Topic: financial motivation
-
State Hackers Exploit Most Software Vulnerabilities
State-sponsored hackers were responsible for over half of all attributed software vulnerability exploits in the first half of 2025, primarily targeting critical infrastructure and enterprise systems for espionage rather than financial gain. Chinese state-linked groups dominated these activities, ...
Read More » -
Discord data breach exposes user support tickets to hackers
A security breach at Discord exposed sensitive user data after hackers infiltrated a third-party customer support provider, impacting users who had submitted support tickets. The attackers obtained personal details like names, email addresses, message content, and even official ID images, demandi...
Read More » -
Microsoft: Hackers Steal University Payroll in Pirate Attacks
Storm-2657, a cybercrime group, has been targeting U.S. university payroll systems since March 2025, primarily compromising Workday accounts through sophisticated social engineering and exploiting weak multifactor authentication. The attackers use highly customized phishing emails, such as fake c...
Read More » -
Oracle Hackers Target Executives with Extortion Emails
A sophisticated hacking campaign is targeting top-level executives at major corporations with extortion emails, claiming to have stolen sensitive data from Oracle's widely used business software products, though these claims remain unverified. The attackers, linked to the Clop ransomware gang, us...
Read More » -
Microsoft Thwarts Ransomware Attack on Teams Users
Microsoft invalidated over 200 fraudulent digital certificates to disrupt a ransomware campaign that used fake Teams installers, blocking the Rhysida ransomware's distribution network in early October. The attack, orchestrated by the Vanilla Tempest group, involved malvertising and spoofed websit...
Read More » -
Phishing Alert: Fake NDAs Sent Via "Contact Us" Forms Target Manufacturers
A sophisticated phishing campaign targets industrial and supply chain firms using deceptive "Contact Us" forms and prolonged professional emails to bypass security and build trust. Attackers use fake NDAs and malicious ZIP files to deploy the "MixShell" backdoor, which employs DNS tunneling for s...
Read More » -
Phishing Leads EU Cyber Intrusions, ENISA Reports
Phishing was the leading initial attack method in the EU, responsible for 60% of intrusions, with outdated mobile and OT systems being prime targets. DDoS attacks comprised 77% of all incidents, largely driven by hacktivism, but only 2% caused service disruptions, with groups like NoName057(16) e...
Read More » -
Google Exposes Internal Security Threats
The profile of cybercriminals is shifting from state-sponsored actors to individuals, including teenagers in Western nations, who pose a growing internal threat. Groups like Scattered Spider, composed of minors from allied countries, engage in diverse criminal activities from sextortion to ransom...
Read More »
