Recent CACTUS Ransomware Campaign Targets Qlik Sense Vulnerabilities A new ransomware campaign, identified as CACTUS, has been leveraging recently revealed security vulnerabilities within Qlik Sense, a cloud analytics and business intelligence platform. This operation has sparked significant concern among cybersecurity experts, marking the first known use of these vulnerabilities by…
Recent advisories from U.S. government agencies highlight an ongoing and substantial cyber threat from North Korean state-sponsored hacking groups, particularly targeting global banking and financial institutions. This joint advisory, released by the Departments of State, Treasury, Homeland Security, and the FBI, summarizes a series of cyberattacks attributed to North Korean…
Title: U.S. Justice Department Charges Chinese Nationals in Major Cyber Espionage Case The United States Justice Department has formally charged three Chinese nationals for allegedly engaging in a series of cyberattacks targeting prominent corporations, including Moody’s Analytics, Siemens, and GPS manufacturer Trimble. The defendants are accused of stealing vast quantities…
Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development AI Firm Investigates New Classification of Prompt Injection Attacks Rashmi Ramesh (rashmiramesh_) • December 23, 2025 Image: DIA TV/Shutterstock OpenAI is embarking on a long-term initiative to fortify its ChatGPT Atlas against prompt injection attacks—an evolving cybersecurity threat…
Operation PCPcat: A Large-Scale Cyber Espionage Campaign Disrupts Web Infrastructure In a significant cyber espionage event labeled Operation PCPcat, over 59,000 servers have been compromised within a mere 48 hours, exposing vulnerabilities in modern web architectures. This operation predominantly targets platforms utilizing React frameworks, specifically Next.js and React Servers, leading…
Recent reports from cybersecurity experts have indicated the emergence of a sophisticated variant of the P2PInfect botnet, which has shown the ability to target both routers and Internet of Things (IoT) devices. This new iteration has been identified by Cado Security Labs as specifically tailored for Microprocessor without Interlocked Pipelined…
Recent reports indicate that multiple attack groups have successfully breached corporate email accounts belonging to at least 156 high-ranking executives across various firms located in Germany, the UK, Netherlands, Hong Kong, and Singapore. This campaign has been identified as **PerSwaysion**, which has utilized Microsoft’s file-sharing services—specifically Sway, SharePoint, and OneNote—to…
Big Tech’s “Free” Services: The Hidden Cost of Data Access In recent years, the use of so-called “free” services from major technology companies like Google, Facebook, and Microsoft has come at a significant price: the relinquishing of personal data. While embracing cloud technology and utilizing free applications can simplify many…
Kazakhstan-Born Hacker Enters Guilty Plea in Massive Yahoo Data Breach Karim Baratov, a 22-year-old Canadian citizen originally from Kazakhstan, has pleaded guilty to charges stemming from a significant data breach that compromised all three billion Yahoo accounts in 2014. The U.S. Justice Department previously announced charges against Russian intelligence officers…
