Connex Credit Union has experienced a significant data breach, impacting the personal information of 172,000 members. A legal investigation is underway, with experts advising victims to closely monitor accounts for potential fraud and identity theft. In a recent security incident, Connex Credit Union, one of Connecticut’s largest financial institutions, revealed…
In a significant cybersecurity breach, Allianz Life, a major US insurance firm, has had 2.8 million sensitive records exposed following a data leak linked to ongoing Salesforce attacks. These stolen records contain critical information pertaining to both business partners and customers, highlighting a troubling trend in the escalating sophistication of…
Connex Credit Union, one of the largest financial cooperatives in Connecticut, has alerted tens of thousands of its members that their personal and financial information may have been compromised due to a cyberattack that breached its systems in early June. Established in 1940, Connex operates as a non-profit, member-owned entity…
Scattered Spider Compromises VMware ESXi to Launch Ransomware Against Critical U.S. Infrastructure
July 28, 2025
Cyber Attack / Ransomware
The infamous cybercrime group Scattered Spider is targeting VMware ESXi hypervisors in a series of attacks against the retail, airline, and transportation sectors in North America. According to an in-depth analysis by Google’s Mandiant team, “The group’s core tactics remain unchanged and do not depend on software exploits. Instead, they employ a strategic playbook that primarily involves phone calls to IT help desks.” The actors are described as aggressive and innovative, particularly adept at using social engineering to bypass even robust security systems. Their operations are precision-driven campaigns focused on the most critical systems and data of their victims. Also known as 0ktapus, Muddled Libra, Octo Tempest, and UNC3944, these threat actors have a track record of executing sophisticated social engineering tactics to gain initial access to target environments, subsequently employing a “living-off-the-land” (LotL) strategy by leveraging trusted administrative tools.
Scattered Spider Breaches VMware ESXi to Launch Ransomware Attacks on Critical U.S. Infrastructure July 28, 2025 In a concerning escalation of cyber threats, the cybercriminal group known as Scattered Spider has been orchestrating targeted attacks on VMware ESXi hypervisors, primarily affecting sectors such as retail, airlines, and transportation across North…
Scattered Spider Compromises VMware ESXi to Launch Ransomware Against Critical U.S. Infrastructure
July 28, 2025
Cyber Attack / Ransomware
The infamous cybercrime group Scattered Spider is targeting VMware ESXi hypervisors in a series of attacks against the retail, airline, and transportation sectors in North America. According to an in-depth analysis by Google’s Mandiant team, “The group’s core tactics remain unchanged and do not depend on software exploits. Instead, they employ a strategic playbook that primarily involves phone calls to IT help desks.” The actors are described as aggressive and innovative, particularly adept at using social engineering to bypass even robust security systems. Their operations are precision-driven campaigns focused on the most critical systems and data of their victims. Also known as 0ktapus, Muddled Libra, Octo Tempest, and UNC3944, these threat actors have a track record of executing sophisticated social engineering tactics to gain initial access to target environments, subsequently employing a “living-off-the-land” (LotL) strategy by leveraging trusted administrative tools.
Scattered Spider Launches New Telegram Channel to Disclose Attacks In a recent development in the world of cybersecurity, the notorious threat actor group known as Scattered Spider has established a Telegram channel dedicated to publicizing its cyberattacks. This move appears to be part of a broader strategy to amplify its…
This week in cybersecurity has shed light on critical vulnerabilities and significant criminal activity affecting major organizations. Precision is paramount in this field; minor oversights can cascade into enormous security breaches. In this context, notable incidents underline systemic issues, such as reliance on outdated tools, sluggish risk responses, and a…
Surge in Cybercrime: Alarming Trends in Ransomware and Infostealer Attacks Recent research highlights a significant escalation in cybercrime activity throughout 2025, characterized by substantial increases across various types of threats. Notably, there has been a staggering 800% rise in credential theft attributed to information-stealing malware, defining identity theft as a…
Pandora, the globally recognized jewellery brand, has announced that it fell victim to a cyber attack that led to unauthorized access to certain customer data. The breach, which was communicated to customers via email, originated from a third-party platform rather than Pandora’s internal systems, raising concerns about the security of…
A recent report from CrowdStrike Holdings Inc. has highlighted a significant increase in the sophistication of cyber adversaries, shedding light on evolving methodologies in the landscape of cybersecurity threats. The report, titled the CrowdStrike 2025 Threat Hunting Annual Report, reveals that cloud-centered attacks, identity-driven breaches, and the advent of generative…
