Topic: threat actor groups
-
Hackers Ditch Encryption, Focus on Data Theft and Extortion
Cybercriminals are increasingly shifting from ransomware to "encryptionless" extortion, stealing and threatening to release data without locking files, which bypasses traditional defenses. The primary attack methods involve exploiting unpatched software vulnerabilities and supply chain weaknesses...
Read More » -
Hackers Claim Resecurity Breach, Firm Calls It a Honeypot
A hacking group claimed to breach cybersecurity firm Resecurity, alleging theft of sensitive data like employee details and client lists as retaliation for social engineering attempts. Resecurity countered that the accessed systems were a deliberate honeypot, using fabricated data to lure and mon...
Read More » -
Google Shuts Down Major Residential Proxy Networks
Google dismantled the IPIDEA residential proxy network, a major tool for cybercriminals to hide malicious traffic by routing it through compromised home and business devices. The operation combined legal action, intelligence sharing, and platform security, with Google Play Protect now blocking ma...
Read More » -
How BAS AI Transforms Threats Into Defense Strategies
Traditional security methods for assessing new threats were slow and labor-intensive, creating dangerous windows of exposure while teams manually analyzed or waited for external intelligence. Early AI-driven threat emulation introduced risks like lack of transparency, potential manipulation, and ...
Read More » -
Critical Flaw Exposes 10K+ Fortinet Firewalls to 2FA Bypass
A critical five-year-old Fortinet firewall flaw (CVE-2020-12812) allows attackers to bypass two-factor authentication by altering a username's case, and over 10,000 vulnerable devices remain exposed online. Despite a patch being available since 2020, attackers are actively exploiting the vulnerab...
Read More » -
Oracle Quietly Patches Critical Zero-Day Exposed by Hackers
Oracle urgently patched a critical pre-authentication SSRF vulnerability (CVE-2025-61884) in its E-Business Suite after the ShinyHunters group leaked a working exploit, enabling unauthorized access without login credentials. Two separate threat actors, Clop and ShinyHunters, exploited distinct Or...
Read More » -
AppsFlyer SDK Hijacked to Steal Crypto in New Attack
A widely used marketing analytics tool, AppsFlyer, was compromised in a supply-chain attack where its Web SDK delivered malicious code to intercept and replace cryptocurrency wallet addresses on websites, diverting funds to attackers. Security researchers confirmed the breach, which involved obfu...
Read More » -
Advantest Hit by Ransomware Attack, Disrupting Chip Testing
Advantest, a key global semiconductor testing equipment manufacturer, confirmed a ransomware attack on its corporate network first detected in February 2026, though core production appears unaffected. The full impact, including whether sensitive customer or employee data was compromised, remains ...
Read More »