Topic: state-sponsored attacks
-
EU Cyberattacks Increasingly Target Critical Infrastructure
The ENISA Threat Landscape 2025 report reveals a significant increase in cyberattacks targeting operational technology systems, which now account for 18.2% of all documented threats, driven by their growing interconnectedness and deliberate targeting by malicious actors. Pro-Russian hacker groups...
Read More » -
Phishing Leads EU Cyber Intrusions, ENISA Reports
Phishing was the leading initial attack method in the EU, responsible for 60% of intrusions, with outdated mobile and OT systems being prime targets. DDoS attacks comprised 77% of all incidents, largely driven by hacktivism, but only 2% caused service disruptions, with groups like NoName057(16) e...
Read More » -
Chinese Hackers Exploiting VMware Zero-Day Since 2024
A critical privilege escalation vulnerability (CVE-2025-41244) in Broadcom's VMware software has been actively exploited since October 2024, allowing attackers to gain root-level control over affected virtual machines. The exploitation has been attributed to UNC5174, a Chinese state-sponsored thr...
Read More » -
Google Patches Critical Chrome Zero-Day Flaw (CVE-2025-10585)
Google has released an urgent security update for Chrome to fix a zero-day vulnerability (CVE-2025-10585) that is being actively exploited, particularly by state-sponsored threat actors. The flaw is a type confusion issue in Chrome's V8 JavaScript engine, marking the second such vulnerability pat...
Read More » -
Cisco ASA Firewalls Remain Vulnerable to Zero-Day Attacks
Approximately 48,000 Cisco ASA devices remain vulnerable to active zero-day attacks, posing ongoing risks globally, with the majority located in the U.S. and other key countries. Attackers have used advanced tactics, including disabling logging and intercepting commands, to exploit vulnerabilitie...
Read More »