An adversarial group, known for its focus on the fintech sector since 2018, has updated its tactics by introducing a new Python-based remote access Trojan (RAT) designed to extract sensitive information from compromised systems. The group, identified as Evilnum, has refined its infection strategies and is now deploying the PyVil…
SoundCloud, the prominent audio streaming platform, disclosed on Monday that it has experienced a security breach, resulting in unauthorized access to limited user data. This incident comes on the heels of recent service disruptions that particularly impacted users accessing the platform via VPNs. Compromise of User Data The company confirmed…
Dixons Carphone Faces Major Data Breach Update Dixons Carphone, a prominent electronics and telecommunications retailer in Europe, has revealed significant developments regarding its 2017 data breach. In a recent announcement, the company disclosed that the breach affected approximately 10 million customers, a substantial increase from the initial estimate of 1.2…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Network Firewalls, Network Access Control Researchers Sound Alarm Over Misconfigured Customer Network Edge Devices Mathew J. Schwartz (euroinfosec) • December 16, 2025 Image: xfilephotos/Shuttertstock Cybersecurity experts have issued a warning regarding the vulnerabilities posed by misconfigured network edge devices, emphasizing that these…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Network Firewalls, Network Access Control Misconfigured Customer Network Edge Devices Under Attack, Researchers Warn Mathew J. Schwartz (euroinfosec) • December 16, 2025 Image: xfilephotos/Shutterstock Cybersecurity experts are sounding the alarm as Russian hackers exploit misconfigured network-edge devices to facilitate unauthorized access into…
Cisco Addresses Critical Vulnerability in Unity Connection Software Cisco has announced the availability of software updates in response to a significant security vulnerability affecting its Unity Connection platform. This vulnerability, identified as CVE-2024-20272, has been assigned a CVSS score of 7.3, indicating a critical level of risk. The issue stems…
In a troubling development for the cybersecurity landscape, Visa has alerted the public to a JavaScript web skimmer called Baka. Concurrently, a group of researchers from ETH Zurich has identified a critical authentication vulnerability in Visa’s EMV-enabled payment cards, which could be exploited by cybercriminals to unlawfully extract funds from…
In a significant cybersecurity incident, Reddit recently confirmed a data breach occurring in June that compromised user information, including current email addresses and data from a 2007 backup that contains usernames and hashed passwords. This breach appears to be a reaction from an aggrieved party dissatisfied with Reddit’s account ban…
Cybercrime, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Vercel Issues Warning: Two Additional Vulnerabilities in React Server Components Urgently Require Patching Mathew J. Schwartz (@euroinfosec) • December 15, 2025 Image: Shutterstock/React/ISMG Experts warn that the React2Shell vulnerability is being exploited en masse by state-sponsored attackers connected to China, North…
