ICYMI: 2025-03-06
Latest Headlines
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
Trump’s Spy Chief Urged to Declassify Details of Secret Surveillance Program
Pentagon Cuts Threaten Programs That Secure Loose Nukes and Weapons of Mass Destruction
The US Army Is Using ‘CamoGPT’ to Purge DEI From Training Materials
How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist
House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies
Nigerian Accused of Hacking Tax Preparation Firms Extradited to US
Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation
BadBox Botnet Powered by 1 Million Android Devices Disrupted
AIceberg Gets $10 Million in Seed Funding for AI Security Platform
Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks
As an SOC/DFIR Team Member, How to Analyse Real-Time Linux Malware Network Traffic
Threat Actors Mimic Electronic Frontier Foundation To Attack Gaming Community
InvokeADCheck – Powershell Based Tool to Detect Active Directory Misconfigurations
Researchers Bypassed CrowdStrike Falcon Sensor to Execute Malicious Applications
Sitecore 0-Day Vulnerability Let Attackers Execute Remote Code
Misconfigured Apache Airflow Servers Exposes Login Credentials to Hackers
Two Hackers Arrested For ATM Jackpotting by Deploying Malware
ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings
Ransomware gang encrypted network from a webcam to bypass EDR
US seizes domain of Garantex crypto exchange used by ransomware gangs
Cybercrime ‘crew’ stole $635,000 in Taylor Swift concert tickets
Ethereum private key stealer on PyPI downloaded over 1,000 times
Microsoft 365 apps will prompt users to back up files in OneDrive
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Free vCISO Course: Turning MSPs and MSSPs into Cybersecurity Powerhouses
Malicious Chrome extensions can spoof password managers in new attack
– MTZ