The recent shifts in the United States’ cybersecurity landscape illustrate a tumultuous period marked by significant policy changes under the Trump administration. The alterations to fiscal policy and foreign relations, coupled with widespread dismissals of federal staff, have left crucial…
Data Privacy, Data Security, Geo Focus: Australia Telecom Faces Potential Fines Up to $2.22 Million per Violation Akshaya Asokan (asokan_akshaya) • August 8, 2025 Image: Marlon Trottmann/Shutterstock The Australian Information Commissioner has initiated legal action against Optus, one of the…
860,000 Affected by Data Breach at Columbia University In a significant security incident, Columbia University has reported a data breach that has compromised the personal information of approximately 860,000 individuals. The university, based in the United States, has disclosed that…
Urgent: Google Issues Critical Chrome Update to Address Active Exploit CVE-2025-6558
Jul 16, 2025
Browser Security / Zero-Day
On Tuesday, Google released a significant update for its Chrome web browser, addressing six security vulnerabilities, including a high-severity flaw that is currently being exploited in the wild. The vulnerability, identified as CVE-2025-6558 (CVSS score: 8.8), involves inadequate validation of untrusted input within the browser’s ANGLE and GPU components. According to the NIST National Vulnerability Database (NVD), “Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to version 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a specially crafted HTML page.” ANGLE, which stands for “Almost Native Graphics Layer Engine,” serves as a bridge between Chrome’s rendering engine and the device’s graphics drivers. Exploits in this module can enable attackers to bypass Chrome’s sandbox, allowing them to manipulate low-level GPU operations typically confined within the browser, making this vulnerability particularly concerning.
Urgent: Critical Chrome Update Released by Google to Address CVE-2025-6558 Exploit On July 16, 2025, Google announced significant updates to its Chrome web browser, patching six security vulnerabilities, one of which is particularly concerning as it has already been exploited…
November 25, 2024 | Cybersecurity / Critical Updates
Terms like “state-sponsored attacks” and “critical vulnerabilities” frequently fill our news feeds, but what do they truly entail? This week’s cybersecurity highlights extend beyond mere headlines—they illuminate how digital risks impact our everyday lives more than we might realize. For example, breaches in telecom networks involve far more than data theft; they pose serious threats to our fundamental communications and business operations. Those technical CVEs aren’t just numbers; they represent potential vulnerabilities in your everyday tools, from smartphones to workplace software, functioning like ticking time bombs.
These issues matter to everyone, not just experts. They remind us how easily the digital landscape we depend on can become a threat—but they also underscore the importance of remaining informed and proactive. Join us as we dive into this week’s recap to explore these risks, uncover effective solutions, and discover actionable steps we can all take to enhance our security.
Cybersecurity Update: Key Threats and Trends for the Week of November 18 – November 24 Published on November 25, 2024 In recent weeks, discussions around cybersecurity have underscored pervasive themes such as “state-sponsored attacks” and “critical vulnerabilities.” However, the implications…
The luxury fashion powerhouse Chanel has reported a data breach affecting select customers in the United States. In a letter to clients, the company disclosed that it became aware on July 25 of a security incident involving a U.S. database…
Artificial Intelligence & Machine Learning, Legislation, Next-Generation Technologies & Secure Development Chipmaker Argues Against Increasing US Pressure for New Security Requirements Chris Riotta (@chrisriotta) • August 7, 2025 Image: Stock All/Shutterstock Nvidia, a leader in AI chip manufacturing, has dismissed…
Alera Group Alerts 155,000 Individuals Following July 2024 Cybersecurity Breach The Alera Group has recently informed approximately 155,000 individuals about a significant hacking incident that occurred in July 2024. This breach underscores the escalating threat landscape faced by organizations today,…
Title: UNC6148 Exploits Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
Date: July 16, 2025
Category: Vulnerability / Cyber Espionage
A threat actor group, identified as UNC6148, has been found targeting fully-patched SonicWall Secure Mobile Access (SMA) 100 series appliances, as part of an operation to deploy a backdoor known as OVERSTEP. This malicious activity has been traced back to at least October 2024. The Google Threat Intelligence Group (GTIG) reports that the number of known victims is currently “limited.” The tech giant has high confidence in its assessment that the group is utilizing credentials and one-time password (OTP) seeds stolen from previous breaches, enabling them to regain access even after organizations have implemented security updates. Metadata analysis indicates that UNC6148 may have first exfiltrated these credentials from the SMA appliance as early as January 2025. The precise method of initial access for delivering the malware remains unknown due to the evasive actions taken by the threat actor.
UNC6148 Targets Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit On July 16, 2025, cybersecurity analysts from the Google Threat Intelligence Group (GTIG) disclosed a troubling trend involving UNC6148, a hacking group targeting fully-patched SonicWall Secure Mobile Access (SMA)…
On November 27, 2024, JPCERT/CC reported that the APT-C-60 threat group has executed a cyberattack against an undisclosed organization in Japan, utilizing a job application guise to deploy the SpyGlace backdoor. This operation, which took place in August 2024, exploited legitimate platforms such as Google Drive, Bitbucket, and StatCounter.
The phishing scheme involved an email disguised as correspondence from a potential employee, which was sent to the organization’s recruitment team, ultimately leading to malware infiltration. APT-C-60, believed to be aligned with South Korea, commonly targets East Asian nations. During the attack, the group exploited a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262) to introduce the SpyGlace backdoor. JPCERT/CC’s findings detail how the attack chain unfolded, beginning with a phishing email linking to a file on Goo…
APT-C-60 Hackers Target Japanese Organization with SpyGlace Malware Campaign On November 27, 2024, cybersecurity experts at JPCERT/CC reported a sophisticated cyber attack tied to the APT-C-60 hacker group, which has gained notoriety for its ties to South Korean cyber espionage…
