Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Darktrace Reports on Compromise of Citrix NetScaler Gateway Akshaya Asokan (asokan_akshaya) • October 20, 2025 Image: Shutterstock Recent reports from the managed threat detection firm Darktrace indicate that a persistent campaign by…
October 21, 2025Ravie LakshmananCyber Espionage / Network Security A European telecommunications company has reportedly fallen victim to a cyber intrusion attributed to a threat actor associated with the China-linked group known as Salt Typhoon. This incident, as reported by Darktrace,…
Critical Vulnerability Discovered in SailPoint’s IdentityIQ Software A significant security vulnerability has been identified in SailPoint’s IdentityIQ identity and access management (IAM) software, potentially exposing sensitive data stored in application directories. The flaw, designated CVE-2024-10905, carries a maximum CVSS score…
Stealth Malware Campaign Targets Middle Eastern Entities A sophisticated malware campaign has been uncovered, targeting government bodies, military organizations, law firms, and financial institutions predominantly in the Middle East. Initiated as early as 2019, the campaign leverages malicious Microsoft Excel…
Could the portrayal of heists in entertainment be more than mere fiction? The French television series Lupin recently seemed to foreshadow a dramatic theft at the Louvre, which unfolded on the morning of October 19. This incident saw professional thieves…
In a significant security breach, JumpCloud has confirmed that a sophisticated nation-state actor infiltrated its systems, targeting a select group of its customers. Shortly following a reset of API keys for affected clients, Bob Phan, Chief Information Security Officer (CISO)…
Endpoint Security, Litigation, Standards, Regulations & Compliance U.S. Court Bars NSO Group from WhatsApp and Orders Destruction of Hacking Code Chris Riotta (@chrisriotta) • October 20, 2025 Image: Shutterstock/NSO Group/ISMG A significant legal ruling from a U.S. district court has…
Cybersecurity Incident: Dodo and iPrimus Email Accounts Compromised In a recent incident, Vocus Group has confirmed a significant data breach affecting its telecommunications brands, Dodo and iPrimus. The breach has led to the unauthorized access of approximately 1,600 Dodo email…
Critical Vulnerability Discovered in Veeam Service Provider Console Veeam has issued immediate security updates addressing a significant vulnerability within its Service Provider Console (VSPC). This flaw poses a serious risk, enabling potential remote code execution on vulnerable systems. The vulnerability,…
A recent phishing campaign has emerged, leveraging socially engineered SMS messages to deliver malware to Android devices. This operation appears to impersonate Iranian governmental and social security entities, aiming to extract credit card information and facilitate financial theft from victims’…
