Recent reports from the U.S. Treasury Department have identified the North Korea-affiliated Lazarus Group, also referred to as Hidden Cobra, as the entity responsible for the $540 million theft from the Ronin Network, which is associated with the popular video game Axie Infinity. This incident, occurring last month, underscores the…
Recent developments have drawn the attention of cybersecurity experts worldwide, as the Five Eyes nations—comprising Australia, Canada, New Zealand, the United Kingdom, and the United States—issued a comprehensive advisory on rising cyber threats linked to Russian state-sponsored actors and criminal syndicates. This advisory underscores the heightened risk posed to critical…
Google Issues Urgent Security Patches for Android, Targeting Critical Vulnerabilities In a significant security update, Google has deployed patches to rectify 47 vulnerabilities within its Android operating system. Among these vulnerabilities, one has been flagged for active exploitation in real-world scenarios, raising alarms among security professionals and businesses alike. The…
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of four critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move was prompted by clear evidence indicating that these vulnerabilities are currently being exploited in active attacks. The vulnerabilities identified are significant and warrant…
Cybersecurity Alert: Exploitation of VeraCore Vulnerabilities by XE Group Recent assessments have revealed that cybercriminals are taking advantage of several vulnerabilities within specific software applications, notably Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore. These exploits allow threat actors to deploy reverse shells and web shells, granting them persistent…
Cybersecurity researchers from Rapid7 have uncovered a concerning link between threat actors who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 and a previously unreported SQL injection flaw in PostgreSQL. This newly identified vulnerability, designated as CVE-2025-1094, has been assigned…
Government, Industry Specific Cybersecurity Programs, Workforce Face Disruption If Congress Fails to Act Chris Riotta (@chrisriotta) • September 26, 2025 Image: Keith Lamond/Shutterstock The U.S. Congress faces a critical deadline, with only four days remaining to prevent a government shutdown and the termination of a pivotal public-private threat-sharing law. This…
Recent cybersecurity advisories from U.S. intelligence and cybersecurity agencies have revealed that North Korean state-sponsored hackers are utilizing Maui ransomware to specifically target the healthcare sector since at least May 2021. The advisory indicates that compromised servers responsible for essential healthcare services—including electronic health records, diagnostic imaging, and internal communication…
Recent cyber activity has revealed significant vulnerabilities and breaches affecting U.S. federal agencies and corporations, highlighting the ongoing threats in the cybersecurity landscape. The Cybersecurity and Infrastructure Security Agency (CISA) reported that hackers exploited a known vulnerability in an open-source geospatial data server, leading to the deployment of a web…
