Topic: threat actor
-
Microsoft Nukes 200+ Fake Certificates in Teams Malware Attack
Microsoft revoked over 200 fraudulent certificates used by cybercriminals to distribute malware via fake Microsoft Teams installation files, a campaign linked to the Vanilla Tempest group. The attackers employed SEO poisoning and malvertising to trick users into downloading malicious files, which...
Read More » -
US Nuclear Plant Hacked Through SharePoint Vulnerabilities
A foreign actor breached the Kansas City National Security Campus by exploiting unpatched Microsoft SharePoint vulnerabilities, revealing critical cybersecurity flaws in sensitive government infrastructure. The compromised facility, managed by Honeywell FM&T for the NNSA, produces essential non-n...
Read More » -
17 Million Hit by Prosper Data Breach Exposing Personal Info
A data breach at Prosper exposed the personal information of about 17.6 million customers, including sensitive details like names, Social Security numbers, and government IDs. The breach was caused by unauthorized database queries, but the company quickly revoked access and reported no disruption...
Read More » -
Google: Clop Hackers Stole Major Data in Oracle Breach
The Clop ransomware group breached Oracle's E-Business Suite starting around August 9, exploiting a zero-day vulnerability (CVE-2025-61882) to steal corporate data before patches were available. Victims received extortion emails from Clop affiliates demanding payment to prevent public data releas...
Read More » -
Libraesva ESG Zero-Day Exploited in Active Attacks (CVE-2025-59689)
A critical zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway is being actively exploited by a suspected state-sponsored actor, allowing arbitrary command execution on affected systems. The flaw is a command injection vulnerability caused by improper input sanitizatio...
Read More » -
Insight Partners Warns Thousands Following Ransomware Attack
Insight Partners suffered a cybersecurity breach due to a sophisticated social engineering attack, exposing sensitive personal and financial data of thousands. The breach occurred from October 2024 to January 2025, compromising banking details, employee records, and information on partners and po...
Read More » -
Malicious npm Code Infiltrated 10% of Cloud Environments
A supply chain attack using malicious npm packages has compromised about 10% of cloud environments, initiated by a threat actor who hijacked a developer's account to publish trojanized packages. The malicious code, which embedded crypto-stealing malware to intercept and reroute cryptocurrency tra...
Read More » -
Fake npm 2FA Reset Email Used to Hijack Popular Code Packages
A phishing campaign compromised at least 18 widely used JavaScript npm packages, injecting malicious code to hijack cryptocurrency transactions and highlighting supply chain vulnerabilities. The attack began when a developer fell for a convincing phishing email, allowing the threat actor to take ...
Read More » -
Avnet Data Breach: Stolen Data Deemed Unreadable
Avnet confirmed a data breach involving externally hosted cloud storage, where unauthorized individuals accessed a database for an internal sales application in the EMEA region, but the proprietary platform itself was not compromised. The company detected the intrusion on September 26, immediatel...
Read More »
