Ransomware Attack Exposes Customer Data of Marquis Software Solutions Mathew J. Schwartz (euroinfosec) • December 31, 2025 Image: Shutterstock A recent ransomware attack on Marquis Software Solutions has resulted in significant data breaches affecting multiple financial institutions. This incident highlights the vulnerabilities that can arise when third-party software vendors are…
Three High-Severity Vulnerabilities Found in NGINX Ingress Controller Recently, cybersecurity experts have reported the discovery of three unpatched, high-severity vulnerabilities in the NGINX Ingress controller for Kubernetes. These flaws pose a significant risk, as they can be exploited by malicious actors to access sensitive credentials stored within the cluster. The…
Concerns Rise Over Federal Cybersecurity Amid Shutdown The recent prolonged government shutdown has intensified worries regarding the state of federal cybersecurity, potentially creating vulnerabilities during a time when numerous workers were furloughed. This disruption has exacerbated the longstanding issues of IT backlogs within various government agencies. According to an anonymous…
Significant Ethereum Theft Strikes Veritaseum’s ICO In a troubling development for the cryptocurrency landscape, Veritaseum fell victim to a sophisticated cyberattack that resulted in the theft of approximately $8.4 million worth of Ethereum. This incident, which occurred during the startup’s Initial Coin Offering (ICO) on July 23, represents the fourth…
Security Operations Urgent Patches Released for MongoBleed as Ransomware Groups Exploit Vulnerability to Access Data Mathew J. Schwartz (euroinfosec) • December 30, 2025 Image: Michael Vi/Shutterstock A significant number of MongoDB databases, many of which are accessible on the internet, are currently at risk due to a critical vulnerability known…
Hackers have taken advantage of vulnerabilities in Oracle E-Business Suite during a coordinated global attack. Korean Air has recently reported a data breach impacting approximately 30,000 employees, involving compromised records from a system belonging to a former subsidiary. Detailed information concerning this incident can be found in a comprehensive disclosure.…
Atlassian has issued a critical security warning regarding a significant vulnerability in Confluence Data Center and Server, which poses the risk of substantial data loss if exploited by unauthenticated attackers. The vulnerability, identified as CVE-2023-22518, has been assigned a critical rating of 9.1 on the CVSS scale, categorizing it as…
Chinese Hacking Group Rancor Targets Southeast Asian Governments with Advanced Phishing Campaign Phishing remains a prominent tactic employed by cybercriminals and espionage organizations to infiltrate target systems. Despite advancements in threat detection and increased public awareness over the past decade, sophisticated phishing attacks continue to pose a significant risk to…
Cybersecurity Incident: Mandiant Analyst Data Breach Exposes Sensitive Information A significant cybersecurity breach has reportedly compromised the data of a senior analyst at Mandiant, a Virginia-based cybersecurity firm owned by FireEye. According to sources, an anonymous hacking group claims to have infiltrated Mandiant’s internal networks, allegedly maintaining access since 2016.…
