Amin Ayan reports: CoinMarketCap was hacked on Friday after a malicious popup appeared on its website, urging users to “verify” their wallets. The phishing-style notification asked users to connect their wallets and approve ERC-20 token access, raising immediate red flags across the crypto community. Wallet providers like MetaMask and Phantom quickly flagged the site as…
Sarah Volpenhein reports: Nearly 5.6 million people were affected in the ransomware attack that hit Ascension in May, the national health system now says. Until now, the health system had not publicly disclosed the total number of people affected by the May ransomware attack that compromised patient data and ultimately caused major disruptions to patient…
Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China. “This actor has increasingly targeted…
As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could impact your organizations and drive the need for an even…
More than a year’s worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members. The Russian-language chats on the Matrix messaging platform between September 18, 2023, and September 28, 2024, were initially…
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild. “Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration,” GreyNoise researcher Glenn Thorpe said in an alert
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below – CVE-2025-32819 (CVSS score: 8.8) – A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path…
