DragonForce targets rivals in a play for dominance
Not content with attacking retailers, this aggressive group is fighting a turf war with other ransomware operators
Similar Posts
WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts
Bys sA critical security flaw impacting a WordPress plugin known as King Addons for Elementor has come under active exploitation in the wild. The vulnerability, CVE-2025-8489 (CVSS score: 9.8), is a case of privilege escalation that allows unauthenticated attackers to grant themselves administrative privileges by simply specifying the administrator user role during registration. It affects versions
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
Bys sThe threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has expanded to also single out Uzbekistan, Group-IB researchers Amirbek Kurbanov and Volen Kayo said in a report…
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
Bys sA recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. “Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today. Targets of the campaign
South Korea government is promoting bill for statutory damages for personal information leaks.
Bys sKwon Soon-wan reports: The Democratic Party of Korea and the government are pushing for a bill that would hold companies liable for damages in personal information leaks even in the absence of intent or negligence. It was reported on the 10th that the ruling and government parties intend to apply this law retroactively to past……
Supreme Court declines to weigh in on FQHC’s patient data security liability
Bys sDave Muoio reports: The Supreme Court has declined to hear a case on whether a Federally Qualified Health Center is immune from liability over a former patient’s stolen personally identifying information (PII). The class-action lawsuit stemmed from a patient who received care and provided that information to Sandhills Medical Foundation, an FQHC, in 2018. The…
Suspected cyberattack disrupts Circle K chain’s operations in Hong Kong
Bys sDaryna Antoniuk reports: Convenience store chain Circle K said a “network disruption” has paralyzed its Hong Kong operations for several days, forcing nearly 400 outlets across the city to suspend most electronic payment and loyalty services. The retailer said the incident, first reported over the weekend, affected e-payment systems, email services, and loyalty programs. Circle……