Red Hat Issues Urgent Security Alert Following Backdoor Discovery in XZ Utils On Friday, Red Hat issued an urgent security alert, revealing a critical security vulnerability involving two versions of the widely-used data compression library known as XZ Utils, previously LZMA Utils. This vulnerability allows malicious actors to gain unauthorized…
On Sunday, the European Banking Authority (EBA) reported a cyberattack that compromised its Microsoft Exchange Servers. As a precautionary step, the agency took its email systems offline temporarily. This incident raises significant concerns as it may have allowed unauthorized access to personal data stored in emails. The EBA, located in…
Thousands of Asus routers have been compromised, falling under the control of a suspected state-sponsored group from China. This recent wave of hacking has primarily targeted seven specific models of Asus routers, all of which no longer receive security updates from the manufacturer, according to researchers at SecurityScorecard. The operation,…
The United States Department of Justice has officially charged four members of the Chinese military for their alleged role in the significant Equifax data breach, resulting in the exposure of sensitive personal and financial information of nearly 150 million Americans. In a press conference spearheaded by Attorney General William Barr…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Three-Year Espionage Campaign Targets Taiwanese Firms Akshaya Asokan (asokan_akshaya) • November 21, 2025 (Image: Shutterstock) Security researchers have uncovered a multi-year espionage operation attributed to a hacking group with suspected ties to the Chinese government. This sustained campaign, lasting three years,…
Salesforce Detects Unauthorized Activity Linked to Gainsight Applications On November 21, Salesforce informed its customers of unusual activity tied to applications developed by Gainsight, which are directly managed by users. The detection of this atypical behavior raised concerns regarding potential unauthorized access to sensitive Salesforce data through its connection with…
Significant Supply Chain Attack Discovered in XZ Utils, Posing Serious Risks to Linux Users A profound security threat has emerged following the discovery of malicious code inserted into XZ Utils, an open-source library used extensively in numerous major Linux distributions. This vulnerability, identified as CVE-2024-3094 and given a critical CVSS…
Recent investigations have linked a malicious web shell deployed on Windows systems to a possible Chinese cyber threat group, following the exploitation of an undisclosed zero-day vulnerability in SolarWinds’ Orion network monitoring software. The cybersecurity firm Secureworks reported that this breach involved a web shell referred to as Supernova, which…
Election Results Canceled Due to Lost Encryption Key by IACR Official In a significant blow to the integrity of its electoral process, the International Association of Cryptologic Research (IACR) announced the cancellation of the results from its annual leadership election. This decision was made after a trustee on the election…
