Recent reports indicate that the Medusa ransomware-as-a-service (RaaS) group is employing a malicious driver named ABYSSWORKER in a sophisticated attack utilizing a bring your own vulnerable driver (BYOVD) strategy aimed at sabotaging anti-malware systems. According to Elastic Security Labs, a recent incident involving Medusa ransomware utilized a loader that had…
Proofpoint, Tenable, CyberArk Targeted in Salesforce Data Breach In a significant cybersecurity incident, Proofpoint, Tenable, and CyberArk have reportedly been affected by a breach stemming from a third-party vulnerability within Salesforce. This breach highlights the ongoing risks associated with third-party integrations in cloud-based platforms, raising concerns among organizations that rely…
Recent cybersecurity research has revealed a significant increase in cyber threats linked to the Russian bulletproof hosting service, Proton66. Analysts have documented a variety of malicious activities that include mass scanning, credential brute-forcing, and exploitation attempts emanating from this provider, with the uptick in activity noted since January 8, 2025.…
Cyber Espionage Suspected in South American Diplomatic Attacks On Monday, Microsoft announced it has linked a China-based cyber espionage group to a series of attacks targeting diplomatic organizations in South America. The tech conglomerate’s Security Intelligence team is closely monitoring this group under the identifier DEV-0147. They characterized the recent…
Government, Industry Specific, Next-Generation Technologies & Secure Development Startup Secures $75M to Expand Dual-Use Technology Against GPS Jamming Threats Michael Novinson (MichaelNovinson) • September 4, 2025 Ronak Shah, co-CTO of Shift5 (Image: Shift5) A cybersecurity startup focused on military and transportation security has successfully raised $75 million in funding aimed…
Emerging Threat: New Infostealer Program Targets Vulnerable Users with Automated Sextortion Features Recent investigations by cybersecurity firm Proofpoint have uncovered a burgeoning threat in the form of a malicious software known as Stealerium. This program, which masquerades as a legitimate application, allows cybercriminals to access a wide range of personal…
A newly identified threat actor, designated as UAT-5918, has reportedly targeted critical infrastructure in Taiwan since at least 2023. This group is suspected of aiming to establish long-term access to gather sensitive information, employing various tactics such as web shells and open-source tools for post-compromise activities, according to research by…
More Cybersecurity Firms Targeted in Salesforce-Salesloft Drift Breach In a significant cybersecurity incident, a number of companies, particularly those in the cybersecurity sector, have experienced breaches linked to the Salesforce and Salesloft platforms. This alarming development highlights ongoing vulnerabilities that can have profound implications for data security across industries. The…
Recent intelligence reports indicate that a targeted cyber campaign has been orchestrated by the North Korean state-sponsored threat actor, known as Kimsuky, which exploits a patched vulnerability in Microsoft Remote Desktop Services to establish initial access into victim systems. The AhnLab Security Intelligence Center (ASEC) has identified this malicious activity…
