Rackspace Confirms Ransomware Attack by Play Group On Thursday, cloud services provider Rackspace identified the ransomware group known as Play as the responsible party behind a recent security breach that occurred in December 2022. The breach targeted Rackspace’s Hosted Exchange email environment, taking advantage of a previously undisclosed vulnerability. The…
CISA Reveals New Vision for CVE Program Amid Funding Concerns Chris Riotta (@chrisriotta) • September 11, 2025 Image: Mitre/Shutterstock/ISMG The Cybersecurity and Infrastructure Security Agency (CISA) has announced an updated vision for its Common Vulnerabilities and Exposures (CVE) program, a crucial system for tracking vulnerabilities worldwide. Despite the agency’s objectives,…
Paragon’s Accusations Highlight Growing Concerns in the Global Spyware Market Paragon has issued a strong response to findings from an investigative committee, claiming that Italian authorities have failed to perform a comprehensive technical verification that could have potentially clarified ongoing issues. This accusation emphasizes the need for thorough investigations to…
Rising Threat of Credential Stuffing Attacks in 2024 In 2024, credential stuffing attacks have emerged as a significant cybersecurity concern, driven by a troubling cycle of infostealer malware infections and data breaches. The situation, already precarious, is poised to worsen with the advent of Computer-Using Agents (CUAs), a novel class…
Vyro AI Leak Exposes Weaknesses in Cybersecurity Practices Recent revelations from a security breach involving Vyro AI have shed light on significant vulnerabilities in the company’s cybersecurity protocols. The incident, detailed in a report by Dark Reading, has raised serious concerns about the organization’s ability to safeguard sensitive data, prompting…
Malware Attack Utilizing IcedID Compromises Active Directory Domain A recent incident involving IcedID malware has raised significant alarms within the cybersecurity community, highlighting the persistent threat posed by sophisticated attacks. Within just 24 hours of gaining initial access, the threat actor successfully compromised the Active Directory domain of an unidentified…
Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime In Focus: Cybercriminals Utilize Ethereum Smart Contracts to Conceal Malicious npm Code Rashmi Ramesh (rashmiramesh_) • September 11, 2025 Image: Shutterstock In a weekly summary by Information Security Media Group, notable cybersecurity events have emerged including a $41 million hack of…
On Tuesday, Apple unveiled a new lineup of iPhones featuring the innovative A19 and A19 Pro chips. Among these devices is a sleek iPhone Air, along with several redesigned models. However, it is a subtle yet significant enhancement—Memory Integrity Enforcement—that stands out, potentially marking a crucial advancement in device security.…
Recent cybersecurity investigations have revealed a convergence between two notorious ransomware groups: Black Basta and CACTUS. Both factions have been exploiting a shared BackConnect (BC) module, facilitating persistent control over compromised systems. This development hints at a potential shift, suggesting that affiliates of Black Basta may now be operating under…
