information security news

Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>

Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations.…

3 months ago
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary codeSonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

SonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code execution if chained. SonicWall patches…

3 months ago
The LockBit ransomware site was breached, database dump was leaked onlineThe LockBit ransomware site was breached, database dump was leaked online

The LockBit ransomware site was breached, database dump was leaked online

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend infrastructure of their dark web…

3 months ago
Cisco fixed a critical flaw in its IOS XE Wireless ControllerCisco fixed a critical flaw in its IOS XE Wireless Controller

Cisco fixed a critical flaw in its IOS XE Wireless Controller

Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary…

3 months ago
U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalogU.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GoVision device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity…

3 months ago
Polish authorities arrested 4 people behind DDoS-for-hire platformsPolish authorities arrested 4 people behind DDoS-for-hire platforms

Polish authorities arrested 4 people behind DDoS-for-hire platforms

Polish police arrested 4 people behind DDoS-for-hire platforms used in global attacks, offering takedowns for as little as €10 via…

3 months ago
Play ransomware affiliate leveraged zero-day to deploy malwarePlay ransomware affiliate leveraged zero-day to deploy malware

Play ransomware affiliate leveraged zero-day to deploy malware

The Play ransomware gang exploited a high-severity Windows Common Log File System flaw in zero-day attacks to deploy malware. The Play…

3 months ago
Canary Exploit tool allows to find servers affected by Apache Parquet flawCanary Exploit tool allows to find servers affected by Apache Parquet flaw

Canary Exploit tool allows to find servers affected by Apache Parquet flaw

F5 Labs researchers released a PoC tool to find servers vulnerable to the Apache Parquet vulnerability CVE-2025-30065. A working proof-of-concept…

3 months ago
Unsophisticated cyber actors are targeting the U.S. Energy sectorUnsophisticated cyber actors are targeting the U.S. Energy sector

Unsophisticated cyber actors are targeting the U.S. Energy sector

CISA, FBI, EPA, and DoE warn of cyberattacks on the U.S. Energy sector carried out by unsophisticated cyber actors targeting…

3 months ago
NSO Group must pay WhatsApp over $167M in damages for attacks on its usersNSO Group must pay WhatsApp over $167M in damages for attacks on its users

NSO Group must pay WhatsApp over $167M in damages for attacks on its users

NSO Group must pay WhatsApp over $167M in damages for a 2019 hack targeting 1,400+ users, per U.S. jury ruling…

3 months ago