A suspected nation-state actor has been detected exploiting three critical vulnerabilities in the Ivanti Cloud Service Appliance (CSA), leveraging these zero-day flaws to conduct a series of targeted cyberattacks. According to Fortinet’s FortiGuard Labs, these vulnerabilities allowed attackers to gain unauthorized access to the CSA, enumerate users, and access their…
A persistent brute-force attack campaign, believed to be orchestrated by Russian military intelligence, has targeted enterprise cloud environments since mid-2019. This information is detailed in a joint advisory released by intelligence agencies in both the United States and the United Kingdom. The National Security Agency (NSA), Cybersecurity and Infrastructure Security…
In a significant cybersecurity incident, the University of Pennsylvania has fallen victim to a data breach that has raised alarms within its community. Following the breach, a hacker disseminated an email to numerous recipients, claiming responsibility while disparaging the institution. The email’s provocative subject line, “We got hacked (Action Required),”…
GitHub Confirms Breach Involving Stolen OAuth Tokens GitHub has confirmed a security incident in which unauthorized actors exploited third-party OAuth user tokens from Heroku and Travis CI to access private repository data. On Monday, the platform announced that it has informed all affected customers, emphasizing the need for continued vigilance…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Chinese Hackers Exploit Windows Vulnerability Against European Diplomats Akshaya Asokan (asokan_akshaya) , David Perera (@daveperera) • November 5, 2025 Image: AR Pictures/Shutterstock Security researchers have reported that Chinese nation-state hackers are actively using a Windows vulnerability to target European…
Cybersecurity Experts Warn Against Sharing Personal Data on AI Platforms In a recent advisory, cybersecurity specialists cautioned against the exposure of personal information on artificial intelligence (AI) platforms, amid a marked increase in cyber threats linked to data breaches. This warning comes as users are increasingly sharing sensitive information, including…
Jetpack WordPress Plugin Issues Critical Security Update The Jetpack plugin for WordPress has released a crucial security update aimed at closing a significant vulnerability that allows logged-in users to view forms submitted by other users on the same website. This flaw, which surfaced during an internal security audit, has been…
A sophisticated malware campaign targeting industrial sectors in the Middle East has resurfaced, equipped with advanced tools designed to compromise both Windows and macOS operating systems. This resurgence indicates a tactical shift in both the targets and the methods employed in spreading the malware. According to a recent analysis by…
The campaign of Mamdani did not provide a response to inquiries for comment regarding recent developments. The New York Police Department (NYPD) significantly expanded its mass surveillance programs under Commissioner Raymond Kelly following the September 11 attacks, supported by substantial federal anti-terrorism funding. However, Ferguson highlights that former commissioner William…
