The Rise of Supply Chain Attacks: A Growing Concern for Businesses In 2021, the cybersecurity landscape was notably defined by a surge in supply chain attacks. These incidents occur when cybercriminals compromise third-party software components to infiltrate downstream applications. High-profile breaches such as those involving SolarWinds, Kaseya, and Codecov have…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Governance & Risk Management Google Issues Warning on Emerging Cyber Threats Akshaya Asokan (asokan_akshaya), David Perera (@daveperera) • November 4, 2025 Image: Shutterstock/ISMG A recent report from Google highlights critical vulnerabilities in the virtualization technology that supports modern IT frameworks, calling attention…
Celerium Designated a Preferred Cybersecurity Provider by the American Hospital Association In a significant advancement for healthcare cybersecurity, Celerium has been recognized as a Preferred Cybersecurity Provider by the American Hospital Association (AHA) for its robust data breach defense solutions. This designation underscores Celerium’s commitment to safeguarding sensitive healthcare data…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) officially included a significant security vulnerability affecting ScienceLogic SL1 in its Known Exploited Vulnerabilities (KEV) list. This action comes in response to confirmed instances of active exploitation as a zero-day vulnerability. The flaw, designated as CVE-2024-9537 (scoring 9.3 on the…
The notorious ransomware group REvil, known for significant cyberattacks including those on JBS and Kaseya, has abruptly vanished from the dark web, prompting speculation regarding its potential dismantling. This sudden disappearance has left multiple darknet and clearnet services linked to the Russia-associated syndicate inoperable, presenting users with the error message…
The recent dismantling of the illicit online marketplace known as SSNDOB illustrates a significant blow to cybercriminal activities focused on identity theft. Announced by the U.S. Department of Justice (DoJ), this operation involved multiple law enforcement agencies working in tandem, leading to the effective shutdown of a platform that specialized…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Governance & Risk Management Unpatched Devices Since October 2023 Exhibit Vulnerabilities Prajeet Nair (@prajeetspeaks) • November 3, 2025 Image: Anucha Cheechang/Shutterstock The Australian Cyber Security Centre (ACSC) has issued a warning regarding ongoing attacks on unpatched Cisco IOS XE enterprise devices. Cybercriminals…
Toys “R” Us Canada Data Breach Exposes Customer Data on Dark Web A recent security incident has come to light involving Toys “R” Us Canada, where unauthorized access to sensitive customer information has been exposed on the dark web. This breach raises significant concerns about data privacy and security protocols…
VMware has announced important software updates targeting a critical security vulnerability in vCenter Server that previously had patches issued but was determined to remain partially unaddressed. This vulnerability, identified as CVE-2024-38812 with a CVSS score of 9.8, involves a heap-overflow issue within the DCE/RPC protocol implementation. According to Broadcom, which…
