Juniper Networks has issued urgent security updates in response to a critical vulnerability affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This flaw could potentially allow unauthorized access, enabling attackers to seize control of affected devices. The vulnerability, designated as CVE-2025-21589, has been assigned a…
In an alarming uptick in cyber warfare, state-sponsored hacking groups linked to China, Iran, North Korea, and Turkey have increasingly targeted journalists for espionage and malware distribution since early 2021. These coordinated efforts focus on infiltrating the communications of media personnel, which presents a unique opportunity for gathering sensitive information.…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Network Firewalls, Network Access Control ‘RedNovember’ Engages Organizations Across the US, Asia, and Europe Akshaya Asokan (asokan_akshaya) • September 25, 2025 Image: Shutterstock/ISMG A recently identified hacking group, linked to extensive compromises of edge devices, has been confirmed as state-aligned with China,…
The U.S. government has recently unsealed charges against a Chinese individual, Guan Tianfeng, linked to a significant cybersecurity breach in which thousands of Sophos firewall devices were compromised worldwide in 2020. Guan, who allegedly worked for Sichuan Silence Information Technology Company, Limited, is facing accusations of conspiracy to commit computer…
Recent cyber activity has revealed significant vulnerabilities and breaches affecting U.S. federal agencies and corporations, highlighting the ongoing threats in the cybersecurity landscape. The Cybersecurity and Infrastructure Security Agency (CISA) reported that hackers exploited a known vulnerability in an open-source geospatial data server, leading to the deployment of a web…
Recent discoveries by the Qualys Threat Research Unit have unveiled two significant security vulnerabilities within the OpenSSH suite, an essential tool for secure networking. These vulnerabilities, if exploited, could enable attackers to perform a man-in-the-middle (MitM) attack and instigate a denial-of-service (DoS) attack, threatening the security and availability of affected…
The U.S. Department of Justice (DoJ) has successfully seized $500,000 in Bitcoin connected to a group of North Korean hackers who employed a ransomware variant known as Maui to extort digital payments from various organizations. This operation illustrates an increasing trend in cyber extortion tactics aimed at multiple sectors, including…
Network Firewalls, Network Access Control, Security Operations CISA Issues Emergency Directive Following Ongoing Exploits of Cisco Devices Chris Riotta (@chrisriotta) • September 25, 2025 Image: Anucha Cheechang/Shutterstock The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding an ongoing cyberattack campaign that targets Cisco firewalls, exploiting zero-day vulnerabilities…
The Inc ransomware group has claimed responsibility for a significant data breach at the Pennsylvania Attorney General’s office that occurred in August 2025. Cybersecurity researchers from Comparitech report that the group asserts it has exfiltrated approximately 5.7 terabytes of data from the office. In a demonstration of their claims, the…
