Cybersecurity experts have identified a new attack campaign that capitalizes on a recently discovered vulnerability in Fortinet FortiClient EMS devices, utilizing ScreenConnect and Metasploit’s Powerfun payloads to execute its malicious intent. This campaign targets CVE-2023-48788, a critical SQL injection vulnerability with a CVSS score of 9.3. This flaw enables unauthorized…
A new and previously unknown malware downloader, referred to as “Saint Bot,” has emerged in recent phishing campaigns, designed to deploy credential-stealing malware and other malicious payloads. This downloader is reported to have made its debut in January 2021 and appears to be actively evolving in its capabilities. Saint Bot…
In a significant security incident, Experian’s South African division has disclosed a data breach that may have compromised the personal information of millions of its customers. This announcement, made on their official platform, adds to the growing concerns regarding the security of personal data amidst an uptick in cyber threats.…
A New Era of Email Defense: The Impact of KnowBe4 and Microsoft Defender for Office 365 In an evolving landscape of cybersecurity threats, the partnership between KnowBe4 and Microsoft Defender for Office 365 is paving the way for robust email security solutions. As phishing attacks and business email compromises escalate,…
Hackers Claim Breach of LG’s Source Code and Sensitive Credentials In a recent cybersecurity incident, hackers have reportedly claimed to have leaked sensitive information belonging to LG, including source code, SMTP configurations, and hardcoded credentials. This alarming development raises significant concerns for businesses, especially in an era where data breaches…
Recent cyberattacks have targeted unpatched Atlassian servers, with threat actors utilizing a Linux variant of the Cerber ransomware, also referred to as C3RB3R. The incidents exploit a critical vulnerability, identified as CVE-2023-22518, which has a CVSS score of 9.1. This vulnerability affects the Atlassian Confluence Data Center and Server, permitting…
A Russian hacker, convicted for breaching LinkedIn, Dropbox, and Formspring, has been sentenced to 88 months in a U.S. federal prison following judicial proceedings in San Francisco. This case marks a significant development in the long-standing investigation into cybercrime that has impacted millions of users across these platforms. The perpetrator,…
Fraud Management & Cybercrime, Fraud Risk Management, Regulation Regulatory Pressure Needed for Meta to Address Revenue from Fraudulent Activities Suparna Goswami (gsuparna) • November 14, 2025 (Image: Shutterstock) What would prompt a business to curtail a revenue stream known to exploit its customers? Typically, ethical considerations drive companies to safeguard…
The American Israel Public Affairs Committee (AIPAC) has reported a data breach stemming from a compromise of an external system managed by an unidentified third-party service provider. This breach was publicly disclosed in a notification to the Maine attorney general’s office on November 14, 2025. Extended Unauthorized Access According to…
