Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime MuddyWater Resumes Use of Bulletproof Hosting and Custom Malware Mathew J. Schwartz (euroinfosec) • September 17, 2025 Image: Iurii Stepanov/Shutterstock An Iranian state-sponsored hacking group, MuddyWater, is reportedly reviving its tactics by incorporating Microsoft Office documents with malicious macros into its attack…
A recent phishing assault has emerged, allegedly utilizing counterfeit PDF documents hosted on the Webflow content delivery network (CDN) with the aim of capturing credit card data and executing financial fraud. This operation specifically targets individuals searching for academic materials or documents through search engines. According to Netskope Threat Labs…
The Week in Breach News: September 3, 2025 In a significant cybersecurity event that has garnered attention across the tech landscape, Kaseya has reported a data breach affecting several of its clients. This breach not only raises concerns about the security of systems managed by Kaseya but also underscores the…
A recently uncovered security vulnerability in Apache Tomcat has begun to see active exploitation shortly after its disclosure. The flaw, designated as CVE-2025-24813, was made publicly available along with a proof-of-concept (PoC) within just 30 hours of its initial announcement. This vulnerability impacts several versions of Apache Tomcat, including 11.0.0-M1…
A recently reported cybersecurity incident has revealed a stealthy infection chain employed by the Chinese state-sponsored group known as Stone Panda. This threat actor has been targeting various entities in Japan, including media outlets, governmental and public sector organizations, as well as think tanks, raising alarms about the potential risk…
Data Breach Notification, Data Security, Fraud Management & Cybercrime Recent Cyberattacks Target Ophthalmology Practices in South Dakota and Florida Marianne Kolbasuk McGee (HealthInfoSec) • September 16, 2025 Major hacking breaches have affected the Retina Group of Florida and Black Hills Regional Eye Institute this year. (Image: Retina Group of Florida,…
Rise of RansomHub: A Resurgent Threat in Cybercrime The RansomHub ransomware-as-a-service (RaaS) group has emerged as a significant player in the cybercrime landscape, capitalizing on previously patched vulnerabilities in Microsoft Active Directory and the Netlogon protocol to facilitate unauthorized access to victim networks. Recent analyses highlight the group’s ability to…
A US-based fintech company, FinWise, has alerted its customers about a potential data breach stemming from an insider threat. The organization, which facilitates loans on behalf of various American financial institutions, disclosed that a former employee accessed sensitive customer information after their departure from the company. According to filings made…
Serious Security Flaw Discovered in AMI’s MegaRAC BMC Software A significant security vulnerability has been identified within AMI’s MegaRAC Baseboard Management Controller (BMC) software, which allows malicious actors to bypass authentication processes and execute unauthorized actions on affected systems. This vulnerability is classified as CVE-2024-54085, and it has been assigned…
