Medusa Ransomware Campaign Targets Diverse Sectors, Rising Threats Persist The Medusa ransomware group has intensified its activities since its emergence in January 2023, reportedly claiming close to 400 victims across various sectors. Recent statistics reveal a significant 42% surge in financially motivated attacks between 2023 and 2024. In the first…
Virgin Money and TD Bank Targeted in Salesforce Breach In a significant development in the world of cybersecurity, both Virgin Money and TD Bank have reportedly suffered a data breach linked to vulnerabilities within Salesforce, a widely-used customer relationship management platform. This incident highlights the ongoing risks that financial institutions…
Google Addresses Vulnerabilities in Android with Latest Update In a recent security update, Google has addressed a total of 62 vulnerabilities in its Android operating system, revealing that two of these flaws have been exploited in real-world scenarios. The vulnerabilities, categorized as high-severity, stem from the USB sub-component of the…
A recent surge in malicious email campaigns has been traced back to a North Korean state-sponsored group known for its history of cryptocurrency heists. This latest wave of activity, identified as a significant shift in tactics, involves aggressive credential harvesting targeting multiple sectors including education, government, and healthcare, in addition…
Identity & Access Management, Security Operations Salesloft Reports GitHub Repository Compromised by Cyber Attackers Greg Sirico • September 8, 2025 Image: Shutterstock Salesloft has confirmed that hackers gained unauthorized access to its GitHub repository, leading to a significant breach affecting several companies, including cybersecurity firms Tenable and Qualys. This incident…
Hackers have executed a significant supply-chain attack by embedding malicious code into a variety of open-source software packages, impacting more than 2 billion weekly updates. This incident, which has been characterized as possibly the largest of its kind to date, compromised nearly two dozen packages hosted on the npm repository,…
In a disturbing development for cybersecurity, a campaign attributed to unidentified threat actors has emerged, focusing primarily on organizations in Japan since January 2025. This malicious initiative exploits a vulnerability known as CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation on Windows systems, as reported by Cisco…
Cybersecurity experts from Silent Push have exposed a complex Chinese espionage initiative that intertwines two notable threat actors: Salt Typhoon and UNC4841. This investigation has unveiled a previously hidden network of malicious infrastructure aimed at infiltrating government and corporate networks across more than 80 countries. The analysis identified 45 malicious…
Recent findings by cybersecurity experts have unveiled a significant vulnerability within the Amazon EC2 Simple Systems Manager (SSM) Agent, a flaw that has since been patched. Should it have been exploited by malicious actors, the vulnerability could have led to unauthorized privilege escalation and code execution on affected systems. The…
