• October 23, 2025 As the landscape of digital transactions transitions from human-catalyzed interactions to autonomous decision-making aided by artificial intelligence, significant shifts in the payment lifecycle are essential. Companies must now focus on establishing frameworks for trust, intent, and identity in automated environments. In a recent discussion featuring industry…
A recent cyber threat known as GlassWorm has been detected, specifically targeting developers utilizing Visual Studio Code extensions via the OpenVSX marketplace. Koi Security unveiled this campaign, which leverages trusted extensions to automatically propagate across various development environments while employing stolen credentials to facilitate further infections. Distinct from typical malware…
Recent analysis has revealed that the China-linked hacking group, known as Earth Estries, is employing a previously unidentified backdoor named GHOSTSPIDER in its cyber operations directed at telecommunications firms in Southeast Asia. This development highlights an evolving threat landscape, where traditional boundaries of cybersecurity are increasingly tested. Trend Micro, which…
Recent investigations have unveiled that a state-sponsored threat actor believed to have ties to Iran has conducted a series of targeted cyberattacks against internet service providers (ISPs) and telecommunications operators in countries such as Israel, Morocco, Tunisia, and Saudi Arabia. Additionally, a ministry of foreign affairs in Africa was also…
Critical Vulnerabilities Identified in BIND Could Enable Cache Poisoning Attacks A recent disclosure from BIND developers has outlined significant vulnerabilities linked to the software’s Pseudo Random Number Generator (PRNG). These flaws may allow attackers to predict the source port and query ID employed by BIND, potentially allowing for successful spoofing…
Western Digital Reports Network Security Breach In a significant disclosure, Western Digital, a leading data storage manufacturer, announced on Monday that it experienced a “network security incident” resulting from unauthorized access to its systems. The breach, which occurred on March 26, 2023, allowed an unnamed third party to infiltrate several…
Government, Industry Specific CISA Budget and Staffing Cuts Undermine National Cyber Readiness, Officials Warn Chris Riotta (@chrisriotta) • October 22, 2025 Mark Montgomery, senior director of the Center on Cyber and Technology Innovation, October 22, 2025. (Image: FDD/ISMG) The Cyberspace Solarium Commission has reported a significant setback in U.S. federal…
Incruit Fined 463 Million Won for Data Breach Affecting 7.27 Million Members In a significant incident illustrating the vulnerabilities businesses face in today’s digital landscape, Incruit has been fined 463 million won due to a severe data breach impacting approximately 7.27 million of its users. The breach not only highlights…
RomCom Exploits Zero-Day Vulnerabilities in Firefox and Windows A sophisticated cyber operation attributed to the Russia-aligned threat actor known as RomCom has been reported, focusing on the exploitation of two zero-day vulnerabilities—one in Mozilla Firefox and another in Microsoft Windows. These attacks have been designed to deploy RomCom’s proprietary backdoor…
