The recent discovery of a SIM farm operation in New York has highlighted a long-standing issue within the cybercrime landscape. SIM farms, which consist of large collections of SIM cards that can be remotely managed, have been exploited by criminals for various illicit activities, including spam distribution, swatting incidents, and…
The U.S. Treasury Department has reported a significant cybersecurity breach that has purportedly provided suspected Chinese threat actors with remote access to some computers and unclassified documents. This incident was publicly disclosed following a communication from BeyondTrust, a third-party software provider of the Treasury, on December 8, 2024, regarding unauthorized…
Ransomware Attack on Marks & Spencer Exposes Flaws in Backup Strategies HyperBUNKER Advocates for Offline Storage Amid Criticism Over Costs Data Diodes Establish Secure One-Way Channels to Protect Data Integrity Marks & Spencer (M&S), a prominent UK retailer, recently faced a ransomware attack that significantly disrupted its internal operations, effectively…
Cloudflare Exposes Phishing Attempt Targeting Employees Amid Twilio Data Breach On Tuesday, Cloudflare, a leading web infrastructure provider, revealed a sophisticated phishing attack that affected at least 76 employees and their family members. The incident involved text messages sent to personal and work phones, resembling a previously reported phishing operation…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Social Engineering Iranian Hackers Pose as Online Recruiters Prajeet Nair (@prajeetspeaks) • September 23, 2025 Image: Shutterstock Recent reports reveal that Western Europeans employed in aerospace, defense manufacturing, and telecommunications are being targeted by Iranian state-sponsored hackers masquerading as online recruiters. These…
A group of Iranian hackers, identified as Nimbus Manticore, is broadening its activities with a new focus on major enterprises across Europe. Recent findings from cybersecurity firm Check Point Research (CPR) indicate that this group is particularly targeting organizations within the defense, telecommunications, and aerospace sectors to obtain sensitive data.…
PLAYFULGHOST Malware Discovered Targeting VPN Users with Sophisticated Methods Cybersecurity experts have recently identified a new malware strain named PLAYFULGHOST, which is characterized by its extensive information-gathering capabilities, including keylogging, screen capture, and remote file execution. This malware has been implicated in various cyber attacks, indicating a strategic focus on…
In the ever-evolving landscape of electric vehicle (EV) infrastructure, a recent significant security breach has highlighted vulnerabilities associated with third-party data management. Digital Charging Solutions GmbH (DCS), a major provider of EV charging services, confirmed that unauthorized access by a third-party service provider led to this incident. The compromise involved…
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog by adding two critical security flaws affecting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM). This action stems from emerging evidence indicating active exploitation of these vulnerabilities. The newly added vulnerabilities are…
