DragonForce targets rivals in a play for dominance
Not content with attacking retailers, this aggressive group is fighting a turf war with other ransomware operators
Similar Posts
CISA steps in to help Nevada state government recover from cyberattack
Bys sJonathan Greig reports: Federal officials are working with Nevada’s state government to help it recover from a cyberattack discovered on Sunday. The Cybersecurity and Infrastructure Security Agency (CISA) said it has been working with the FBI and other agencies to help the state get back online safely while investigating the origins of the attack and rebuilding……
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
Bys sU.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker. The vast array of sites in question peddled…
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below – CVE-2025-0108 (CVSS score: 7.8) – An authentication bypass vulnerability in the Palo Alto…
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
Bys sA European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access. Salt Typhoon, also…
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
Bys sA Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET. The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It…
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
Bys sEnterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a “magic packet” sent by the threat actor in TCP traffic. “J-magic…