BRONZE BUTLER exploits Japanese asset management software vulnerability
The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)
Similar Posts
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
Bys sA Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their relationship with the University of International Relations,…
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package
Bys sCybersecurity researchers have discovered what has been described as the first-ever instance of a Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called “postmark-mcp” that copied an official Postmark Labs library of…
Keenan & Associates settles 2023 data breach litigation for $14M
Bys sKeenan & Associates is a benefits consulting and insurance brokerage provider in California, providing services to several sectors, including healthcare entities and educational facilities. Between August 21, 2023 and August 27, 2023, an unauthorized user accessed information relating to certain of Keenan’s customers, including names, dates of birth, Social Security numbers, passport numbers, driver’s license……
Terrible tales of opsec oversights: How cybercrooks get themselves caught
Bys sConnor Jones reports: They say that success breeds complacency, and complacency leads to failure. For cybercriminals, taking too many shortcuts when it comes to opsec delivers a little more than that. In these cases, failure might mean the criminal doesn’t get access to the server with the most valuable data to copy, or fails to…
Former General Manager for U.S. Defense Contractor Pleads Guilty to Selling Stolen Trade Secrets to Russian Broker
Bys sPeter Williams, 39, an Australian national, pleaded guilty in U.S. District Court today in connection with selling his employer’s trade secrets to a Russian cyber-tools broker, the Justice Department announced today. Williams pleaded to two counts of theft of trade secrets. The material, stolen over a three-year period from the U.S. defense contractor where he……
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
Bys sCybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. “We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees,” security