860,000 Affected by Data Breach at Columbia University In a significant security incident, Columbia University has reported a data breach that has compromised the personal information of approximately 860,000 individuals. The university, based in the United States, has disclosed that sensitive data was potentially accessed by unauthorized actors, raising serious…
Urgent: Google Issues Critical Chrome Update to Address Active Exploit CVE-2025-6558
Jul 16, 2025
Browser Security / Zero-Day
On Tuesday, Google released a significant update for its Chrome web browser, addressing six security vulnerabilities, including a high-severity flaw that is currently being exploited in the wild. The vulnerability, identified as CVE-2025-6558 (CVSS score: 8.8), involves inadequate validation of untrusted input within the browser’s ANGLE and GPU components. According to the NIST National Vulnerability Database (NVD), “Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to version 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a specially crafted HTML page.” ANGLE, which stands for “Almost Native Graphics Layer Engine,” serves as a bridge between Chrome’s rendering engine and the device’s graphics drivers. Exploits in this module can enable attackers to bypass Chrome’s sandbox, allowing them to manipulate low-level GPU operations typically confined within the browser, making this vulnerability particularly concerning.
Urgent: Critical Chrome Update Released by Google to Address CVE-2025-6558 Exploit On July 16, 2025, Google announced significant updates to its Chrome web browser, patching six security vulnerabilities, one of which is particularly concerning as it has already been exploited in the wild. This flaw, identified as CVE-2025-6558, has been…
Urgent: Google Issues Critical Chrome Update to Address Active Exploit CVE-2025-6558
Jul 16, 2025
Browser Security / Zero-Day
On Tuesday, Google released a significant update for its Chrome web browser, addressing six security vulnerabilities, including a high-severity flaw that is currently being exploited in the wild. The vulnerability, identified as CVE-2025-6558 (CVSS score: 8.8), involves inadequate validation of untrusted input within the browser’s ANGLE and GPU components. According to the NIST National Vulnerability Database (NVD), “Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to version 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a specially crafted HTML page.” ANGLE, which stands for “Almost Native Graphics Layer Engine,” serves as a bridge between Chrome’s rendering engine and the device’s graphics drivers. Exploits in this module can enable attackers to bypass Chrome’s sandbox, allowing them to manipulate low-level GPU operations typically confined within the browser, making this vulnerability particularly concerning.
November 25, 2024 | Cybersecurity / Critical Updates
Terms like “state-sponsored attacks” and “critical vulnerabilities” frequently fill our news feeds, but what do they truly entail? This week’s cybersecurity highlights extend beyond mere headlines—they illuminate how digital risks impact our everyday lives more than we might realize. For example, breaches in telecom networks involve far more than data theft; they pose serious threats to our fundamental communications and business operations. Those technical CVEs aren’t just numbers; they represent potential vulnerabilities in your everyday tools, from smartphones to workplace software, functioning like ticking time bombs.
These issues matter to everyone, not just experts. They remind us how easily the digital landscape we depend on can become a threat—but they also underscore the importance of remaining informed and proactive. Join us as we dive into this week’s recap to explore these risks, uncover effective solutions, and discover actionable steps we can all take to enhance our security.
Cybersecurity Update: Key Threats and Trends for the Week of November 18 – November 24 Published on November 25, 2024 In recent weeks, discussions around cybersecurity have underscored pervasive themes such as “state-sponsored attacks” and “critical vulnerabilities.” However, the implications behind these phrases extend beyond mere headlines. This week’s cybersecurity…
November 25, 2024 | Cybersecurity / Critical Updates
Terms like “state-sponsored attacks” and “critical vulnerabilities” frequently fill our news feeds, but what do they truly entail? This week’s cybersecurity highlights extend beyond mere headlines—they illuminate how digital risks impact our everyday lives more than we might realize. For example, breaches in telecom networks involve far more than data theft; they pose serious threats to our fundamental communications and business operations. Those technical CVEs aren’t just numbers; they represent potential vulnerabilities in your everyday tools, from smartphones to workplace software, functioning like ticking time bombs.
These issues matter to everyone, not just experts. They remind us how easily the digital landscape we depend on can become a threat—but they also underscore the importance of remaining informed and proactive. Join us as we dive into this week’s recap to explore these risks, uncover effective solutions, and discover actionable steps we can all take to enhance our security.
