Featured
ESXi Ransomware Attacks Surge with $5M Average Demands, Threatening Virtual Infrastructure
Cybercriminals are increasingly targeting VMware ESXi servers with sophisticated ransomware attacks, demanding ransoms averaging $5 million. The attacks leverage modified Babuk malware to compromise vCenter systems and encrypt critical virtualization files, highlighting urgent needs for enhanced security measures.
Chinese Hackers Target Japan: 210 State-Backed Cyberattacks Expose Critical Infrastructure
A Chinese hacking group called Mirror Face has conducted over 200 sophisticated cyberattacks against Japanese government and private organizations between 2019-2024. The attacks, linked to China's Ministry of State Security, targeted aerospace, defense and technology sectors through malware-laden email campaigns.
Linux CPU Usage Bug: The Mystery of the Perpetual 100% Utilization
A perplexing Linux kernel bug causing false 100% CPU usage readings on ARM processors has finally been resolved. The fix, available in kernel 6.2, corrects how the system tracks idle time through proper timer register handling.
Tech Company Develops Novel Detection System for Russia's Unjammable Fiber-Optic Drones
As Russian forces deploy sophisticated fiber-optic tethered drones that resist electronic jamming in Ukraine, American-Ukrainian company Kara Dag has developed an innovative detection system combining microphones and infrared lasers. The technology promises to help Ukrainian forces counter these dangerous weapons that have proven effective at destroying armored vehicles.
Cannabis Retailer STIIIZY Hit by Major Customer Data Breach, Exposing ID Documents
Premium cannabis retailer STIIIZY disclosed a significant data breach exposing customer identification documents and transaction records at multiple California locations. The Everest cybercrime group claimed responsibility for compromising hundreds of thousands of records through a vendor's point-of-sale system.
PayPal Users Targeted by Sophisticated Microsoft 365-Based Phishing Scam
A newly discovered phishing campaign exploits legitimate PayPal infrastructure and Microsoft 365 to hijack user accounts. The sophisticated attack bypasses traditional security by using authentic payment request notifications and URLs, making detection particularly challenging.
Chinese Hackers Exploit Critical Ivanti Vulnerability in Sophisticated Attack Campaign
UNC5337, a Chinese threat group, has launched a new attack exploiting a critical vulnerability in Ivanti Connect Secure devices, deploying sophisticated malware tools. Over 2,000 ICS instances may be vulnerable across multiple countries, prompting urgent patching and security measures.
New 'Fickle Stealer' Malware Emerges with Advanced Evasion and Data Theft Capabilities
A sophisticated Rust-based malware dubbed 'Fickle Stealer' has been discovered using multiple attack vectors and advanced anti-detection methods. The threat actively targets cryptocurrency wallets, browsers, and communication apps while employing complex techniques to evade security controls.
Former Disney Employee Faces Charges for Malicious Menu System Hack
A former Disney manager faces federal charges after hacking restaurant menu systems post-termination, dangerously altering allergen information and launching cyberattacks against colleagues. The case highlights cybersecurity vulnerabilities and potential real-world safety impacts of unauthorized system access.