The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported a security breach involving a federal agency, attributed to threat actors affiliated with the Iranian government. The attackers exploited the Log4Shell vulnerability found in an unpatched VMware Horizon server, demonstrating a sophisticated exploitation technique. The breach, which occurred between mid-June…
WikiLeaks Reveals CIA’s ELSA Malware for Geo-Location Tracking In a recent disclosure, WikiLeaks has unveiled a new segment of its ongoing Vault 7 leak, showcasing a sophisticated malware tool named ELSA. This spyware is designed specifically for tracking the geo-location of Microsoft Windows-based PCs and laptops. The malware operates by…
Cybersecurity Update: AI-Powered Attack on Fortinet Firewalls and Other Breaches In a recent development in the cybersecurity landscape, a financially motivated threat actor, reportedly Russian-speaking, has leveraged commercial AI toolkits to compromise over 600 Fortinet firewalls. This operation was first identified by the AWS security team, indicating that the activity…
On Tuesday, the U.S. National Security Agency (NSA) issued a warning regarding a cyber threat from a group known as APT5, or Bronze Fleetwood, which has been actively exploiting a zero-day vulnerability in Citrix Application Delivery Controller (ADC) and Gateway systems. This security flaw, cataloged as CVE-2022-27518, represents a critical…
Microsoft has recently escalated the severity rating of a previously patched security vulnerability from September 2022, now classifying it as “Critical.” This update follows findings that the vulnerability poses risks of remote code execution, significantly heightening its threat level. Identified as CVE-2022-37958 with a CVSS score of 8.1, the issue…
Fraud Management & Cybercrime, Governance & Risk Management, Remote Workforce Encouraging Thorough Verification of Candidates’ Identities Greg Sirico • February 20, 2026 An AI-manipulated image showcasing the deceptive capabilities used by certain North Korean workers. (Image: KnowBe4) Remote IT workers from North Korea present an intricate challenge for employers. Known…
Cybersecurity Alert: CCleaner Hack Targets Major Tech Firms A group of unidentified hackers recently compromised the download server of CCleaner, a widely used system optimization application, to distribute a harmful version of the software. This malicious version affected at least 20 significant technology companies, functioning as a conduit for a…
Cryptocurrency Fraud, Fraud Management & Cybercrime, Next-Generation Technologies & Secure Development Insights from Ruchin Kumar at Futurex on CBDC Adoption and HSM Security for Transactions Brian Pereira (creed_digital) • February 13, 2026 Ruchin Kumar, Vice President – South Asia, Futurex Central Bank Digital Currencies (CBDCs) are increasingly being recognized as…
In its March 2023 Patch Tuesday update, Microsoft disclosed fixes for 80 security vulnerabilities, two of which have been actively exploited in the wild. These vulnerabilities target critical components within the Microsoft ecosystem, with eight categorized as Critical, 71 as Important, and one as Moderate in severity. This update continues…
