Pierluigi Paganini
October 02, 2025
The cybercrime group calling itself the Crimson Collective claimed to have compromised Red Hat ‘s private GitHub repositories. The Crimson Collective claimed it had stolen 570GB from Red Hat ’s private GitHub repositories, including 28,000 projects and approximately 800 Customer Engagement Reports (CERs) with sensitive network data. CERs often contain sensitive info, including infrastructure details, […]
Pierluigi Paganini
October 01, 2025
WestJet confirms June cyberattack that disrupted certain internal systems, exposed customer passports and IDs. WestJet airline confirmed the June security breach exposed customer passports and IDs. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canada’s second-largest airline, […]
Pierluigi Paganini
September 30, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions […]
Pierluigi Paganini
September 30, 2025
Japan’s top brewer Asahi suspends operations after a cyberattack, halting ordering, shipping, and customer service activities. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a strong presence […]
Pierluigi Paganini
September 30, 2025
Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed. A new Resecurity report has uncovered a rapidly unfolding—and potentially much larger—global cybercrime campaign led by the notorious alliance of LAPSUS$, ShinyHunters, and Scattered Spider. Contrary to recent claims of “retirement,” the so-called “Trinity of […]
Pierluigi Paganini
September 29, 2025
British Department Store Harrods warns customers of a data breach via a third-party provider, exposing some names and contact details. Harrods, the luxury British department store, warned customers of a data breach affecting its online systems. The company confirmed that names and contact details of some e-commerce customers were exposed after one of its third-party […]
Pierluigi Paganini
September 29, 2025
Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using credentials obtained from the exploitation of the CVE-2024-40766 vulnerability, bypassing OTP MFA. Attacks spread quickly across sectors, with rapid post-login activity and short dwell times, making […]
Pierluigi Paganini
September 27, 2025
Researchers disclosed a critical flaw, named ForcedLeak, in Salesforce Agentforce that enables indirect prompt injection, risking CRM data exposure. Noma Labs researchers discovered a critical vulnerability, named ForcedLeak (CVSS 9.4), in Salesforce Agentforce that could be exploited by attackers to exfiltrate sensitive CRM data through an indirect prompt injection attack. The vulnerability only impacts organizations […]
Pierluigi Paganini
September 26, 2025
watchTowr Labs says hackers exploited the Fortra GoAnywhere MFT flaw CVE-2025-10035 on Sept 10, 2025, a week before public disclosure. Cybersecurity firm watchTowr Labs revealed that it has ‘credible evidence’ that the critical Fortra GoAnywhere MFT flaw CVE-2025-10035 was actively exploited in attacks in the wild as early as September 10, 2025, a week before […]
Pierluigi Paganini
September 26, 2025
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns, […]
