News
Time-based updates and breaking security developments.
CISA Directive 26-03 Targets Cisco SD-WAN Flaws
Analysis of CISA Emergency Directive 26-03 addressing critical Cisco SD-WAN vulnerabilities, including active exploitation risks and mandatory mitigation timelines.
Snowflake Customer Accounts Targeted in Credential Breach Campaign
Threat actors accessed multiple Snowflake customer environments using stolen credentials, leading to data theft affecting organizations across several industries.
XZ Utils Backdoor Discovery Shakes Linux Supply Chain
Researchers uncover a sophisticated backdoor hidden inside XZ Utils release archives, exposing a major software supply chain compromise affecting Linux distributions.
Change Healthcare Ransomware Attack Disrupts U.S. Medical Systems
A ransomware attack targeting Change Healthcare caused nationwide disruption of prescription services and healthcare payment processing systems.
LockBit Ransomware Infrastructure Seized in Global Operation
International law enforcement disrupts LockBit ransomware infrastructure during Operation Cronos, exposing internal systems of one of the most active cyber extortion groups.
Microsoft Investigates Midnight Blizzard Email Breach
Threat actors associated with Midnight Blizzard accessed Microsoft corporate email accounts after compromising authentication credentials in a targeted espionage operation.
Ivanti Connect Secure Zero-Day Exploitation Campaign
Multiple zero-day vulnerabilities in Ivanti Connect Secure VPN appliances were exploited in widespread cyber espionage and intrusion campaigns targeting organizations worldwide.
Okta Support System Breach Exposes Customer Data
Attackers accessed Okta’s support case management system and downloaded files containing customer information used in troubleshooting tickets.
Cisco IOS XE Zero-Day Exploitation Campaign Targets Edge Devices
Threat actors exploited a zero-day vulnerability in Cisco IOS XE web management interfaces, compromising enterprise network infrastructure worldwide.
Active Exploitation Confirmed for CVE-2023-4966 (CitrixBleed)
Security reporting confirms active exploitation of CVE-2023-4966 (CitrixBleed), a critical vulnerability affecting Citrix NetScaler ADC and Gateway devices.
HTTP/2 Rapid Reset Attack Triggers Record DDoS Events
Researchers uncover a protocol-level weakness in HTTP/2 enabling attackers to launch extremely powerful distributed denial-of-service attacks against web infrastructure.
23andMe Data Breach Driven by Credential Stuffing Attacks
Attackers accessed genetic profile data from 23andMe accounts using credential stuffing techniques built on previously leaked passwords.
MGM Resorts Cyberattack Triggered by Social Engineering
Attackers used social engineering against IT support staff to gain access to MGM Resorts systems, causing widespread operational disruption across hotels and casinos.
MOVEit Transfer Exploitation Expands — Mass Data Theft Campaign Confirmed
Exploitation of a critical vulnerability in Progress MOVEit Transfer has expanded globally, leading to widespread data breach notifications across multiple sectors.
Genesis Market Takedown Disrupts Global Credential Theft
International law enforcement dismantles Genesis Market, a major cybercrime marketplace used to sell stolen credentials and digital identities.
CVE-2021-44228 (Log4Shell) Added to CISA Known Exploited Vulnerabilities Catalog
CISA added CVE-2021-44228 (Log4Shell) to the Known Exploited Vulnerabilities catalog, reinforcing urgent patch requirements for affected organizations.