The Qilin ransomware group, also known as Agenda or Water Galura, has unveiled a new hybrid attack method that blends a Linux-based payload with a Bring-Your-Own-Vulnerable-Driver (BYOVD) exploit....
Mino Industry Co., Ltd., a Japanese manufacturer specialising in screen-printing and stencil machinery, confirmed a ransomware incident in late October 2025. Open disclosures and monitoring platforms...
Published: October 26, 2025 Location: Dublin, Ireland Summary: A significant data breach at Dublin Airport has compromised passenger information for potentially millions of individuals who traveled...
Microsoft released an out-of-band security update for a critical remote code execution (RCE) in Windows Server Update Services (WSUS), tracked as CVE-2025-59287. The vulnerability is actively...
Hackers Ramp Up Attacks on Adobe Commerce with 'SessionReaper' Vulnerability Exploitation body { font-family: Arial, sans-serif; line-height: 1.6; margin: 20px; } h1 { color: #333; } h2 { color:...
-2.png)
A newly uncovered zero-day vulnerability in Lanscope Endpoint Manager has triggered a wave of emergency patching across enterprises in Japan and other parts of Asia. The flaw, now tracked as...
A major cyber incident that forced Jaguar Land Rover (JLR) to suspend production at multiple UK plants has left a measurable economic impact on the automotive sector and highlighted fragilities...
A critical remote-code-execution vulnerability in Microsoft SharePoint Server, tracked as CVE-2025-53770 and dubbed "ToolShell", has been exploited in the wild. Immediate patching and active hunting...
A vulnerability in the FIA’s driver-categorisation portal allowed access to passport scans, licence documents and internal correspondence of world-class drivers. The incident raises urgent questions...
The “Synthient” corpus consolidates infostealer logs (credentials, cookies, autofill data) harvested from compromised endpoints, plus combolists circulating in criminal channels. Expect...
Beijing, 19 October 2025 — China’s Ministry of State Security (MSS) issued a statement confirming that foreign intelligence actors attempted to infiltrate the National Time Service Center (NTSC), the...
Japanese e-commerce and office-supplies giant ASKUL Corporation confirmed a ransomware incident that caused widespread systems disruption, forcing a suspension of order intake and...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive following a breach at F5 Networks, a major supplier of application delivery and...
Overview: On 19 October 2025 Vocus Group — parent company of consumer brands including Dodo and iPrimus — experienced a cybersecurity incident that resulted in unauthorised access to a number of...
A massive botnet comprising more than 100,000 unique IP addresses has been observed launching a coordinated wave of attacks against Remote Desktop Protocol (RDP) services in the United States....
Opinion: CVSS was never meant to decide tomorrow’s patch queue by itself. Yet many organizations still treat 8.0+ as gospel and everything else as “later.” That mindset ships toil, not risk...
Opinion: Passkeys are the best mainstream step we’ve taken against credential phishing. But enterprises rolling out “passwordless” are discovering an uncomfortable truth: you can remove passwords...
Package squatting / dependency confusion: Adversaries publish near-name or higher-version packages to public registries (npm/PyPI). CI/dev machines resolve to the malicious package, executing...
Malvertising/SEO-poisoning campaigns are impersonating popular software (VPNs, IDEs, archivers, wallets). The flow is consistent: paid search ad → look-alike domain → signed MSI/EXE that side-loads a...
Most incidents we triage in 2025 do not begin with a kernel exploit on an endpoints; they begin with identity and SaaS: consent grants, token theft, weak conditional access, and sprawling...