A cyberattack on Manpower’s Michigan office has compromised the data of 144,000 individuals, while Workday faces a data breach linked to a broader social engineering scheme. These incidents underscore the escalating risks posed by cyber threats. Recently, two significant organizations—global staffing agency Manpower and software provider Workday—have reported separate cyberattacks…
May 21, 2025
Data Breach / Account Security
Google has introduced an innovative feature in its Chrome browser that enables its built-in Password Manager to automatically change a user’s password when it identifies compromised credentials. According to Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura, “When Chrome detects a compromised password during sign-in, Google Password Manager prompts the user with an option to fix it automatically.” On supported websites, Chrome can create a strong new password and update the user’s credentials seamlessly. This feature enhances the Password Manager’s existing functionalities, which include generating secure passwords during account creation and flagging credentials involved in data breaches. Google has informed The Hacker News that this feature has not yet been officially released for end users, as it is primarily focused on developers to help optimize their websites in anticipation of the rollout. The automated password change aims to streamline the process and reduce friction for users concerned about their account security.
Google Chrome Introduces Automated Password Update Feature Amid Rising Data Breach Concerns May 21, 2025 Cybersecurity / Data Protection In a significant update aimed at enhancing online security, Google has unveiled a new feature for its Chrome browser that empowers the built-in Password Manager to automatically update compromised passwords. This…
May 21, 2025
Data Breach / Account Security
Google has introduced an innovative feature in its Chrome browser that enables its built-in Password Manager to automatically change a user’s password when it identifies compromised credentials. According to Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura, “When Chrome detects a compromised password during sign-in, Google Password Manager prompts the user with an option to fix it automatically.” On supported websites, Chrome can create a strong new password and update the user’s credentials seamlessly. This feature enhances the Password Manager’s existing functionalities, which include generating secure passwords during account creation and flagging credentials involved in data breaches. Google has informed The Hacker News that this feature has not yet been officially released for end users, as it is primarily focused on developers to help optimize their websites in anticipation of the rollout. The automated password change aims to streamline the process and reduce friction for users concerned about their account security.
JACKSONVILLE, Fla., Aug. 18, 2025 (GLOBE NEWSWIRE) — Edelson Lechtzin LLP, a law firm situated in suburban Philadelphia, is conducting an investigation into data privacy violations linked to a data breach at CPAP Medical Supplies and Services Inc. (“CPAP Medical”). This breach was reported around June 27, 2025. Business owners…
Date: Jun 18, 2025
Category: Vulnerability / Data Protection
Veeam has issued patches to address a severe security vulnerability in its Backup & Replication software that permits remote code execution under specific circumstances. Identified as CVE-2025-23121, this flaw has a CVSS score of 9.9 out of 10. According to the company’s advisory, it allows remote code execution (RCE) on the Backup Server by an authenticated domain user. The vulnerability affects all earlier builds of version 12, including 12.3.1.1139, and has been remedied in version 12.3.2 (build 12.3.2.3617). The discovery and reporting of this vulnerability were credited to security researchers from CODE WHITE GmbH and watchTowr. Cybersecurity firm Rapid7 suggests that this update addresses concerns raised by CODE WHITE in March 2025 regarding the potential bypassing of a previous patch for a related vulnerability (CVE-2025-23120, also scored 9.9). Additionally, Veeam has resolved another issue within the same product.
Veeam Addresses Critical RCE Vulnerability in Backup & Replication Software On June 18, 2025, Veeam Software announced the release of critical patches addressing a severe vulnerability identified as CVE-2025-23121 within its Backup & Replication platform. This flaw, rated at an alarming 9.9 on the Common Vulnerability Scoring System (CVSS), poses…
Date: Jun 18, 2025
Category: Vulnerability / Data Protection
Veeam has issued patches to address a severe security vulnerability in its Backup & Replication software that permits remote code execution under specific circumstances. Identified as CVE-2025-23121, this flaw has a CVSS score of 9.9 out of 10. According to the company’s advisory, it allows remote code execution (RCE) on the Backup Server by an authenticated domain user. The vulnerability affects all earlier builds of version 12, including 12.3.1.1139, and has been remedied in version 12.3.2 (build 12.3.2.3617). The discovery and reporting of this vulnerability were credited to security researchers from CODE WHITE GmbH and watchTowr. Cybersecurity firm Rapid7 suggests that this update addresses concerns raised by CODE WHITE in March 2025 regarding the potential bypassing of a previous patch for a related vulnerability (CVE-2025-23120, also scored 9.9). Additionally, Veeam has resolved another issue within the same product.
