A sophisticated threat actor known as Mustang Panda has been implicated in a wave of spear-phishing attacks directed at key sectors including government, education, and research from May to October 2022. According to a recent report by cybersecurity firm Trend Micro, the targeted regions include countries in the Asia Pacific,…
In a significant disclosure, Google has confirmed that hackers successfully established a counterfeit account within its Law Enforcement Request System (LERS), a vital channel utilized by authorities globally to submit official data requests. This breach, first reported by BleepingComputer, highlights the increasingly sophisticated methods that cybercriminals employ to penetrate secure…
Cybercrime, Data Security, Finance & Banking Cybercrime Collective ShinyHunters Claims 160 Million Records Compromised Mathew J. Schwartz ( euroinfosec) • September 15, 2025 The State Bank of Vietnam in Hanoi, dating back to November 22, 2016. (Image: TK Kurikawa/Shutterstock) The central bank of Vietnam is investigating a cyberattack that targeted…
Recent advancements in open-source tools have inadvertently contributed to a significant supply chain breach, originating from a focused attack that swiftly expanded, compromising sensitive information across multiple projects. This breach highlights how a manipulated GitHub Action, designed to analyze changed files, evolved from targeting specific projects like Coinbase into a…
Google has issued urgent out-of-band security updates to rectify a critical vulnerability in its Chrome browser for Windows. This flaw, designated as CVE-2025-2783 (CVSS score: 8.3), has reportedly been exploited in real-world phishing attacks aimed primarily at organizations in Russia. Described as stemming from an “incorrect handle provided in unspecified…
A recent investigation has uncovered alarming findings regarding a dataset utilized for training large language models (LLMs). This dataset reportedly contains close to 12,000 live secrets, including credentials capable of authenticating access to various services. This discovery raises significant concerns about the risks associated with hard-coded credentials. Organizations face heightened…
Recent developments have emerged regarding the Salesloft Drift breach, which has impacted over 700 organizations across the globe. New victims have come forward, adding to the severity of the incident. On August 20, Salesloft and Salesforce announced they had severed ties between Drift, an AI-powered chatbot for sales and marketing,…
Cybercrime, Fraud Management & Cybercrime, Social Engineering Skepticism Surrounds Announcement from Cybercriminal Group Akshaya Asokan • September 12, 2025 Image: Shutterstock A group of teenage hackers, known for targeting airlines, insurance firms, and casinos in both the United Kingdom and United States, has announced the cessation of their activities. Their…
This week brought a significant cybersecurity incident involving a 23-year-old Serbian activist whose Android device fell prey to a sophisticated zero-day exploit. Developed by Cellebrite, this exploit chain compromised the user’s phone, likely enabling the deployment of a spyware solution known as NoviSpy. The vulnerabilities, which exploit weaknesses in the…
