On Tuesday, Apple announced critical security updates across its software suite, mitigating a significant vulnerability identified by Google as being actively exploited in the Chrome web browser earlier this month. This vulnerability, labeled CVE-2025-6558 and bearing a CVSS score of…
February 14, 2025
Enterprise Security / Cyber Attack
Microsoft has highlighted a new threat group known as Storm-2372, linked to a series of cyberattacks that have targeted multiple sectors since August 2024. The attacks focus on government entities, NGOs, IT services, defense, telecommunications, healthcare, higher education, and the energy sector across Europe, North America, Africa, and the Middle East.
Evaluated with medium confidence to align with Russian interests, the threat actors utilize messaging platforms such as WhatsApp, Signal, and Microsoft Teams. They impersonate notable figures relevant to their targets to gain trust. The attacks employ a phishing method known as ‘device code phishing,’ which deceives users into logging into productivity applications, allowing the actors to capture the login tokens for malicious use.
Microsoft Warns of Russian-Linked Cyber Attack Group Utilizing ‘Device Code Phishing’ Tactics February 14, 2025 Enterprise Security / Cyber Attack Microsoft has issued an urgent advisory regarding a rising threat actor, designated as Storm-2372, which is reportedly linked to Russian…
New Malware Exploit: ApolloShadow Targets Vulnerable Networks In a recent cybersecurity breach, researchers have identified a new malware strain dubbed ApolloShadow that exploits captive portal mechanisms to gain unauthorized access to systems. This sophisticated malware primarily targets Windows devices, taking…
Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime Additional News: Founders of Samourai Wallet Enter Guilty Pleas Rashmi Ramesh (rashmiramesh_) • July 31, 2025 Each week, Information Security Media Group compiles significant incidents affecting cybersecurity…
Homepage > News > Business > Vietnam unveils NDAChain; Tea app hack leaks user data Vietnam is progressing towards a digital economic transformation with the announcement of a national blockchain platform designed to serve multiple key sectors. This initiative aims…
Jul 31, 2025
Vulnerability / Website Security
Threat actors are currently exploiting a serious security flaw in the “Alone – Charity Multipurpose Non-profit WordPress Theme,” allowing them to seize control of vulnerable websites. The vulnerability, identified as CVE-2025-5394, has a CVSS score of 9.8. Security researcher Thái An discovered and reported the issue. According to Wordfence, the flaw involves an arbitrary file upload that affects all plugin versions up to and including 7.8.3. It was patched in version 7.8.5, released on June 16, 2025. CVE-2025-5394 arises from a function called “alone_import_pack_install_plugin(),” which lacks a necessary capability check, enabling unauthenticated users to upload arbitrary plugins from remote sources through AJAX, thus executing code remotely. “This vulnerability allows an attacker without authentication to upload arbitrary files to a vulnerable site, leading to remote code execution…”
Hackers Exploit Severe Vulnerability in WordPress Theme, Compromising Numerous Sites On July 31, 2025, reports surfaced detailing a critical security vulnerability in the “Alone – Charity Multipurpose Non-profit WordPress Theme,” which has become a focal point for cybercriminals. This flaw,…
February 17, 2025
Threat Intelligence / Cyber Attack
Cybersecurity experts have revealed a new backdoor written in Golang that employs Telegram for command-and-control (C2) communications. Netskope Threat Labs, which analyzed the malware, suspects it may have origins in Russia. Security researcher Leandro Fróes commented, “The malware is compiled in Golang and functions as a backdoor. While it appears to be in active development, it is fully operational.” Upon execution, the backdoor verifies its location and specific file name—“C:\Windows\Temp\svchost.exe”—and if conditions aren’t met, it duplicates itself into the intended directory, launches the copied version, and then terminates its own process. A significant feature of this malware is its use of an open-source library that provides Golang bindings for the Telegram Bot API for C2 operations. This implementation includes…
New Golang-Based Backdoor Leverages Telegram Bot API for Evasive C2 Operations February 17, 2025 In a recent development within the cybersecurity landscape, researchers have uncovered a new backdoor malware written in Golang that employs the Telegram Bot API for its…
The Russian hacker group Turla, known for their advanced cyberespionage techniques, has been linked to a new spying method that demonstrates their sophisticated approach to cyber operations. This group has made headlines for utilizing unorthodox methods, such as embedding malware…
Data Privacy, Data Security, Healthcare Voluntary Initiative Advocates for Standards and Patient Empowerment: A Privacy Perspective Marianne Kolbasuk McGee (HealthInfoSec) • July 31, 2025 President Donald Trump alongside leaders from the Department of Health and Human Services (HHS) announces a…
SafePay Claims Ingram Micro Breach, Sets Ransom Deadline In a recent cybersecurity incident, SafePay has publicly accused Ingram Micro of suffering a significant data breach. The company, known for its global technology distribution, appears to be under threat after SafePay…
