In a stark reminder of the escalating cyberwar between nations, a recent SharePoint cyberattack orchestrated by a China-based hacking group has exploited a critical zero-day vulnerability in Microsoft SharePoint servers, deploying Warlock ransomware in a series of...
North Korea’s state-sponsored hackers are exploiting npm packages in a sophisticated wave of the “Contagious Interview” campaign, unleashing 67 malicious packages with over 17,000 downloads. These packages embed a stealthy malware loader called XORIndex, a calculated...
A chilling wave of cyberattacks targeting Fortinet FortiWeb instances has exposed the critical need for timely Fortinet updates. Hackers are exploiting a severe SQL injection vulnerability, CVE-2025-25257, to plant web shells and seize control of vulnerable systems....
On July 8, 2025, Marks & Spencer (M&S) confirmed a ransomware attack orchestrated by the DragonForce gang, initiated through a sophisticated social engineering impersonation attack in April 2025. M&S Chairman Archie Norman revealed to the UK Parliament’s...
McLaren Health Care, a Michigan-based healthcare provider, disclosed a medical data breach impacting 743,000 patients, originating from a July 2024 cyberattack on its Karmanos Cancer Institute, detected on August 5, 2024. The INC ransomware gang, responsible for the...
Critical server vulnerability CVE-2024-54085 (CVSS 10.0) in AMI MegaRAC BMC firmware, discovered March 11, 2025, is actively exploited, CISA warns. The Redfish interface flaw allows attackers to bypass authentication, gaining control over servers from AMD, ARM,...
