On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) officially included a significant security vulnerability affecting ScienceLogic SL1 in its Known Exploited Vulnerabilities (KEV) list. This action comes in response to confirmed instances of active exploitation as a zero-day vulnerability. The flaw, designated as CVE-2024-9537 (scoring 9.3 on the…
The notorious ransomware group REvil, known for significant cyberattacks including those on JBS and Kaseya, has abruptly vanished from the dark web, prompting speculation regarding its potential dismantling. This sudden disappearance has left multiple darknet and clearnet services linked to the Russia-associated syndicate inoperable, presenting users with the error message…
The recent dismantling of the illicit online marketplace known as SSNDOB illustrates a significant blow to cybercriminal activities focused on identity theft. Announced by the U.S. Department of Justice (DoJ), this operation involved multiple law enforcement agencies working in tandem, leading to the effective shutdown of a platform that specialized…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Governance & Risk Management Unpatched Devices Since October 2023 Exhibit Vulnerabilities Prajeet Nair (@prajeetspeaks) • November 3, 2025 Image: Anucha Cheechang/Shutterstock The Australian Cyber Security Centre (ACSC) has issued a warning regarding ongoing attacks on unpatched Cisco IOS XE enterprise devices. Cybercriminals…
Toys “R” Us Canada Data Breach Exposes Customer Data on Dark Web A recent security incident has come to light involving Toys “R” Us Canada, where unauthorized access to sensitive customer information has been exposed on the dark web. This breach raises significant concerns about data privacy and security protocols…
VMware has announced important software updates targeting a critical security vulnerability in vCenter Server that previously had patches issued but was determined to remain partially unaddressed. This vulnerability, identified as CVE-2024-38812 with a CVSS score of 9.8, involves a heap-overflow issue within the DCE/RPC protocol implementation. According to Broadcom, which…
On Wednesday, threat intelligence researchers from Google provided an update on four active zero-day vulnerabilities affecting Chrome, Safari, and Internet Explorer, all of which have been exploited by threat actors in various campaigns this year. This report highlights a concerning trend where three of the vulnerabilities were developed by commercial…
In a significant cybersecurity case, a former Amazon employee has been convicted for her involvement in the theft of sensitive personal information from over 100 million individuals during the 2019 Capital One breach. This case underscores the potential vulnerabilities associated with large cloud service providers and the risks businesses face…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Acquisition Enhances AI Protective Measures Against Red-Teaming and Compliance Monitoring Michael Novinson (MichaelNovinson) • November 3, 2025 Adam Geller, Chief Product Officer at Zscaler (Image: Zscaler) Zscaler has recently acquired SPLX, an artificial intelligence security startup, enhancing its capabilities in…
