New Malware Threat “WhisperGate” Targets Ukrainian Entities Amid Geopolitical Tensions On Saturday, cybersecurity experts from Microsoft revealed the emergence of a new malware operation identified as “WhisperGate.” This sophisticated form of malware is primarily aimed at government entities, non-profits, and IT organizations within Ukraine, amid escalating geopolitical tensions with Russia.…
F5 Networks Faces Security Concerns Amid Reports of Compromise In a troubling development for cybersecurity, F5 Networks has reported that its BIG-IP appliances, crucial for load balancing and data encryption at the network edge, may have been compromised. These devices are positioned strategically within networks, enabling them to facilitate traffic…
On December 23, 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical vulnerability affecting Acclaim Systems USAHERDS to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows verifiable evidence that the flaw has been actively exploited. The vulnerability, identified as CVE-2021-44207, has a CVSS…
In September 2025, SonicWall disclosed a data breach affecting its cloud backup service, initially indicating that fewer than 5% of its clients were impacted. However, this assessment has evolved as SonicWall, in collaboration with incident response firm Mandiant, has confirmed that attackers accessed backup configuration files for all customers utilizing…
Security Flaw in Oracle E-Business Suite Exposes Multiple Organizations to Cyber Threats On October 10, 2025, a report from Google Threat Intelligence Group (GTIG) and Mandiant confirmed a significant zero-day exploitation of a security vulnerability in Oracle’s E-Business Suite (EBS) software. This flaw has potentially affected numerous organizations since its…
Salesforce is facing a serious cybersecurity threat as a criminal syndicate, identifying itself as Scattered LAPSUS$ Hunters, has made allegations of stealing around one billion records from multiple Salesforce customers. The group initiated this extortion campaign back in May, utilizing voice calls to reach organizations that utilize Salesforce for data…
Ukraine’s Computer Emergency Response Team (CERT-UA) has issued a warning regarding cyber attacks orchestrated by Belarusian state-sponsored hackers, aimed at military personnel and associated individuals amid the ongoing conflict in Ukraine. This phishing campaign is significant as it targets accounts affiliated with the Ukrainian military, specifically personal accounts hosted on…
An independent security researcher has unveiled a detailed timeline concerning the breach orchestrated by the LAPSUS$ extortion group, notably affecting Okta, a provider of authentication services. The breach was linked to a third-party service provider, Sitel, in late January 2022. Bill Demirkapi shared a two-page “intrusion timeline” on Twitter, suggesting…
Cybersecurity professionals are on high alert as a group with alleged connections to the notorious Cl0p ransomware gang has been sending a series of emails to businesses, threatening to expose data purportedly stolen from Oracle’s E-Business Suite. This software is widely used for managing critical business operations, including finance and…
