Exploitation of Command Line Vulnerability in Gemini CLI Raises Alarm for Users In a recent cybersecurity incident, researcher Cox has identified a significant vulnerability in the Gemini Command Line Interface (CLI). The exploit allows malicious commands to execute without sufficient…
Finance & Banking , Industry Specific , Security Operations New Malware Targets Brazilian Financial Sector Using Microsoft UI Automation Rashmi Ramesh (rashmiramesh_) • July 29, 2025 Image: Shutterstock/ISMG A newly identified variant of the Coyote banking Trojan has…
Data Breach in Women’s Safety App Sparks Cybersecurity Concerns In a troubling turn of events, the women-only dating safety app known as Tea has experienced significant security breaches that have exposed sensitive user data. Initially conceived as a platform for…
Jun 26, 2025
Threat Intelligence / Ransomware
Cybersecurity experts are highlighting a wave of cyberattacks aimed at financial institutions across Africa, dating back to at least July 2023. These attacks leverage a combination of open-source and publicly available tools to sustain access. Researchers from Palo Alto Networks’ Unit 42 are monitoring this activity under the label CL-CRI-1014, where “CL” stands for “cluster” and “CRI” signifies “criminal motivation.” The primary objective appears to be gaining initial access to systems, which is then sold to other criminal actors in underground forums, effectively turning the threat actor into an initial access broker (IAB). “The threat actor mimics signatures from legitimate applications to create forged file signatures, camouflaging their toolset and concealing malicious activities,” noted researchers Tom Fakterman and Guy Levi. “Threat actors frequently spoof legitimate products for illicit purposes.” The attacks are marked by the use of tools such as PoshC2 and others.
Cyber Criminals Utilize Open-Source Tools to Target African Financial Institutions June 26, 2025 Threat Intelligence / Ransomware Recent investigations have revealed a troubling trend of cyber attacks aimed at financial institutions across Africa, with reports indicating that this wave of…
3rd Party Risk Management, Data Breach Notification, Data Security More Than 410,000 Patients Reported Affected, Likely More to Come Marianne Kolbasuk McGee (HealthInfoSec) • July 29, 2025 Image: Oracle Following revelations of a hacking incident earlier this year that compromised…
Two Data Breaches Reported in One Week on Social Media Platform Tea In a concerning development for users of the social media network Tea, two significant data breaches have occurred within the span of a week, exposing sensitive user information…
U.S. Agencies Issue Warning About Increased Iranian Cyber Threats Targeting Defense and Critical Infrastructure
Date: June 30, 2025
Topic: Cybersecurity / Critical Infrastructure
U.S. cybersecurity and intelligence agencies have released a joint advisory cautioning about the rising risk of cyber attacks from Iranian government-sponsored or affiliated groups. “In recent months, we’ve observed heightened activity from hacktivists and Iranian-linked actors, likely to escalate due to current geopolitical circumstances,” the agencies stated. They highlighted that these cyber adversaries typically exploit opportunities presented by unpatched or outdated software vulnerable to known Common Vulnerabilities and Exposures, as well as the use of default or easily guessed passwords on internet-connected accounts and devices. Currently, there is no evidence pointing to a coordinated campaign of malicious cyber actions in the U.S. attributed to Iran, according to insights from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA). Emphasizing the need for enhanced vigilance…
U.S. Agencies Raise Alarm Over Increasing Iranian Cyber Threats Targeting Defense and Critical Infrastructure June 30, 2025 U.S. cybersecurity and intelligence agencies have collaboratively issued a cautionary advisory regarding an uptick in cyber threats emanating from Iranian state-affiliated actors. They…
Darktrace, a prominent cybersecurity research organization, has reported what appears to be the first recorded instance of threat actors leveraging a severe vulnerability in SAP NetWeaver (CVE-2025-31324) to deploy a stealthy malware known as Auto-Color. This vulnerability, uncovered by SAP…
Geo Focus: The United Kingdom, Geo-Specific, Governance & Risk Management UK Law Enforcing Age Verification on Adult Sites Triggers VPN Usage Surge Chris Riotta (@chrisriotta) • July 29, 2025 Image: Shutterstock The introduction of a new law in the United…
Data Breach at Tea App Exposes 1.1 Million User Chats A significant data breach has recently impacted the Tea app, revealing that approximately 1.1 million user chats have been compromised. This breach is raising serious concerns regarding the security of…
