News Desk 29 July 2025, 12:35 PM IST Tea app experiences significant backlash as private messages of over 1.1 million users are leaked online Tea Dating Advice app | Photo: Google Play Store The Tea dating app, which positions itself…
Four Arrested in £440M Cyber Attack on Major Retailers Marks & Spencer, Co-op, and Harrods
Jul 10, 2025
Cybercrime / Ransomware
The U.K. National Crime Agency (NCA) announced on Thursday the arrest of four individuals linked to cyber attacks against prominent retailers including Marks & Spencer, Co-op, and Harrods. The suspects, consisting of two 19-year-old men, a 17-year-old male, and a 20-year-old woman, were apprehended in the West Midlands and London on charges relating to the Computer Misuse Act, blackmail, money laundering, and involvement in organized crime. All four were arrested at their residences, and their electronic devices have been confiscated for forensic examination. Their identities have not been released. Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, emphasized that “since these attacks occurred, our dedicated cybercrime investigators have been working swiftly, making this investigation a top priority.” He stated, “Today’s arrests mark a significant advancement in our efforts.”
Four Individuals Arrested in £440M Cyber Attack on Major UK Retailers On July 10, 2025, the U.K. National Crime Agency (NCA) announced the arrest of four individuals in connection with a substantial cyber attack that targeted prominent retailers, including Marks…
In mid-2025, the Google Threat Intelligence Group (GTIG) unveiled a significant cyber threat stemming from a highly coordinated campaign linked to a financially motivated hacking collective known as Scattered Spider, also referred to as 0ktapus and UNC3944. This group has…
Data Privacy, Data Security, Healthcare Lawsuit Alleges BJC Health Disclosed Patient Data from MyChart Portal Without Consent Marianne Kolbasuk McGee (HealthInfoSec) • July 28, 2025 Image: BJC Health BJC Health, a Missouri-based healthcare system, has agreed to pay up to $9.25…
MINNEAPOLIS, July 28, 2025 (GLOBE NEWSWIRE) — Edelson Lechtzin LLP, a law firm based near Philadelphia, is actively investigating data privacy issues following a recent incident involving Allianz Life Insurance Company of North America (“Allianz Life”). The firm became aware…
Iran-Backed Pay2Key Ransomware Makes a Comeback with Increased 80% Profit Incentive for Cybercriminals
Jul 11, 2025
Cyber Warfare / Cybercrime
The Iranian-backed ransomware-as-a-service (RaaS), Pay2Key, has reemerged amid the escalating Israel-Iran-U.S. conflict, now offering larger financial rewards to cybercriminals targeting Israel and the U.S. Operating under the new name Pay2Key.I2P, this scheme is believed to be associated with the hacking group known as Fox Kitten (also referred to as Lemon Sandstorm). According to Morphisec security researcher Ilia Kulmin, “Pay2Key.I2P appears to be affiliated with the notorious Fox Kitten APT group and shares capabilities with the well-known Mimic ransomware.” The group has officially raised its profit share for affiliates supporting Iran or conducting attacks against its adversaries to 80%, up from 70%, highlighting their ideological motivations. Last year, the U.S. government identified the advanced persistent threat’s (APT) strategy of executing ransomware attacks through covert partnerships.
Iranian-Supported Pay2Key Ransomware Emerges Again, Promising Increased Profits for Cybercriminals July 11, 2025 Cyber Warfare / Cybercrime The ransomware-as-a-service (RaaS) model known as Pay2Key, linked to Iranian interests, has resurfaced amid escalating tensions in the ongoing conflict between Israel, Iran,…
The ransomware collective known as GLOBAL GROUP has claimed responsibility for a significant security breach at Albavisión, a prominent Spanish-language media conglomerate headquartered in Miami, Florida. According to the group, they have successfully extracted 400 GB of sensitive data from…
Artificial Intelligence & Machine Learning, Network Detection & Response, Next-Generation Technologies & Secure Development Enhancements in SaaS Target Network Detection and Response for Smaller Security Teams Michael Novinson (@MichaelNovinson) • July 28, 2025 Brian Dye, CEO of Corelight (Image: Corelight)…
Late last week, FlexMLS and Matrix, two of the nation’s largest multiple listing services (MLS), fell victim to data breaches that have raised significant concerns among their members. The breaches reportedly compromised member login credentials, leading to a wave of…
July 11, 2025
Cyber Attack / Vulnerability Alert
A recently uncovered critical security vulnerability affecting Wing FTP Server is currently being exploited, as reported by Huntress. Known as CVE-2025-47812 (CVSS score: 10.0), this flaw involves improper handling of null (‘\0’) bytes within the server’s web interface, leading to potential remote code execution. The issue has been resolved in version 7.4.4. According to CVE.org’s advisory, “The user and admin web interfaces mishandle ‘\0’ bytes, allowing for the injection of arbitrary Lua code into user session files.” This can enable the execution of arbitrary system commands with the privileges of the FTP service, which defaults to root or SYSTEM. Alarmingly, the vulnerability can also be exploited through anonymous FTP accounts. A detailed analysis of this security issue became public in late June 2025, thanks to RCE Security researcher Julien Ahrens.
Critical Security Flaw in Wing FTP Server Under Active Attack On July 11, 2025, cybersecurity firm Huntress reported that a serious vulnerability in the Wing FTP Server, classified as CVE-2025-47812, is currently being exploited in the wild. This flaw bears…
