Breaking News Archives - Page 5 of 1512

Pierluigi Paganini July 18, 2025

5 Features Every AI-Powered SOC Platform Needs in 2025

A modern AI-based SOC platform must adapt in real time to handle alert overloads and fast-moving threats, surpassing traditional SIEM tools. Modern security operations centers (SOCs) are under immense pressure. Analysts are overwhelmed, alert queues are overflowing, and attackers are moving faster than ever. Where once it was enough to have good visibility and a […]

Pierluigi Paganini July 18, 2025

Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000 awarded to STARLabs SG for using an integer overflow flaw to compromise VMware ESXi. Below […]

Pierluigi Paganini July 17, 2025

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

Ransomware group Stormous claims it stole data from 600,000 North Country HealthCare patients across 14 sites in northern Arizona. The Stormous ransomware gang claims it has stolen personal and health data belonging to 600,000 patients from health provider North Country HealthCare. North Country HealthCare is a nonprofit, federally qualified health center (FQHC) based in northern […]

Pierluigi Paganini July 17, 2025

United Natural Foods Expects $400M revenue impact from June cyber attack

United Natural Foods Projects (UNFI) expects a $350–$400M sales hit from a June cyberattack, with $50–$60M in net income impact. United Natural Foods, Inc. (UNFI), the main distributor for Amazon’s Whole Foods, said the June 2025 cyberattack will slash its fiscal 2025 sales by $350 to $400 million. United Natural Foods, Inc. (UNFI) is a Providence, Rhode […]

Pierluigi Paganini July 17, 2025

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges. Cisco addressed a critical vulnerability, tracked as CVE-2025-20337 (CVSS score of 10), in Identity Services Engine (ISE) and Cisco Identity Services Engine Passive Identity Connector (ISE-PIC). An attacker could trigger the vulnerability to execute arbitrary code on the […]

Pierluigi Paganini July 17, 2025

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

UNC6148 targets SonicWall devices with Overstep malware, using a backdoor and rootkit for data theft, extortion, or ransomware. Google’s Threat Intelligence Group warns that a threat actor tracked as UNC6148 has been targeting SonicWall SMA appliances with new malware dubbed Overstep. Active since at least October 2024, the group uses a backdoor and user-mode rootkit […]

Pierluigi Paganini July 16, 2025

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

International law enforcement operation disrupted the activities of the pro-Russia hacking group NoName057(16). European and U.S. authorities disrupted the activities of the pro-Russian hacktivist group NoName057(16) in Operation Eastwood. “Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol and Eurojust, targeted the cybercrime network NoName057(16). Law enforcement and […]

Pierluigi Paganini July 16, 2025

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted communications with other units. A DoD report warns that China-nexus hacking group Salt Typhoon breached a U.S. state’s Army National Guard network from March to December 2024. The APT stole network configs, admin credentials, and data exchanged with units […]

Pierluigi Paganini July 16, 2025

Former US Army member confesses to Telecom hack and extortion conspiracy

A former US Army soldier pleaded guilty to hacking telecom databases, stealing data, and extorting companies by threatening to release the stolen info. A former Army soldier, Cameron John Wagenius (21) pleaded guilty to conspiring to hack telecom companies’ databases, steal sensitive records, and extort victims by threatening to release stolen data unless ransoms were […]

Pierluigi Paganini July 16, 2025

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild. Google released fixes for six Chrome flaws, including one actively exploited in the wild tracked as CVE-2025-6558 (CVSS score of 8.8). CVE-2025-6558 stems from improper validation of untrusted input in Chrome’s ANGLE and GPU components. Clément […]

Breaking News

5 Features Every AI-Powered SOC Platform Needs in 2025

Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

United Natural Foods Expects $400M revenue impact from June cyber attack

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

Former US Army member confesses to Telecom hack and extortion conspiracy

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Seychelles Commercial Bank Reported Cybersecurity Incident

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

Scattered Spider targets VMware ESXi in using social engineering

QUICK LINKS

Breaking News

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!