Barracuda Networks disclosed a serious cybersecurity incident involving a zero-day vulnerability within its Email Security Gateway (ESG) appliances, allegedly exploited by Chinese threat actors. This vulnerability has been designated as CVE-2023-7102 and has led to the deployment of backdoors on a select number of affected devices. The vulnerability involves an…
Recent reports have detailed a sophisticated cybersecurity incident affecting Ivanti Connect Secure (ICS) VPN appliances, where suspected nation-state actors have exploited two critical zero-day vulnerabilities since early December 2023. The vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have enabled attackers to deploy multiple malware families, allowing them to bypass authentication mechanisms…
Mass Exploitation of SSRF Vulnerability in Ivanti Products A significant server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure and Policy Secure products has been widely exploited. Recent reports indicate that attacks are emanating from over 170 distinct IP addresses, indicating a coordinated effort to establish unauthorized access, including reverse…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese-Linked Malware Campaign Targets Critical Environments With Weak Monitoring Chris Riotta (@chrisriotta) • December 4, 2025 Image: Shutterstock The U.S. federal government has issued a warning regarding a sophisticated malware campaign linked to Chinese state-sponsored actors, known as Brickstorm. This malicious software…
A threat group linked to China has exploited vulnerabilities in Connectwise ScreenConnect and F5 BIG-IP software, deploying customized malware capable of installing additional backdoors on compromised Linux systems. This aggressive campaign is under surveillance by Mandiant, a Google subsidiary, which refers to the activity by the identifier UNC5174, also known…
Cybersecurity Incident: Accellion File Transfer Appliance Targeted by UNC2546 Cybersecurity researchers reported a significant data theft and extortion campaign linked to a series of attacks targeting Accellion File Transfer Appliance (FTA) servers. The cybercrime group identified as UNC2546 has been active in executing these attacks over the last two months.…
EXCLUSIVE ShinyHunters has reportedly taken responsibility for a security breach at Gainsight, further compromising the data of numerous Salesforce customers. This breach expands the ongoing ramifications of earlier cyber incidents, particularly the Salesloft Drift hack from earlier this year, which ShinyHunters claims provided them with the initial access to Gainsight’s…
Mimecast Acknowledges Source Code Breach Linked to SolarWinds Attack In a recent disclosure, email security firm Mimecast announced that it fell victim to the state-sponsored attackers behind the SolarWinds breach, illustrating the ongoing risks associated with sophisticated cyber threats. The incident, detailed in their findings, revealed unauthorized access to some…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Iranian Hacking Group Unleashes Array of Custom Malware Variants Akshaya Asokan (asokan_akshaya) • November 18, 2025 Image: Evgeniyqw/Shutterstock Google has issued a warning regarding a state-sponsored Iranian hacking group known for targeting the aerospace and defense sectors in the Middle East. This…