The luxury fashion powerhouse Chanel has reported a data breach affecting select customers in the United States. In a letter to clients, the company disclosed that it became aware on July 25 of a security incident involving a U.S. database managed by an external service provider. This compromised database, associated…
Artificial Intelligence & Machine Learning, Legislation, Next-Generation Technologies & Secure Development Chipmaker Argues Against Increasing US Pressure for New Security Requirements Chris Riotta (@chrisriotta) • August 7, 2025 Image: Stock All/Shutterstock Nvidia, a leader in AI chip manufacturing, has dismissed allegations from China’s cybersecurity agency asserting that its H20 chips…
Alera Group Alerts 155,000 Individuals Following July 2024 Cybersecurity Breach The Alera Group has recently informed approximately 155,000 individuals about a significant hacking incident that occurred in July 2024. This breach underscores the escalating threat landscape faced by organizations today, particularly in terms of safeguarding sensitive information. The company, known…
Title: UNC6148 Exploits Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
Date: July 16, 2025
Category: Vulnerability / Cyber Espionage
A threat actor group, identified as UNC6148, has been found targeting fully-patched SonicWall Secure Mobile Access (SMA) 100 series appliances, as part of an operation to deploy a backdoor known as OVERSTEP. This malicious activity has been traced back to at least October 2024. The Google Threat Intelligence Group (GTIG) reports that the number of known victims is currently “limited.” The tech giant has high confidence in its assessment that the group is utilizing credentials and one-time password (OTP) seeds stolen from previous breaches, enabling them to regain access even after organizations have implemented security updates. Metadata analysis indicates that UNC6148 may have first exfiltrated these credentials from the SMA appliance as early as January 2025. The precise method of initial access for delivering the malware remains unknown due to the evasive actions taken by the threat actor.
UNC6148 Targets Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit On July 16, 2025, cybersecurity analysts from the Google Threat Intelligence Group (GTIG) disclosed a troubling trend involving UNC6148, a hacking group targeting fully-patched SonicWall Secure Mobile Access (SMA) 100 Series appliances. The campaign, which began around October 2024,…
Title: UNC6148 Exploits Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
Date: July 16, 2025
Category: Vulnerability / Cyber Espionage
A threat actor group, identified as UNC6148, has been found targeting fully-patched SonicWall Secure Mobile Access (SMA) 100 series appliances, as part of an operation to deploy a backdoor known as OVERSTEP. This malicious activity has been traced back to at least October 2024. The Google Threat Intelligence Group (GTIG) reports that the number of known victims is currently “limited.” The tech giant has high confidence in its assessment that the group is utilizing credentials and one-time password (OTP) seeds stolen from previous breaches, enabling them to regain access even after organizations have implemented security updates. Metadata analysis indicates that UNC6148 may have first exfiltrated these credentials from the SMA appliance as early as January 2025. The precise method of initial access for delivering the malware remains unknown due to the evasive actions taken by the threat actor.
On November 27, 2024, JPCERT/CC reported that the APT-C-60 threat group has executed a cyberattack against an undisclosed organization in Japan, utilizing a job application guise to deploy the SpyGlace backdoor. This operation, which took place in August 2024, exploited legitimate platforms such as Google Drive, Bitbucket, and StatCounter.
The phishing scheme involved an email disguised as correspondence from a potential employee, which was sent to the organization’s recruitment team, ultimately leading to malware infiltration. APT-C-60, believed to be aligned with South Korea, commonly targets East Asian nations. During the attack, the group exploited a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262) to introduce the SpyGlace backdoor. JPCERT/CC’s findings detail how the attack chain unfolded, beginning with a phishing email linking to a file on Goo…
APT-C-60 Hackers Target Japanese Organization with SpyGlace Malware Campaign On November 27, 2024, cybersecurity experts at JPCERT/CC reported a sophisticated cyber attack tied to the APT-C-60 hacker group, which has gained notoriety for its ties to South Korean cyber espionage activities. This recent intrusion specifically targeted an unnamed organization based…
On November 27, 2024, JPCERT/CC reported that the APT-C-60 threat group has executed a cyberattack against an undisclosed organization in Japan, utilizing a job application guise to deploy the SpyGlace backdoor. This operation, which took place in August 2024, exploited legitimate platforms such as Google Drive, Bitbucket, and StatCounter.
The phishing scheme involved an email disguised as correspondence from a potential employee, which was sent to the organization’s recruitment team, ultimately leading to malware infiltration. APT-C-60, believed to be aligned with South Korea, commonly targets East Asian nations. During the attack, the group exploited a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262) to introduce the SpyGlace backdoor. JPCERT/CC’s findings detail how the attack chain unfolded, beginning with a phishing email linking to a file on Goo…
Google’s Salesforce Instance Compromised: A Closer Look at Recent Cybersecurity Breach In a significant cybersecurity breach, Google has confirmed that its Salesforce instance was among those affected by unauthorized access. The intrusion took place in June, but the company only disclosed the incident recently, suggesting that it took some time…
