Author: s s

Just 58 CVEs to spar with in February, but plenty are already under attack Categories: Threat Research, X-ops Tags: Patch Tuesday, Microsoft, Windows

Agentic AI promises a lot – but it also introduces more risk. Sophos’ CISO explores the challenges and how to address them Categories: Threat Research Tags: AI, LLM, OpenClaw, CISO, risk, Sophos X-Ops

Heekyong Yang and Hyunjoo Jin report:  South Korean officials blamed a massive data leak last year at Coupang on management failure, rather than a sophisticated cyberattack, and urged the e-commerce giant to fix vulnerabilities in its security systems. Announcing the first findings of a government-led probe, the Science Ministry said on Tuesday a former Coupang……

Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG). The tech giant’s threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking…

A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and

A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services sectors, according to findings from Cisco Talos. “This threat actor seems to have been active since 2019, although they have not necessarily used VoidLink over the duration of…

Categories: Products & Services Tags: Firewall

The South Korean regulator has imposed fines on three LVMH luxury brands in the wake of data breaches previously reported on this site. A machine translation of the South Korean notice indicates that the Personal Information Protection Commission imposed fines of  36.033 billion won USD $24,925,824.15 and penalties of 10.8 million won $7,472.78. on three luxury……

Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.

Erin Schilling and Erin Slowey report: The IRS’ improper disclosure of thousands of immigrants’ personal information to the Department of Homeland Security fulfilled early warnings that the data-sharing deal between the agencies would put taxpayer data at risk. The IRS and DHS in April 2025 agreed to share data of immigrants to help with criminal……