A significant vulnerability has been identified in Magento, with threat actors exploiting this flaw to implant a persistent backdoor in e-commerce platforms. This attack leverages the CVE-2024-20720 vulnerability (CVSS score: 9.1), categorized by Adobe as indicative of “improper neutralization of special elements,” which can lead to arbitrary code execution. The…
Distributed Denial of Service (DDoS) attacks have emerged as a significant cybersecurity threat, designed to overwhelm and incapacitate websites by flooding them with excessive traffic. The primary objective of these attacks is to render targeted websites inoperable, leading to severe disruptions in service and potential revenue loss. Over the last…
Everest Ransomware Group Targets Petrobras in Data Breach The Everest ransomware group has recently made headlines with two separate postings on its dark web leak site, both involving Petrobras, the Brazilian multinational corporation predominantly owned by the state and a major player in the petroleum sector headquartered in Rio de…
Online guitar education platform TrueFire has reportedly experienced a significant data breach involving a “Magecart” style attack. This incident raises concerns over the potential exposure of sensitive customer information, including personal and payment card details. TrueFire, a leading online resource for guitar enthusiasts with over one million registered users, grants…
Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime Also: Obama Twitter Hacker Ordered to Forfeit $5.3 Million Rashmi Ramesh (rashmiramesh_) • November 20, 2025 Image: Shutterstock Information Security Media Group provides a weekly overview of cybersecurity incidents in the digital asset sector. Recently, the co-founders of Samourai Wallet and…
Salesforce recently issued a security advisory alerting users to unauthorized access to customer data via third-party applications provided by Gainsight. This breach not only raises alarm bells across the user base but also highlights persistent vulnerabilities associated with OAuth integrations—an area already marked by significant data breaches within the Salesforce…
Cybersecurity Alert: Vulnerabilities Found in D-Link NAS Devices Open Doors to Exploitation Recent findings reveal that threat actors are actively exploiting security weaknesses affecting approximately 92,000 D-Link network-attached storage (NAS) devices exposed to the internet. The vulnerabilities, identified as CVE-2024-3272 and CVE-2024-3273, are categorized with high CVSS scores of 9.8…
On Monday, Microsoft announced the rollout of a new one-click mitigation software aimed at shielding susceptible environments from the ongoing ProxyLogon cyberattacks targeting Exchange Servers. This tool, known as the Exchange On-premises Mitigation Tool (EOMT), employs PowerShell to implement necessary countermeasures against known vulnerabilities, specifically CVE-2021-26855. It also conducts scans…
The ongoing COVID-19 pandemic has triggered widespread economic disruption, leaving organizations grappling with heightened uncertainty. A recent report from cybersecurity firm Cynet highlights the serious implications for information security, noting a notable uptick in cyber threats that exploit the current crisis. In response to the evolving threat landscape, Cynet has…
