The Iranian regime’s fundamental objective is to ensure the survival and security of the Islamic Republic, which was founded in 1979 following the Iranian Revolution. This shapes – directly or indi...

The International Criminal Court has been targeted by a “sophisticated” cyberattack and is taking measures to limit any damage. The ICC said the incident, which happened last week during the NATO ...

In September 2024, ANSSI observed an attack campaign seeking initial access to French entities’ networks through the exploitation of several zero-day vulnerabilities on Ivanti Cloud Service Applian...

A sophisticated transnational scheme was uncovered involving a criminal ring operating from Madrid and Latvia. The fraud campaign was structured and disguised as a legitimate investment platform, l...

A series of critical vulnerabilities have been discovered in MICROSENS NMP Web+, a widely used network management platform for industrial and critical manufacturing environments, putting thousands ...

TL;DR Investigated IDEs: Visual Studio Code (VSCode), Visual Studio, IntelliJ IDEA, and Cursor Flaw: Ability to create files that maintain verified symbols while adding malicious functionality Expl...

Online criminal forums, both on the public internet and on the “dark web” of Tor .onion sites, are a rich resource for threat intelligence researchers. The Sophos Counter Threat Unit (CTU) has a te...

A major Mexican drug cartel insider grassed on his fellow drug-peddlers back in 2018, telling the FBI that a cartel “hacker” was tracking a federal official and using their deep-rooted access to th...

Since 2024, Microsoft Threat Intelligence has observed remote information technology (IT) workers deployed by North Korea leveraging AI to improve the scale and sophistication of their operations, ...

Key takeaways TA829 conducts a mixture of espionage and cybercriminal operations, which rely on services sourced from the criminal underground, and a regularly updated suite of tools built upon the...

Trustwave SpiderLabs, which has been tracking Proton66 for the last several months, was able to make this connection by pivoting from Proton66-linked assets, which led to the identification of anot...

With the launch of its Cyberspace Force, China has elevated the digital domain to a theatre of war. The Cyberspace Force of the People’s Liberation Army (PLA) is China’s newest military branch, lau...

Last month, we encountered a particularly interesting and complex malware case that stood out from the usual infections we see in compromised WordPress websites. At first glance, the site looked cl...

Regional APT Threat Situation In May 2025, the global threat hunting system of Fuying Lab discovered a total of 44 APT attack activities. These activities are mainly distributed in South Asia, Eas...

Hawaiian Airlines has been hit by a cybersecurity incident, impacting some of its IT systems. The US airline disclosed the “cybersecurity event” in two updates posted on its website on June 26. T...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released two industrial control systems (ICS) advisories highlighting hardware vulnerabilities in Mitsubishi Electric an...

A serious security vulnerability in many Bluetooth headphones allows attackers to read data from the devices remotely and take over connections. This was discovered by researchers from the German s...

On June 25, 2025, French authorities announced that four members of the ShinyHunters (also known as ShinyCorp) cybercriminal group were arrested in multiple French regions for cybercrime activities...

A security incident at a fourth-party supplier earlier this month has led to online service disruption and potential customer data theft, Glasgow City Council has warned. On June 19, the council’s...

Executive Summary The CYFIRMA research team has uncovered multiple websites employing Clickfix tactics to deliver malicious AppleScripts (osascripts). These scripts contain commands designed to st...