This week brought a significant cybersecurity incident involving a 23-year-old Serbian activist whose Android device fell prey to a sophisticated zero-day exploit. Developed by Cellebrite, this exploit chain compromised the user’s phone, likely enabling the deployment of a spyware solution known as NoviSpy. The vulnerabilities, which exploit weaknesses in the…
Cybersecurity Alert: UK Schools Face Data Breaches Driven by Student Intrusions Recent findings from the Information Commissioner’s Office (ICO) in the UK reveal troubling trends among students exploiting their schools’ computer systems. Data indicates that students are responsible for approximately 57% of reported personal data breaches within educational institutions, highlighting…
Cybercriminals continue to exploit Microsoft Word and Excel documents as conduits for malware delivery as we advance through 2025. These methods remain effective, leveraging phishing tactics and zero-click exploits to infiltrate targets with relative ease, particularly in corporate settings where Office documents are routinely shared. This year, there are three…
In a troubling development, Chinese international students in the United Kingdom have been under sustained attack from a group of scammers known as RedZei. This scheme, also referred to as RedThief, has been actively targeting this demographic for over a year. Cybersecurity researcher Will Thomas highlighted the specific vulnerabilities exploited…
The topics include Artificial Intelligence & Machine Learning, Fraud Management & Cybercrime, and Governance & Risk Management. Also: AI Pilot Project Purgatory, Agentic AI Commerce Fraud Concerns Anna Delaney (annamadeline) • September 12, 2025 Clockwise, from top left: Anna Delaney, Tom Field, Rashmi Ramesh, and Suparna Goswami In the latest…
Manhunt Concludes with Arrest in Shooting Incident at Utah Valley University Authorities have successfully apprehended a suspect in the fatal shooting of conservative activist Charlie Kirk, bringing an end to a two-day manhunt. The incident, which occurred on Wednesday during a campus event at Utah Valley University, left the 31-year-old…
Amazon Web Services Targeted in Phishing Campaigns by Threat Group TGR-UNK-0011 Recent investigations by Palo Alto Networks’ Unit 42 have unveiled alarming activities targeting Amazon Web Services (AWS). The threat group known as TGR-UNK-0011, which has been active since 2019, is leveraging misconfigurations within AWS environments to execute sophisticated phishing…
Overconfidence in Mobile App Security Poses Risks for Organizations Recent research reveals a troubling trend among organizations regarding their mobile application security practices. Despite a high level of confidence reported by 93% of respondents about their security capabilities, a significant 62% experienced breaches over the past year, averaging nine incidents…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently unveiled a critical malware strain identified as RESURGE, which has been utilized to exploit a security vulnerability in Ivanti Connect Secure appliances. This vulnerability, designated as CVE-2025-0282, involves a stack-based buffer overflow that could permit remote code execution in affected systems.…
