A recent report has identified a China-linked threat actor, referred to as Chaya_004, actively exploiting a critical vulnerability in SAP NetWeaver. This attack leverages the flaw CVE-2025-31324, which has been assigned a maximum CVSS score of 10.0. The malicious activity…
Cyber Attacks Target Middle East Telecommunications Amid Ongoing Espionage Campaign Telecommunication companies in the Middle East have recently become the focus of a series of cyber attacks that began in the first quarter of 2023. These attacks have been tied…
3rd Party Risk Management, Cybercrime, Fraud Management & Cybercrime Absolute Dental Reports Data Breach Linked to Third-Party Services Marianne Kolbasuk McGee (HealthInfoSec) • August 29, 2025 Image: Absolute Dental Absolute Dental, a dental practice operating over 50 locations in Nevada,…
This week, as students resumed classes across the nation, WIRED reported on a self-identified leader of a violent online group known as “Purgatory,” which has been linked to a series of swatting incidents at universities in the US. The individual…
Microsoft has disclosed that a recently patched security vulnerability within the Windows Common Log File System (CLFS) was actively exploited as a zero-day in targeted ransomware attacks against several entities. This flaw, identified as CVE-2025-29824, was employed to escalate privileges,…
Redazione RHC : 30 August 2025 10:39 On August 30, 2025, Google issued a critical security advisory concerning its popular Gmail service, impacting approximately 2.5 billion users globally. This alert follows a significant data breach involving a third-party Salesforce-based application utilized by…
ASUS has announced critical updates to mitigate two significant security vulnerabilities found in ASUS DriverHub. These flaws, if successfully exploited, could allow an attacker to achieve remote code execution, putting users at considerable risk. DriverHub is a utility designed to…
A newly identified North Korean cyber operator has been linked to multiple campaigns aimed at gathering intelligence strategically aligned with Pyongyang’s geopolitical goals. Since 2018, this group, tracked by Google-affiliated Mandiant as APT43, has pursued both espionage and financial gain,…
Cloud Security, Government, Industry Specific U.S. Defense Department Halts and Reviews Microsoft’s ‘Digital Escorts’ Program Chris Riotta (@chrisriotta) • August 29, 2025 Image: Austin Nooe/Shutterstock The U.S. Department of Defense (DoD) has launched a review of Microsoft’s employment of Chinese…
On Friday, Chuck Borges, the chief data officer of the Social Security Administration (SSA), reported that he was forcibly removed from his position after submitting a whistleblower complaint. This complaint alleged serious mishandling of sensitive data within the agency. According…
