Category: Cyber Security News

Former University of Michigan Football Coach Indicted on Charges of Unauthorized Access and Identity Theft
Summary: Matthew Weiss, former Co-Offensive Coordinator and Quarterbacks Coach at the University of Michigan, has been indicted for unauthorized computer access and aggravated identity theft, affecting over 150,000 athletes. The charges involve illegally accessing sensitive personal data and infiltrating the online accounts of thousands of individuals, including downloading private materials.…
Read More
Hybrid Threats and AI: Shaping the Future of EU’s Organized Threat Landscape in 2025
Summary: The EU-SOCTA 2025 report from Europol reveals that organized crime in Europe is evolving dramatically due to hybrid threats and the integration of artificial intelligence (AI) into criminal tactics. This shift necessitates a reevaluation of traditional crime-fighting methods and highlights the urgency for proactive measures against diverse and complex threats.…
Read More
Google Gemini’s Astra (screen sharing) rolls out on Android for some users
Summary: Google has confirmed the rollout of screen and video sharing capabilities for its Gemini Live service, codenamed “Project Astra”. Users can now share their phone’s screen and interact with the AI to get insights about the content they are viewing. This feature is currently available to Gemini Advanced subscribers who can leverage it for enhanced browsing experiences.…
Read More
Don’t Click! Fake Chat Used in Meta Business Account Phishing
Summary: A sophisticated phishing campaign targeting Meta/Instagram users has emerged, using fake emails and deceptive chatbots to exploit fears of account suspension. Victims are lured into providing sensitive information through a convincing counterfeit support system. This campaign emphasizes the need for users to remain vigilant and skeptical regarding unsolicited communications.…
Read More
Summary: After a four-year investigation, law enforcement successfully apprehended a cybercriminal known by multiple aliases, including ALTDOS and Omid16B. The criminal, motivated by financial gain, executed various attacks on companies, primarily focusing on extortion through data breaches. Group-IB played a pivotal role in tracking the actor’s activities across different identities until his arrest in Thailand on February 26, 2025.…
Read More
Microsoft Trusted Signing service abused to code-sign malware
Summary: Cybercriminals are exploiting Microsoft’s Trusted Signing platform to sign malware executables with short-lived certificates, allowing them to evade detection and appear legitimate. This method bypasses security filters that usually flag unsigned executables, posing significant threats to users. The ease of obtaining these three-day certificates is leading to a shift away from the harder-to-get Extended Validation (EV) certificates previously favored by threat actors.…
Read More
Cloudflare now blocks all unencrypted traffic to its API endpoints
Summary: Cloudflare has ceased all HTTP connections for its API, now requiring secure HTTPS connections only. This change aims to eliminate the risks of sensitive data exposure through unencrypted requests, particularly on public networks. Consequently, any existing HTTP-based integrations will cease to function immediately, with Cloudflare recommending users transition to HTTPS.…
Read More
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
Summary: A targeted supply chain attack involving the GitHub Action “tj-actions/changed-files” was first directed at Coinbase’s open-source projects but escalated into a wider attack compromising 218 repositories. The attacker was able to exploit the CI/CD process, manage tokens, and introduce malicious code without initially triggering significant alarms.…
Read More
Dragon RaaS: Pro-Russian Hacktivist Group Walks the Razor’s Edge Between Cybercrime and Propaganda
Summary: A new Ransomware-as-a-Service player, Dragon RaaS, combines political hacktivism with opportunistic cybercrime, targeting organizations with weak security. It emerged as a splinter group from the Stormous ransomware gang and is affiliated with various cybercrime syndicates. Dragon RaaS’s operations focus on defacement attacks and ransomware extortion, utilizing a rebranded version of existing ransomware techniques.…
Read More
Microsoft Trusted Signing service abused to code-sign malware
Summary: Cybercriminals are exploiting Microsoft’s Trusted Signing platform by using it to sign malware executables with short-lived three-day certificates. This tactic allows signed malware to bypass security filters, as it appears legitimate. Threat actors find this method more accessible compared to obtaining Extended Validation (EV) code-signing certificates, which are harder to acquire and often revoked after use.…
Read More
Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote Takeover
Summary: Esri has identified a critical vulnerability in its ArcGIS Enterprise platform that could enable attackers to hijack administrative accounts via a password reset flaw. The vulnerability, CVE-2025-2538, has a CVSS score of 9.8 and affects specific versions of Portal for ArcGIS. Organizations are urged to apply the security patch released by Esri to prevent potential data breaches and service disruptions.…
Read More
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
Summary: The U.S. Treasury Department has lifted sanctions against Tornado Cash, a cryptocurrency mixer previously linked to laundering money for the North Korean Lazarus Group. This decision follows a Fifth Circuit court ruling that questioned the authority of the Treasury’s Office of Foreign Assets Control (OFAC) to sanction entities like Tornado Cash, which utilizes immutable smart contracts.…
Read More
Europol Cracks Down on €6.7M Hearing Aid Fraud Scheme Exploiting French Healthcare
Summary: Europol has dismantled a criminal network that executed a €6.7 million healthcare subsidy fraud against France’s public health insurance system, utilizing fake diplomas and stolen patient data. The operation, which began in July 2024, involved fictitious businesses billing for non-existent hearing aids and laundering funds through shell companies across Europe.…
Read More
Synology Replication Service Vulnerability Scores Maximum CVSS Rating
Summary: Synology has issued security advisories regarding a critical vulnerability (CVE-2024-10442) in its Replication Service, allowing remote attackers to execute arbitrary commands on affected systems. The vulnerability affects various versions of Synology DSM and has a CVSS3 Base Score of 10.0, signifying its severity. Users are urged to urgently apply updates to mitigate potential risks.…
Read More
Rust Beacon Deploys Cobalt Strike in South Korean Cyber Intrusion Campaign
Summary: Hunt researchers have detected a sophisticated cyber intrusion campaign focusing on South Korean organizations, utilizing modified Cobalt Strike tools and various open-source exploitation tools. The attackers leveraged a publicly exposed web server to distribute their malware and gather intelligence on over 1,000 Korean domains, targeting government and commercial entities.…
Read More
Trump order on information sharing appears to have implications for DOGE and beyond
Summary: President Trump’s new executive order aims to enhance information-sharing across federal and state governments, lifting barriers to data exchange while aiming to eliminate bureaucratic inefficiencies. Critics, including civil libertarians, warn that this could facilitate abuses of civil liberties and lead to extensive surveillance of individuals.…
Read More
Clearview AI settles class-action privacy lawsuit worth an estimated million
Summary: A federal judge has approved a settlement between Clearview AI and class action plaintiffs regarding privacy infringement allegations, valuing potential damages at over million. The settlement allows plaintiffs to have a stake in the company’s future value instead of receiving a lump sum payment. The case arose from Clearview’s practice of scraping facial images from the internet without consent, which violated Illinois’ Biometric Privacy Act.…
Read More