Recent cybersecurity reports have illuminated the activities of an initial access broker (IAB) known as ToyMaker, which has been linked to facilitating access for ransomware groups, including the notorious CACTUS. This IAB has been observed actively scanning for vulnerabilities in systems, as well as deploying bespoke malware identified as LAGTOY,…
Cybersecurity Alert: Indian Government Entities Targeted by Advanced Spear-Phishing Campaign A recent spear-phishing operation has emerged, targeting various entities within the Indian government, aiming to deploy an updated version of a malicious backdoor known as ReverseRAT. This campaign has been attributed to the cyber threat group SideCopy, which has direct…
Data Breach Notification, Data Privacy, Data Security Ransomware Group Nova Threatens to Expose Patient Data Amid Ongoing Negotiations Marianne Kolbasuk McGee (HealthInfoSec) • September 3, 2025 Dutch medical lab Clinical Diagnostics, part of Eurofins Scientific, indicates a recent hacking incident has impacted approximately 941,000 participants in a Netherlands cervical cancer…
Automated Sextortion Malware Discovered: A Growing Cybersecurity Threat Recent findings by security researchers at Proofpoint have brought to light a troubling evolution in cybersecurity threats. A new variant of infostealer malware, named Stealerium, has emerged, intricately blending data theft with automated sextortion techniques. This malware is designed to hijack a…
Cybersecurity Alert: Infiltration of BlackLock Ransomware Infrastructure Reveals Critical Exposures In a significant turn of events, cybersecurity experts from Resecurity have successfully penetrated the online network associated with the ransomware group known as BlackLock. This breach has unearthed vital insights into the group’s operational methodologies, spotlighting their vulnerabilities. Resecurity reported…
Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Extent of Breach Still Unfolding; Reports Indicate Hundreds of Organizations Impacted Mathew J. Schwartz (euroinfosec) • September 3, 2025 Image: Shutterstock A series of data breaches linked to the theft of access tokens from the marketing software provider Salesloft’s Drift AI…
Recently, threat actors have exploited two newly discovered critical vulnerabilities within Craft CMS, indicated by experts in the field as part of zero-day attacks aimed at unauthorized server access. The campaign was first highlighted by Orange Cyberdefense SensePost on February 14, 2025, as attackers started leveraging a combination of significant…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Over 1,100 Ollama Servers Expose Enterprise Models to Cyber Risks: Cisco Talos Rashmi Ramesh (rashmiramesh_) • September 3, 2025 Image: Shutterstock A concerning security report from Cisco Talos reveals that over 1,100 Ollama servers, which use artificial intelligence to deploy…
Cloudflare has successfully mitigated an unprecedented DDoS (Distributed Denial of Service) attack, with a peak bandwidth of 11.5 terabits per second, which lasted approximately 35 seconds without causing any disruption to online services. In what marks a significant milestone in cybersecurity defenses, Cloudflare effectively countered the largest recorded DDoS attack…
