On Friday, Google took significant steps to address another actively exploited zero-day vulnerability in its Chrome browser. This marks the second such fix in just a month, underscoring the ongoing risks present in web browsing environments. The release of Chrome version 89.0.4389.90 for Windows, Mac, and Linux is expected to…
Recent Cybersecurity Developments: Allegations of Export Control Violations In a notable legal proceeding, recent allegations have emerged regarding an individual identified as Li, who is accused of engaging in illegal activities tied to the export of restricted technology. Authorities revealed that text messages retrieved from Li suggest he was boasting…
In a significant incident reported recently, Virgin Media, a UK-based telecommunications provider, announced a data leak that has compromised the personal information of approximately 900,000 customers. This revelation coincided with similar news from US-based telecom giant T-Mobile, which also disclosed a security breach involving its own data. Contrary to the…
3rd Party Risk Management, Cybercrime, Fraud Management & Cybercrime Salesforce Revokes Gainsight Authentication Tokens Akshaya Asokan (asokan_akshaya) • November 20, 2025 Image: The Bold Bureau/Shutterstock Salesforce, a leading customer relationship management platform based in the United States, has informed customers of potential data theft by hackers exploiting vulnerabilities in a…
On Thursday, the Securities and Exchange Commission (SEC) announced the dismissal of its case against SolarWinds and its Chief Information Security Officer, Tim Brown, in relation to the company’s response to a significant Russian cyberespionage campaign that was revealed in 2020. This incident affected at least nine federal agencies and…
A significant vulnerability has been identified in Magento, with threat actors exploiting this flaw to implant a persistent backdoor in e-commerce platforms. This attack leverages the CVE-2024-20720 vulnerability (CVSS score: 9.1), categorized by Adobe as indicative of “improper neutralization of special elements,” which can lead to arbitrary code execution. The…
Distributed Denial of Service (DDoS) attacks have emerged as a significant cybersecurity threat, designed to overwhelm and incapacitate websites by flooding them with excessive traffic. The primary objective of these attacks is to render targeted websites inoperable, leading to severe disruptions in service and potential revenue loss. Over the last…
Everest Ransomware Group Targets Petrobras in Data Breach The Everest ransomware group has recently made headlines with two separate postings on its dark web leak site, both involving Petrobras, the Brazilian multinational corporation predominantly owned by the state and a major player in the petroleum sector headquartered in Rio de…
Online guitar education platform TrueFire has reportedly experienced a significant data breach involving a “Magecart” style attack. This incident raises concerns over the potential exposure of sensitive customer information, including personal and payment card details. TrueFire, a leading online resource for guitar enthusiasts with over one million registered users, grants…