WarLock ransomware has reportedly breached Colt and Hitachi, prompting an investigation and efforts to restore systems at Colt while cybersecurity experts examine the alleged data breach. A new ransomware group, WarLock, which emerged just two months ago, is seeking to establish its credibility by targeting prominent organizations. Recently, it added…
FBI and Europol Take Down Lumma Stealer Malware Network Responsible for 10 Million Infections
May 22, 2025
Malware / Cybercrime
A major crackdown by international law enforcement agencies and private sector partners has successfully dismantled the infrastructure behind Lumma Stealer (also known as LummaC or LummaC2), resulting in the seizure of 2,300 domains that served as command-and-control hubs for compromised Windows systems. According to the U.S. Department of Justice (DoJ), “Malware like LummaC2 is utilized to extract sensitive information, such as user login credentials, from millions of victims, enabling a range of criminal activities including fraudulent bank transactions and cryptocurrency theft.” Since its emergence in late 2022, Lumma Stealer has been linked to approximately 1.7 million incidents involving the theft of data, including browser information, autofill details, login credentials, and cryptocurrency seed phrases.
FBI and Europol Take Down Lumma Stealer Malware Network, Impacting Millions of Users May 22, 2025 — A significant joint operation led by the FBI in collaboration with Europol and private sector partners has successfully disrupted the infrastructure of Lumma Stealer, a highly active commodity information stealing malware. This operation…
FBI and Europol Take Down Lumma Stealer Malware Network Responsible for 10 Million Infections
May 22, 2025
Malware / Cybercrime
A major crackdown by international law enforcement agencies and private sector partners has successfully dismantled the infrastructure behind Lumma Stealer (also known as LummaC or LummaC2), resulting in the seizure of 2,300 domains that served as command-and-control hubs for compromised Windows systems. According to the U.S. Department of Justice (DoJ), “Malware like LummaC2 is utilized to extract sensitive information, such as user login credentials, from millions of victims, enabling a range of criminal activities including fraudulent bank transactions and cryptocurrency theft.” Since its emergence in late 2022, Lumma Stealer has been linked to approximately 1.7 million incidents involving the theft of data, including browser information, autofill details, login credentials, and cryptocurrency seed phrases.
State Settles for $2 Million with Dental Insurer Over Cybersecurity Breaches In a significant development within the realm of cybersecurity compliance, a settlement has been reached between state authorities and a dental insurance provider concerning serious violations of data security protocols. The agreement, totaling $2 million, highlights the legal and…
CISA Alerts About Ongoing Exploitation of Linux Kernel Privilege Escalation Flaw On June 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning regarding a significant security vulnerability affecting the Linux kernel, now listed in its Known Exploited Vulnerabilities (KEV) catalog. This flaw, identified as CVE-2023-0386, boasts…
Chinese Hackers Leverage Ivanti EPMM Vulnerabilities in Widespread Global Attacks
May 22, 2025
Enterprise Security / Malware
A recently patched duo of security vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-linked threat actor to target various sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to run arbitrary code on vulnerable devices without needing any authentication. Ivanti addressed these flaws just last week. According to a report from EclecticIQ, the vulnerability chain has been misused by UNC5221, a Chinese cyber espionage group known for targeting edge network devices since at least 2023. Most recently, this group has also been linked to exploitation attempts on SAP NetWeaver instances affected by CVE-2025-31324. The Dutch cybersecurity firm noted that the first exploitation activities began on May 15, 2025, with attacks focused on healthcare, telecommunications, and aviation sectors.
Chinese Cyber Actors Target Global Enterprises Through Ivanti EPMM Vulnerabilities May 22, 2025 – Enterprise Security / Malware Recent developments in the cybersecurity landscape have revealed that a pair of vulnerabilities within Ivanti Endpoint Manager Mobile (EPMM) software, identified as CVE-2025-4427 and CVE-2025-4428, have been exploited by a China-based threat…
Chinese Hackers Leverage Ivanti EPMM Vulnerabilities in Widespread Global Attacks
May 22, 2025
Enterprise Security / Malware
A recently patched duo of security vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-linked threat actor to target various sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to run arbitrary code on vulnerable devices without needing any authentication. Ivanti addressed these flaws just last week. According to a report from EclecticIQ, the vulnerability chain has been misused by UNC5221, a Chinese cyber espionage group known for targeting edge network devices since at least 2023. Most recently, this group has also been linked to exploitation attempts on SAP NetWeaver instances affected by CVE-2025-31324. The Dutch cybersecurity firm noted that the first exploitation activities began on May 15, 2025, with attacks focused on healthcare, telecommunications, and aviation sectors.
