No honor among thieves. DOJ investigaes ransomware negotiator for alleged extortion kickbacks.
Posted inCybersecurity News

No honor among thieves. DOJ investigaes ransomware negotiator for alleged extortion kickbacks.

The U.S. Department of Justice (DOJ) has initiated a criminal investigation into a former ransomware negotiator at DigitalMint, a leading Chicago-based firm specializing in ransomware response and cryptocurrency payments. The investigation focuses on allegations that the ex-employee collaborated with ransomware gangs to profit illicitly from extortion payments.
NimDoor: Resilient macOS malware targets Web3 and cryptocurrency organizations.
Posted inCybersecurity News

NimDoor: Resilient macOS malware targets Web3 and cryptocurrency organizations.

A newly identified macOS malware family, dubbed NimDoor, is raising serious concerns among cybersecurity professionals due to its advanced persistence mechanisms and focus on the Web3 and cryptocurrency sectors. Security researchers have attributed NimDoor’s operations to North Korean (DPRK) threat actors, highlighting a significant escalation in the sophistication of macOS-targeted attacks.
Hunters International Ransomware Group shuts down and rebrands as World Leaks with new emphasis on extortion.
Posted inCybersecurity News

Hunters International Ransomware Group shuts down and rebrands as World Leaks with new emphasis on extortion.

The notorious ransomware group Hunters International has announced its shutdown, but cybersecurity experts confirm this is not the end of its operations. Instead, the group is rebranding and shifting its focus, now operating under the name World Leaks with a new emphasis on data theft and extortion rather than traditional ransomware attacks.
And we wonder why we have so many zero-days. Cisco says some dolt embedded hardcoded SSH credentials in its widely deployed enterprise communications platforms.
Posted inCybersecurity News

And we wonder why we have so many zero-days. Cisco says some dolt embedded hardcoded SSH credentials in its widely deployed enterprise communications platforms.

Cisco has issued an urgent security advisory regarding a critical vulnerability in its widely deployed enterprise communications platforms, specifically Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). This vulnerability, tracked as CVE-2025-20309, poses a severe risk to organizations due to the presence of hardcoded SSH credentials that could allow attackers to gain full control over affected systems.
European Union Unveils Ambitious Plan for Quantum-Secure Infrastructure.
Posted inCybersecurity News

European Union Unveils Ambitious Plan for Quantum-Secure Infrastructure.

The European Union has announced a sweeping new initiative to implement quantum-secure infrastructure, positioning Europe at the forefront of the global quantum technology race. The comprehensive plan, outlined in the recently unveiled EU Quantum Strategy, aims to establish a robust, quantum-safe communication network and accelerate the continent’s transition to post-quantum cryptography by 2030.
Russian APT Group ‘Gamaredon’ intensifies cyber-espionage operations against Ukranian government.
Posted inCybersecurity News

Russian APT Group ‘Gamaredon’ intensifies cyber-espionage operations against Ukranian government.

The Russian state-sponsored threat group known as Gamaredon has significantly escalated its cyber-espionage operations against Ukrainian government and military organizations, according to recent threat intelligence reports. Leveraging sophisticated spear-phishing techniques and continuously evolving malware, Gamaredon remains a persistent and formidable adversary in the ongoing cyber conflict between Russia and Ukraine.
ChatGPT code leak hint that ChatGPT may soon gain the ability to interact with browsers and APIs directly, automating tasks and acting more like an AI agent than a traditional chatbot.
Posted inCybersecurity News

ChatGPT code leak hint that ChatGPT may soon gain the ability to interact with browsers and APIs directly, automating tasks and acting more like an AI agent than a traditional chatbot.

Recent leaks indicate that OpenAI is preparing to integrate an Operator-like tool into ChatGPT, potentially coinciding with the launch of GPT-5. Code references discovered in both the ChatGPT web app and Android beta versions include terms such as “click,” “drag,” “type,” and “terminal feed,” strongly suggesting that ChatGPT may soon be able to interact with a remote browser or a sandboxed environment—capabilities reminiscent of OpenAI's existing Operator agent.
Move along. There’s nothing to see here. Microsoft ways just ignore any firewall errors after upgrading to Windows 11 24H2 Preview.
Posted inCybersecurity News

Move along. There’s nothing to see here. Microsoft ways just ignore any firewall errors after upgrading to Windows 11 24H2 Preview.

Following the recent rollout of the Windows 11 24H2 preview update (KB5060829), users and IT administrators have reported a surge in error messages related to Windows Firewall With Advanced Security. The issue, which manifests as recurring entries in the Event Viewer, has raised questions and concerns across the Windows community.
Well, there goes American spycraft. CISA Issues Urgent Warning Over Exploited Vulnerabilities in Signal Clone Used by Federal Agencies
Posted inCybersecurity News

Well, there goes American spycraft. CISA Issues Urgent Warning Over Exploited Vulnerabilities in Signal Clone Used by Federal Agencies

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive following the active exploitation of critical security vulnerabilities in TeleMessage TM SGNL, a secure messaging application modeled after Signal and widely used by federal agencies and national security personnel.