How intuitive, low-cost ransomware-as-a-service platforms are ushering in a new generation of threat actors

Overview In recent years, ransomware attacks have been increasing worldwide, with Korean companies also experiencing a rise in cases. Especially since 2023, there has been a sharp surge in...

A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked...

Ukrzaliznytsia, Ukraine's national railway operator, has been hit by a massive cyberattack that disrupted online services for buying tickets both through mobile apps and the website. [...]

Many Internet service providers (ISPs) worldwide are alerting customers of an outage that started Saturday night and triggered DrayTek router connectivity problems. [...]

A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of...

The concept of “principle of least privilege” has been around for a long time. In fact, it is older than me; there are papers from the 70s that discuss it:

The Australian government reinforced its dedication to safeguarding the nation’s cyber environment and critical infrastructure by declaring an... The post Australia expands cybersecurity coverage...

African law enforcement authorities have arrested 306 suspects as part of 'Operation Red Card,' an INTERPOL-led international crackdown targeting cross-border cybercriminal networks. [...]

A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. [...]

As 23andMe's bankruptcy looms, privacy experts warn customers to delete their DNA data.

For the latest discoveries in cyber research for the week of 24th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Municipalities in four US states experienced...

Following a social media post last week on the active planning of a coordinated, multi-city terrorist attack on... The post FBI, healthcare agencies warn of credible threat against hospitals,...

Non-profit organization MITRE and NVIDIA are collaborating on simulation tools to better design and optimize quantum imaging systems.... The post MITRE and NVIDIA join forces to revolutionize...

Darktrace Federal announced that it has achieved its Federal Risk and Authorization Management Program (FedRAMP) High Agency Authority... The post Darktrace Federal secures FedRAMP High Authority...

The European Standardisation Organisations (ESOs) CEN, CENELEC, ETSI, together with ENISA, the EU Agency for Cybersecurity, co-hosted the... The post EU cybersecurity legislation takes center...

CERT Polska has received a report about 2 vulnerabilities (CVE-2024-8773 and CVE-2024-8774) found in SIMPLE.ERP software.

The SANS Technology Institute has issued a critical warning for organizations using Cisco's Smart Licensing Utility (CSLU), urging them to update their systems immediately to address two serious...

Two years after a data breach that compromised almost seven million customers, 23andMe's CEO has resigned as the company files for bankruptcy

Cloak ransomware group claims attack on Virginia attorney general's office, demands ransom for stolen data. Investigation underway. Find out the impact and what's being done.

South Africa-listed poultry producer Astral Foods (ARLJ.J) has reported a cybersecurity incident that disrupted its operations and is expected to affect its profits by approximately 20 million...

Paris, France, 24th March 2025, CyberNewsWire

The UK’s National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys

Acronis Threat Research found 2M+ malicious URLs & 5,000+ malware instances in Microsoft 365 backup data—demonstrating how built-in security isn't always enough. Don't let threats persist in your...

Threat actors are looking to compromise Google accounts to further malvertising and data theft

In 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE, debuted a concept for security vulnerabilities that laid the groundwork for the common...

Each Monday, the Tenable Exposure Management Academy will provide the practical, real-world guidance you need to make the shift from vulnerability management to exposure management. In this blog,...

A year and a half ago I wrote a blog post describing how browsers’ cache system can be abused to drop malware on targets’ computers. As of today, this technique is still relevant. Browsers haven’t...

This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 54 threat intelligence reports and created a concise summary of the findings, along with the relevant...

The European Union’s landscape of serious and organized crime is undergoing a significant transformation, according to the latest EU-SOCTA 2025 report released by Europol. This comprehensive...