A recent report highlights the cyber espionage group APT41, tied to a series of malware campaigns that leverage COVID-themed phishing strategies to target individuals in India. This revelation comes from an analysis by the BlackBerry Research and Intelligence team, which has connected various aspects of the group’s operational infrastructure. According…
A financially motivated threat group, identified as FIN12, has been linked to a series of RYUK ransomware incidents since October 2018. This organization demonstrates significant collaboration with TrickBot-affiliated actors while utilizing publicly accessible tools like Cobalt Strike Beacon payloads to penetrate victim networks. Cybersecurity firm Mandiant has attributed these security…
Recently, the 32nd edition of the RSA Conference, one of the premier cybersecurity events worldwide, concluded in San Francisco. Among the notable insights shared, Kevin Mandia, CEO of Mandiant at Google Cloud, delivered an impactful keynote focusing on the current state of cybersecurity. Mandia highlighted that organizations can enhance their…
On October 17, 2025, Envoy Air, a Texas-based regional airline and the largest carrier under American Airlines, confirmed that it was recently compromised due to a series of cyberattacks exploiting a zero-day vulnerability in a major corporate software application. The hacks were executed by CL0P, a notorious ransomware group known…
Numerous digital infrastructures—primarily managed by the US government and major Fortune 500 companies—are currently under an “imminent threat” of breaches from nation-state hacking groups, following an alarming breach of a leading software provider, as warned by federal authorities on Wednesday. F5 Networks, a Seattle-based provider of networking solutions, publicly acknowledged…
New Malware Threat “WhisperGate” Targets Ukrainian Entities Amid Geopolitical Tensions On Saturday, cybersecurity experts from Microsoft revealed the emergence of a new malware operation identified as “WhisperGate.” This sophisticated form of malware is primarily aimed at government entities, non-profits, and IT organizations within Ukraine, amid escalating geopolitical tensions with Russia.…
F5 Networks Faces Security Concerns Amid Reports of Compromise In a troubling development for cybersecurity, F5 Networks has reported that its BIG-IP appliances, crucial for load balancing and data encryption at the network edge, may have been compromised. These devices are positioned strategically within networks, enabling them to facilitate traffic…
On December 23, 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical vulnerability affecting Acclaim Systems USAHERDS to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows verifiable evidence that the flaw has been actively exploited. The vulnerability, identified as CVE-2021-44207, has a CVSS…
In September 2025, SonicWall disclosed a data breach affecting its cloud backup service, initially indicating that fewer than 5% of its clients were impacted. However, this assessment has evolved as SonicWall, in collaboration with incident response firm Mandiant, has confirmed that attackers accessed backup configuration files for all customers utilizing…
