News

The State of Ransomware in Education 2025

Bys s September 10, 2025

441 IT and cybersecurity share their ransomware experiences, revealing the realities facing lower and higher education providers today.

News

Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes
Bys s January 15, 2025

A vulnerability in Google’s OAuth implementation allows takeover of old employee accounts when domain ownership changes. The post Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes appeared first on SecurityWeek.

Read More Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes
News

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
Bys s May 13, 2025

Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021. “He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands,” officials said in a statement Monday. In conjunction with the

Read More Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
News

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
Bys s July 2, 2025

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world. The sanctions also extend to its subsidiaries Aeza International Ltd., the U.K. branch…

Read More U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
News

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models
Bys s September 24, 2025

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below – CVE-2025-10643 (CVSS score: 9.1) – An authentication bypass vulnerability that

Read More Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models
News

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
Bys s May 15, 2025

Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems. “This campaign employs clever Unicode-based steganography to hide its initial malicious code and utilizes a Google Calendar event short link as a dynamic dropper for its final

Read More Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
News

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
Bys s July 12, 2025

By the end of yesterday, federal agencies should all have patched. But did they? And how many others have yet to patch? Bill Toulas reports: The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day…

Read More CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

Similar Posts