Hundreds of Consultation Respondents’ Information In a significant breach of privacy, a local authority has inadvertently released personal details of hundreds of individuals who provided responses to a public consultation. This incident has raised serious concerns…
Recent cybersecurity reports indicate that threat actors are actively exploiting a critical security vulnerability in Veeam Backup & Replication software to deploy ransomware variants such as Akira and Fog. Sophos, a recognized cybersecurity vendor, has noted ongoing attacks that utilize…
Zyxel Networks, a Taiwanese provider of networking equipment, has issued a critical alert regarding a series of attacks targeting select security appliances, specifically firewalls and VPN servers. This warning highlights a sophisticated threat actor employing targeted strategies against devices with…
Cybersecurity experts at Doctor Web have identified a targeted cyberattack directed at a Russian government-owned entity by a hacker group identified as Cavalry Werewolf. This operation came to light in July 2025, when the organization recognized spam emails originating from…
Okta, a prominent provider of authentication services, has identified security firm Sitel as a third-party entity involved in a critical security breach that occurred in late January. This incident permitted the LAPSUS$ extortion gang to gain unauthorized access to an…
