A former software engineer with the U.S. Central Intelligence Agency (CIA) has received a 40-year prison sentence from the Southern District of New York (SDNY) for transferring classified documents to WikiLeaks as well as possessing child pornography. Joshua Adam Schulte, aged 35, was initially charged in June 2018 and subsequently…
A new data leak platform has emerged on the TOR network, operated by a group known as the “Trinity of Chaos.” This ransomware collective is reportedly connected to the infamous Lapsus$, Scattered Spider, and ShinyHunters groups. In a significant escalation of their cybercriminal activities, the site has listed 39 major…
Cybersecurity experts have reported that attackers are taking advantage of an undisclosed zero-day vulnerability in Cambium Networks cnPilot routers to deploy a new variant of the AISURU botnet, known as AIRASHI. This botnet is primarily orchestrating distributed denial-of-service (DDoS) attacks, which have reportedly been ongoing since June 2024. Research conducted…
Recent cybersecurity research has unveiled the utilization of a potent reflection/amplification attack method by malicious actors to execute prolonged distributed denial-of-service (DDoS) attacks, sustaining these assaults for as long as 14 hours and achieving an unprecedented amplification ratio of 4,294,967,296 to 1. This attack vector, known as TP240PhoneHome (CVE-2022-26143), has…
Emerging Concerns in Software Security: The Rise of Vibe Coding In a landscape where software development increasingly leans on existing resources, a noticeable trend has surfaced: vibe coding. Much like how consumers do not mill their own wheat for flour, most software developers do not start projects from ground zero,…
A new cybersecurity threat actor, identified as ResumeLooters, has emerged, targeting employment agencies and retail companies predominantly in the Asia-Pacific (APAC) region since early 2023. This group aims to compromise sensitive data, focusing on job search platforms and the unauthorized collection of resumes. According to research from Group-IB, a cybersecurity…
Renault Alerts Customers to Cybersecurity Breach Renault has issued a notification to a significant number of its customers, warning them that their personal data may have been compromised due to a cyber-attack targeting one of its third-party suppliers. This incident raises concerns about data security within the automotive sector, particularly…
Cisco has announced essential software updates in response to a severe security vulnerability affecting its Meeting Management platform. This flaw potentially enables a remote, authenticated attacker to escalate privileges to an administrator level on vulnerable systems. The vulnerability, designated as CVE-2025-20156, has garnered a CVSS score of 9.9 out of…
The Emotet botnet, notorious for its insidious operations, resurged in November 2021 after a significant period of inactivity, accumulating over 100,000 compromised hosts. The botnet’s activities have demonstrated a steady increase, indicating a troubling return to form for this malware. According to researchers from Lumen’s Black Lotus Labs, since its…
