Bitdefender has detected a new fileless malware dubbed EggStreme, employed by a China-based advanced persistent threat (APT) group, targeting the Philippine military and various organizations across the Asia-Pacific region. Researchers from Bitdefender discovered the EggStreme malware framework during an investigation…
The group known as Silk Typhoon—previously referred to as Hafnium—has shifted its focus from exploiting vulnerabilities in Microsoft Exchange servers to targeting the information technology (IT) supply chain. This change in strategy aims to gain initial access to corporate networks,…
Ransomware Attack Strikes Highlands Oncology, Compromising Over 113,000 Patient Records Highlands Oncology, a healthcare provider based in the United States, has recently fallen victim to a significant ransomware attack that has compromised the personal information of more than 113,000 patients.…
Recent findings from cybersecurity experts reveal a vulnerability in Google’s Quick Share data transfer tool for Windows, which can be manipulated to cause denial-of-service (DoS) issues or transmit files to users’ devices without their consent. This flaw underscores serious security…
A new cyber campaign known as Earth Bogle has emerged, showcasing the use of geopolitical themes to distribute the NjRAT remote access trojan across the Middle East and North Africa. This initiative underscores the evolving strategies employed by threat actors…
Relevant topics include Third Party Risk Management, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Developer Compromised by Phishing Attack Involving a Malicious Email Authored by Akshaya Asokan (asokan_akshaya), David Perera (@daveperera) • September 9, 2025 Image: Shutterstock An attacker compromised…
The recent report emphasizes the significant yet often overlooked role of resellers and brokers in the spyware supply chain, describing this group as “a notably under-researched set of actors.” These intermediaries are said to obscure the relationships among vendors, suppliers,…
On September 10, the Cyberspace Administration of China announced administrative sanctions against Dior’s Shanghai branch, a luxury brand owned by LVMH. This action stems from the unauthorized transfer of customers’ personal data to the company’s headquarters in France, highlighting significant…
A sophisticated supply chain attack initially aimed at Coinbase has now been linked to a wider campaign targeting users of the “tj-actions/changed-files” GitHub Action. This breach is believed to have originated from the theft of a personal access token (PAT)…
Recent reports have illuminated the continued digital aggression from the Russian state-sponsored hacking group, Gamaredon, which is employing Telegram as a tool to target military and law enforcement sectors in Ukraine. This tactic signifies a notable evolution in the methods…
