A suspected Russian hacker linked to the Kremlin-aligned threat actor Void Blizzard was arrested in Thailand and is facing extradition to the U.S. The group has targeted government, defense, and critical infrastructure organizations across Europe and North America, posing significant threats to NATO allies and Ukraine. #VoidBlizzard #LaundryBear…
Tag: CRITICAL INFRASTRUCTURE
This article details a large-scale npm registry supply chain attack involving a token farming campaign that infected thousands of packages without traditional malware. It highlights the evolving threat landscape driven by financial incentives and the importance of industry collaboration in defending open source ecosystems. #npm #teaxyz #OpenSSF…
Mitsubishi Electric’s MELSEC iQ-F Series faces a remote exploitation vulnerability allowing attackers to cause denial-of-service conditions via TCP communication. Proper mitigation, such as VPN use and physical access restrictions, is recommended to prevent attacks. #MitsubishiElectric #CVE-2025-10259…
A significant data leak at Chinese cybersecurity firm Knownsec exposed sensitive hacking tools and operations involving over 20 countries. The breach underscores the depth of state-backed cyber espionage and the need for improved cybersecurity defenses. #Knownsec #CyberEspionage…
Siemens’ SICAM P850 and P855 products are affected by vulnerabilities that could allow remote exploits, such as CSRF and incorrect permission issues. CISA advises updating to version 3.11 or later and restricting network access to mitigate these risks. #Siemens #ICSVulnerabilities…
The National Cyber Threat Assessment 2025-2026 provides a detailed analysis of the evolving cyber threat landscape facing Canada, highlighting aggressive state-sponsored activities from China, Russia, Iran, North Korea, and India alongside persistent cybercrime threats like ransomware. The report emphasizes the growing complexity, the use of Cybercrime-as-a-Service models, and the increasing targeting of critical infrastructure, urging collaboration to enhance national cyber resilience. #VoltTyphoon #MidnightBlizzard #CybercrimeAsAService #PRC #RussianCyberThreat
.jpg "An Insider Look At The IRGC-linked APT35 Operations: Ep3 – Malware Arsenal & Tooling | CloudSEK")
Episode 3 disclosures reveal APT35/Charming Kitten’s full malware development pipeline, including two RAT families (Saqeb System and RAT-2AC2), custom ASP webshells (m0s.asp variants), training materials, QA procedures, and operational tooling used from 2022–2025. The collection documents targeted regional operations against aviation, law enforcement, and infrastructure with preparations for ransomware (Moses’ Staff) and SCADA reconnaissance. #SaqebSystem #RAT-2AC2
Siemens has reported multiple vulnerabilities affecting their LOGO! series devices, with some vulnerabilities allowing remote code execution and device manipulation. CISA recommends implementing workarounds and staying updated through Siemens’ security advisories to mitigate potential risks. #Siemens #LOGO! #ICSVulnerabilities…
The Cybersecurity and Infrastructure Security Agency (CISA) and partners released an updated advisory on Akira ransomware, highlighting new tactics, techniques, and indicators of compromise. The threat actors continue to target various sectors, exploiting vulnerabilities in edge devices, backup servers, and using advanced evasion and lateral movement strategies. #AkiraRansomware #Storm1567 #VulnerabilityExploitation…
Brightpick AI’s warehouse automation platform has multiple critical vulnerabilities, including unprotected access and credential exposure, risking sensitive data and control of robotic functions. Authorities like CISA recommend strict network controls and secure remote access to mitigate these threats. #BrightpickAI #CISAVulnerabilities…
Valley Plains Equipment has fallen victim to a ransomware attack orchestrated by the threat actor “play,” resulting in significant operational disruptions. The attack highlights vulnerabilities within U.S. based companies to cyber threats targeting critical infrastructure. #UnitedStates
The Akira ransomware group has amassed over $244 million through its cyberattacks, targeting critical infrastructure and business systems worldwide. They utilize sophisticated methods, including vulnerability exploitation and credential theft, to gain access and deploy ransomware on vulnerable systems. #AkiraRansomware #CVE202440766…
This article highlights the top 100 cybersecurity leaders in the U.S. who are shaping a safer digital future through innovation, policy, and leadership. Their efforts span government, private sector, and academia, reflecting the critical importance of cybersecurity in national security and infrastructure protection. #ColonialPipeline #FederalCybersecurityFunding…
Ransomware attacks surged to 623 incidents in October 2025, the second-highest monthly total on record, driven by groups such as Qilin, Akira, Sinobi, Medusa, Cl0p, Warlock, BlackSuit, The Gentlemen, and others. Key exploited vulnerabilities and tactics included CVE-2025-61882 (Oracle E-Business Suite), CVE-2025-10035 (GoAnywhere), deserialization RCEs, abuse of legitimate remote management tools, and supply-chain targeting. #Qilin #Sinobi
The U.S. CISA warns that the Akira ransomware group poses an imminent threat to critical infrastructure and uses various exploits and tactics for initial access and persistence. The group has accumulated over $244 million in ransom payments and continues to exploit known vulnerabilities to execute attacks. #AkiraRansomware #Vulnerabilities #CISA…