ALPHV/Blackcat ransomware affiliates use advanced social engineering techniques and open-source research to gain initial access to victim networks, posing as IT or helpdesk staff to obtain credentials.
State-sponsored hacker groups targeted Russia and former Soviet Union members with destructive or espionage campaigns, indicating an increase in politically motivated cyber attacks in the region.
The organization is working with external IT security experts to restore its communication channels and is committed to informing affected individuals if a data compromise is confirmed.
The multi-stage dissemination of Xeno RAT via Discord CDN demonstrates the use of deceptive tactics such as disguised shortcut files to deliver and execute the open-source malware.
The cyberattack left LoanDepot’s customers unable to make payments or access their online accounts, and the company expects the incident to impact its fiscal first quarter earnings by $12 to $17 million.
Cybersecurity researchers discovered a vulnerability in the Hugging Face Safetensors conversion service that could be exploited by attackers to compromise machine learning models submitted by users, leading to supply chain attacks.
Zyxel has identified and patched four critical vulnerabilities in its firewall and access point products, including flaws that could lead to remote code execution and denial-of-service attacks.
The new version of Pikabot features simpler encryption algorithms, anti-debugging methods, and plaintext bot configuration, indicating a new codebase with potential future improvements.
A 49-year-old Russian national has been charged with carrying out a cyberattack on a local power plant, resulting in a widespread blackout in 38 villages in the Vologda region.
The Russian Foreign Intelligence Service (SVR) cyber actors, also known as APT29 or Cozy Bear, have shifted their tactics to target cloud environments as organizations increasingly move to cloud-based infrastructure.