Stealing user credentials with evilginx
A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope
Similar Posts
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown
Bys sINTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. “The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation,” the agency said. The effort is the second phase of an ongoing law
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, CVE-2025-55182 (CVSS score: 10.0), relates to a case of remote code execution that could be triggered by…
HHS Office for Civil Rights Settles 8th Ransomware Investigation with Elgon Information Systems
Bys sToday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced an $80,000 settlement with Elgon Information Systems (Elgon), a Massachusetts company that provides electronic medical record and billing support services to covered entities, under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. OCR enforces the HIPAA Privacy,…
Russian-linked hackers target UK Defense Ministry while posing as journalists
Bys sMartin Fornusek reports: Russian-linked hackers targeted U.K. Defense Ministry staff in an espionage operation while posing as journalists, Sky News reported on May 29, citing the British government. The cyber attack was detected and thwarted, the government said. Speaking to reporters at a government facility where a team had disrupted the Russian-backed operation, U.K. Defense Minister John Healey revealed the…
Anne Arundel ransomware attack compromised confidential health data, county says
Bys sAlex Mann reports: A February cyberattack compromised confidential data of patients who received care from the Anne Arundel County Department of Health, officials said. For the first time Thursday, county officials offered greater detail about the breach that temporarily closed county government buildings and disrupted several services for residents. Officials said in a news release that the…
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
Bys sA China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025. The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf…