On October 17, 2025, Envoy Air, a Texas-based regional airline and the largest carrier under American Airlines, confirmed that it was recently compromised due to a series of cyberattacks exploiting a zero-day vulnerability in a major corporate software application. The hacks were executed by CL0P, a notorious ransomware group known…
JumpCloud Responds to Cybersecurity Incident Affecting Clients JumpCloud, a cloud-based identity and access management provider, has taken swift action in response to a significant cybersecurity incident that has impacted a number of its clients. The breach has prompted the company to reset the application programming interface (API) keys for all…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Darktrace Reports on Compromise of Citrix NetScaler Gateway Akshaya Asokan (asokan_akshaya) • October 20, 2025 Image: Shutterstock Recent reports from the managed threat detection firm Darktrace indicate that a persistent campaign by the Chinese cyber espionage group known as Salt Typhoon continues…
October 21, 2025Ravie LakshmananCyber Espionage / Network Security A European telecommunications company has reportedly fallen victim to a cyber intrusion attributed to a threat actor associated with the China-linked group known as Salt Typhoon. This incident, as reported by Darktrace, took place during the first week of July 2025. Attackers…
Critical Vulnerability Discovered in SailPoint’s IdentityIQ Software A significant security vulnerability has been identified in SailPoint’s IdentityIQ identity and access management (IAM) software, potentially exposing sensitive data stored in application directories. The flaw, designated CVE-2024-10905, carries a maximum CVSS score of 10.0, highlighting its critical severity. This vulnerability affects various…
Stealth Malware Campaign Targets Middle Eastern Entities A sophisticated malware campaign has been uncovered, targeting government bodies, military organizations, law firms, and financial institutions predominantly in the Middle East. Initiated as early as 2019, the campaign leverages malicious Microsoft Excel and Word documents to infiltrate victim networks. Kaspersky, a Russian…
Could the portrayal of heists in entertainment be more than mere fiction? The French television series Lupin recently seemed to foreshadow a dramatic theft at the Louvre, which unfolded on the morning of October 19. This incident saw professional thieves executing a meticulously planned break-in at one of the world’s…
In a significant security breach, JumpCloud has confirmed that a sophisticated nation-state actor infiltrated its systems, targeting a select group of its customers. Shortly following a reset of API keys for affected clients, Bob Phan, Chief Information Security Officer (CISO) at JumpCloud, stated, “The adversary gained unauthorized access to our…
Endpoint Security, Litigation, Standards, Regulations & Compliance U.S. Court Bars NSO Group from WhatsApp and Orders Destruction of Hacking Code Chris Riotta (@chrisriotta) • October 20, 2025 Image: Shutterstock/NSO Group/ISMG A significant legal ruling from a U.S. district court has permanently restricted Israeli spyware firm NSO Group from utilizing its…
