Critical Vulnerability Discovered in Firefox Exposed to Exploitation Mozilla has announced the discovery of a significant security vulnerability affecting both Firefox and the Firefox Extended Support Release (ESR). This flaw, tracked as CVE-2024-9680, has been identified as a use-after-free bug within the Animation timeline component and carries a CVSS score…
A series of cyber espionage operations, tracing back to 2014 and primarily aimed at acquiring sensitive defense information from neighboring nations, have been attributed to a Chinese military intelligence unit. A comprehensive report released this week by Massachusetts-based Recorded Future reveals connections between a group known as RedFoxtrot and the…
In a significant cybersecurity incident, the FBI has revealed that in 2023, an individual named Martin sought to align himself with the notorious BlackCat ransomware group. This group is known for providing a comprehensive malware service, including access to sophisticated ransomware code and a dark web infrastructure, in exchange for…
French data protection authority, CNIL, has determined that Google Analytics breaches the European Union’s General Data Protection Regulation (GDPR). This ruling follows a similar finding in Austria just weeks prior. The CNIL’s investigation into the transatlantic transfer of Google Analytics data revealed that this practice lacks appropriate regulatory oversight, particularly…
Cyberwarfare / Nation-State Attacks, Endpoint Security, Fraud Management & Cybercrime Spyware Targets Samsung Galaxy Devices, Reports Unit 42 Greg Sirico • November 7, 2025 Samsung Galaxy models targeted by the malware include the Galaxy S23 Series, Galaxy S24 Series, Galaxy S22, Galaxy Z Flip4, and Galaxy Z Fold4, as depicted.…
Cybersecurity firm Tenable has unveiled significant vulnerabilities in OpenAI’s ChatGPT, uncovering seven distinct risks that could allow malicious actors to compromise user data, circumvent security measures, and embed persistent threats within the model’s architecture. The analysis, referred to as HackedGPT, highlighted that several of the vulnerabilities identified in ChatGPT-4 have…
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical security vulnerability affecting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog. This action was taken in light of evidence indicating ongoing exploitation of this flaw. Identified as CVE-2024-23113, this vulnerability has a CVSS…
On Friday, the Korea Atomic Energy Research Institute (KAERI), a government-funded entity based in South Korea, reported a breach of its internal network. The infiltration is believed to have been executed by a threat actor linked to North Korea, with the actual breach occurring on May 14. The attackers exploited…
U.S. Congressional Budget Office Suffers Cybersecurity Breach Amid Ongoing Government Shutdown In an alarming turn of events during a prolonged government shutdown lasting over five weeks, the U.S. Congressional Budget Office (CBO) disclosed that it recently experienced a cybersecurity breach attributed to a suspected foreign actor. The CBO, which is…
