Vulnerabilities Expose Private Data in Indian Government Systems
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal.
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal.
Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group. [...]
The National Association of Insurance Commissioners (NAIC) says the ShinyHunters extortion group stole only publicly available data, outdated logs, and configuration files after breaching its systems by exploiting a zero-day vulnerability in an Oracle PeopleSoft server. [...]
Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real …
The healthcare industry continues as the most attacked sector, and while cyberattacks have declined year over year, healthcare has seen the smallest decline out of all verticals, according to a new report from the cybersecurity firm SonicWall. According to its intrusion protectio…
Microsoft has extended Windows Server 2022 hotpatching until October 2027, one year after the mainstream end date of October 2026. [...]
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia's intelligence and military services. [...]
The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active compromises inside Indi…
Remote Desktop Tools are the Front Door in Healthcare, and Hackers are Walking Through The HIPAA Journal
There is some positive news from the data collected by cybersecurity firm SonicWall, as cyberattacks have declined by up to […] The post Remote Desktop Tools are the Front Door in Healthcare, and Hackers are Walking Through appeared first on The HIPAA Journal.
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. [...]
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores how behavioral AI can help identify sophisticated email threats and automate respo…
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App. The templates power bogus cryptocurrency exchanges, m…
Pesquisadores do Unit 42, laboratório de inteligência de ameaças da Palo Alto Networks, identificaram uma técnica de ataque que explora uma falha arquitetônica comum a Google Cloud, AWS e Microsoft Azure. Batizado de “bucket hijacking”, o método permite que invasores redirecionem…
Uma vulnerabilidade de alta gravidade no Amazon Q Developer poderia permitir que invasores executassem comandos e roubassem credenciais de nuvem quando um desenvolvedor abrisse um repositório malicioso no ambiente de programação. As falhas foram identificadas como CVE-2026-12957 …
Adversaries could plant a malicious repository that can execute arbitrary code and steal cloud credentials by exploiting the vulnerability, which showcases growing MCP risk.
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by G…
Uma nova campanha de ciberataques chamada StrikeShark está usando um malware inédito, conhecido como SharkLoader, para instalar o Cobalt Strike em sistemas comprometidos. A atividade foi identificada pela Kaspersky e teve como alvos organizações governamentais, diplomáticas e emp…
A Copa do Mundo de 2026 amplia uma área de risco que já estava em expansão no Brasil. Mais de 4,3 mil sites falsos foram identificados explorando o torneio, e as casas de apostas continuam sendo o principal vetor de fraude. Para Daniel Tupinambá, CISO Strategy da Elytron Cybersec…