Potential Security Breach Due to Misissued TLS Certificates A recent alarming security discovery has raised concerns about the vulnerabilities inherent in the public key infrastructure (PKI) supporting internet trust. The precise details surrounding the organization or individual responsible for acquiring unauthorized credentials remain unclear, as representatives from Fina have not…
Cybersecurity researchers have revealed 46 critical security vulnerabilities in products provided by three prominent solar power system manufacturers: Sungrow, Growatt, and SMA. These vulnerabilities may allow malicious actors to commandeer affected devices or execute remote code, posing significant risks to electrical grid stability. Designated as SUN:DOWN by Forescout Vedere Labs,…
Cybersecurity firm Zscaler has reported a significant data breach that has compromised customer contact information. This breach occurred when unauthorized individuals gained access to Zscaler’s Salesforce database utilizing compromised credentials from a third-party application. The incident is part of a wider campaign that specifically targeted Salesloft Drift, a marketing automation…
Recent cybersecurity reports have illuminated the activities of an initial access broker (IAB) known as ToyMaker, which has been linked to facilitating access for ransomware groups, including the notorious CACTUS. This IAB has been observed actively scanning for vulnerabilities in systems, as well as deploying bespoke malware identified as LAGTOY,…
Cybersecurity Alert: Indian Government Entities Targeted by Advanced Spear-Phishing Campaign A recent spear-phishing operation has emerged, targeting various entities within the Indian government, aiming to deploy an updated version of a malicious backdoor known as ReverseRAT. This campaign has been attributed to the cyber threat group SideCopy, which has direct…
Data Breach Notification, Data Privacy, Data Security Ransomware Group Nova Threatens to Expose Patient Data Amid Ongoing Negotiations Marianne Kolbasuk McGee (HealthInfoSec) • September 3, 2025 Dutch medical lab Clinical Diagnostics, part of Eurofins Scientific, indicates a recent hacking incident has impacted approximately 941,000 participants in a Netherlands cervical cancer…
Automated Sextortion Malware Discovered: A Growing Cybersecurity Threat Recent findings by security researchers at Proofpoint have brought to light a troubling evolution in cybersecurity threats. A new variant of infostealer malware, named Stealerium, has emerged, intricately blending data theft with automated sextortion techniques. This malware is designed to hijack a…
Cybersecurity Alert: Infiltration of BlackLock Ransomware Infrastructure Reveals Critical Exposures In a significant turn of events, cybersecurity experts from Resecurity have successfully penetrated the online network associated with the ransomware group known as BlackLock. This breach has unearthed vital insights into the group’s operational methodologies, spotlighting their vulnerabilities. Resecurity reported…
Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Extent of Breach Still Unfolding; Reports Indicate Hundreds of Organizations Impacted Mathew J. Schwartz (euroinfosec) • September 3, 2025 Image: Shutterstock A series of data breaches linked to the theft of access tokens from the marketing software provider Salesloft’s Drift AI…
