June 5, 2025

Hackers Exploit Salesforce Tool in New Data Extortion Campaign

A new cyberattack campaign uncovered by Google's Threat Intelligence team reveals how attackers are increasingly blurring the lines between legitimate software tools and malicious intent. In this case, hackers exploit a Salesforce tool to infiltrate corporate environments, exfiltrate data, and launch extortion attempts against affected organizations. Voice Phishing Leads to Compromise The attackers, identified by Google as UNC6040, are using

Hackers Exploit Salesforce Tool
June 3, 2025

Spear Phishing Campaign Targets CFOs and Abuses Legit Tools

A sophisticated spear phishing campaign that specifically targets CFOs (Chief Financial Officers) was recently uncovered by cybersecurity firm Trellix. This ongoing operation, first detected in mid-May 2025, has already affected organizations spanning Europe, Africa, Canada, the Middle East, and South Asia. The campaign’s method? A clever blend of social engineering and abuse of legitimate remote access software. Anatomy of the

Spear Phishing Campaign Targets CFOs
May 30, 2025

DragonForce Ransomware Hits MSPs via SimpleHelp

In a chilling reminder of the risks posed by insecure remote access tools, the ransomware group DragonForce has launched a sophisticated supply chain attack by exploiting critical vulnerabilities in SimpleHelp, a remote monitoring and management (RMM) platform widely used by Managed Service Providers (MSPs). The campaign, first uncovered by researchers at Group-IB, reveals how three recently discovered vulnerabilities in SimpleHelp

DragonForce Ransomware
May 29, 2025

AyySSHush Botnet Hacks ASUS Routers to Add SSH Backdoor

The newly discovered AyySSHush botnet campaign has silently compromised over 9,000 ASUS routers, installing a persistent SSH backdoor using a series of sophisticated and stealthy techniques. The campaign highlights a growing threat to home and small office routers, leveraging legitimate features to maintain control, all without deploying traditional malware. Security researchers at GreyNoise uncovered the campaign in mid-March 2025, but

AyySSHush Botnet
May 28, 2025

Coca Cola Data Breach Leaks Employee Info

In May 2025, Coca-Cola suffered a data breach - and not one, but two within days! These breaches exposed sensitive employee information and millions of internal Salesforce records, highlighting critical vulnerabilities in Coca-Cola’s security ecosystem. This incident serves as a stark reminder of the growing threat of sophisticated cybercriminals targeting multinational corporations. Everest Ransomware Targets Employee Information The first major

Coca Cola Data Breach
May 28, 2025

Adidas Data Breach Confirmed, Customer Info Leaked

Adidas has disclosed a data breach that exposed personal details of customers after a cyberattack targeted one of its external service providers. The incident, which occurred in May 2025, affected individuals who had previously contacted the company’s customer support. What Information Was Leaked? The breach involved unauthorized access to non-sensitive personal information. According to Adidas, the exposed data includes full

Adidas Data Breach
May 24, 2025

Aisuru Botnet Launches Devastating DDoS Attack

A recent attack on KrebsOnSecurity has set a new benchmark for the scale and speed of digital warfare. Central to this unprecedented 6.3 Tbps distributed denial-of-service (DDoS) attack is Aisuru, a recently discovered botnet powered by compromised Internet of Things (IoT) gadgets. Unlike traditional attacks, this one lasted less than a minute, packed enough power to cripple most online infrastructures.

Aisuru Botnet
May 22, 2025

Ivanti EPMM Security Flaws Exploited By Hackers

Two newly identified Ivanti Endpoint Manager Mobile (EPMM) security flaws, are under active exploitation by a sophisticated hacking group believed to be operating from China. The vulnerabilities, when used together, enable attackers to bypass authentication and remotely execute malicious code, potentially giving them full control of targeted systems. The Vulnerabilities Explained Security experts have flagged two critical issues in Ivanti’s

Ivanti EPMM security flaws
May 20, 2025

UK Legal Aid Agency Data Breach: Sensitive Information Stolen

The UK Legal Aid Agency (LAA) has confirmed a significant data breach following a cyberattack. The attack compromised sensitive personal information of legal aid applicants, some of which dates back as far as 2010. The breach, uncovered on April 23, 2025, has sparked serious concerns about data protection in the public sector and the security of vulnerable individuals relying on

UK Legal Aid Agency Data Breach
May 20, 2025

RVTools Website Hacked to Spread Bumblebee Malware

In a concerning case of software supply chain compromise, the official RVTools website was hacked to distribute malware. RVTools is a trusted utility used by VMware administrators. The installer, normally used to help IT professionals audit virtual environments, was tampered with to deliver the Bumblebee malware loader, a known precursor to ransomware attacks. This incident underscores the persistent and growing

RVTools Website Hacked