A group of Iranian hackers, identified as Nimbus Manticore, is broadening its activities with a new focus on major enterprises across Europe. Recent findings from cybersecurity firm Check Point Research (CPR) indicate that this group is particularly targeting organizations within the defense, telecommunications, and aerospace sectors to obtain sensitive data.…
Data Breach at Stellantis Exposes Customer Information Stellantis, a prominent multinational automaker with brands like Chrysler, Jeep, and Fiat, has reported a data breach that implicates customer information following unauthorized access to a third-party service provider. This incident raises significant concerns regarding data security practices within the automotive industry and…
Recent investigations have revealed a sophisticated malware campaign deploying a remote access trojan (RAT) called AsyncRAT, utilizing Python payloads and TryCloudflare tunnels for distribution. Forcepoint X-Labs researcher Jyotika Singh indicated that AsyncRAT capitalizes on the async/await programming model, allowing attackers to covertly access and manipulate infected systems, exfiltrate data, and…
Cybercrime, Fraud Management & Cybercrime Colt Services Faces Ongoing Outages; Finland Charges U.S. National in Vastaamo Hack Anviksha More (AnvikshaMore) • September 18, 2025 Image: Shutterstock/ISMG Each week, Information Security Media Group compiles cybersecurity incidents worldwide. Recently, Microsoft dealt a significant blow to RaccoonO365, outages at Colt Technology Services continue,…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development AP2 Protocol Introduces ‘Mandates’ to Ensure Accountability in Agent-Led Transactions Rashmi Ramesh (rashmiramesh_) • September 17, 2025 Image: Shutterstock/ISMG In an innovative move, Google has unveiled a new “agent payments protocol,” enabling artificial intelligence to facilitate consumer shopping while ensuring…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime MuddyWater Resumes Use of Bulletproof Hosting and Custom Malware Mathew J. Schwartz (euroinfosec) • September 17, 2025 Image: Iurii Stepanov/Shutterstock An Iranian state-sponsored hacking group, MuddyWater, is reportedly reviving its tactics by incorporating Microsoft Office documents with malicious macros into its attack…
A recent phishing assault has emerged, allegedly utilizing counterfeit PDF documents hosted on the Webflow content delivery network (CDN) with the aim of capturing credit card data and executing financial fraud. This operation specifically targets individuals searching for academic materials or documents through search engines. According to Netskope Threat Labs…
Recent advancements in open-source tools have inadvertently contributed to a significant supply chain breach, originating from a focused attack that swiftly expanded, compromising sensitive information across multiple projects. This breach highlights how a manipulated GitHub Action, designed to analyze changed files, evolved from targeting specific projects like Coinbase into a…
In early September 2023, Qrator Labs identified and successfully mitigated one of the year’s most consequential Layer 7 DDoS attacks, executed by what is currently recognized as the largest botnet in existence. This attack targeted a government organization and exploited 5.76 million compromised Internet of Things (IoT) devices, among other…
