Qilin ransomware-as-a-service (RaaS) adds a “call an attorney” feature to pressure victims to pay.
Posted inCybersecurity News

Qilin ransomware-as-a-service (RaaS) adds a “call an attorney” feature to pressure victims to pay.

The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme have recently introduced a “Call Lawyer” feature, offering legal counsel to their affiliates as a means to increase pressure on victims during ransom negotiations. This development is part of a broader strategy to make Qilin stand out in the cybercrime marketplace by providing a full suite of services to affiliates, including legal assistance, negotiation support, data storage, DDoS capabilities, and even media support.
How to hijack a television broadcast signal.
Posted inExploitation

How to hijack a television broadcast signal.

Broadcast signal hijacking—also known as broadcast signal intrusion—is the unauthorized takeover of television (or radio) signals, allowing attackers to inject their own content into a broadcast. Over the years, several methods have been used to achieve this, ranging from physical tampering to sophisticated cyberattacks.
Iran’s state-owned TV broadcaster hacked to air calls for street protests.
Posted inCybersecurity News

Iran’s state-owned TV broadcaster hacked to air calls for street protests.

On Wednesday night, June 18, 2025, Iran’s state-owned television broadcaster was hacked, interrupting regular programming to air videos calling for street protests against the Iranian government. The broadcast was briefly hijacked, with footage showing women cutting their hair and messages urging citizens to “rise up” and “take control of your future”. The disruption was widely shared on social media and quickly drew both domestic and international attention.
You’ve been dragged through hell and emerged bruised and battered. Now how do you conduct an effective post-incident review?
Posted inCybersecurity Defense

You’ve been dragged through hell and emerged bruised and battered. Now how do you conduct an effective post-incident review?

When an incident occurs—whether it’s a security breach, a system outage, or a critical business disruption—the immediate priority is resolution. But once the dust settles, the real opportunity lies in learning from the event to strengthen your organization’s resilience. Conducting an effective post-incident review (PIR) is essential for continuous improvement, risk mitigation, and fostering a culture of transparency and trust.
Confirmed – FreeType zero-day (reported by Meta) was exploited in Paragon spyware attacks.
Posted inCybersecurity News

Confirmed – FreeType zero-day (reported by Meta) was exploited in Paragon spyware attacks.

SecurityWeek reported this week that WhatsApp, owned by Meta, confirmed its researchers had requested the CVE identifier CVE-2025-27363 after linking the flaw to an exploit used by Paragon, an Israeli surveillance solutions provider. The vulnerability, CVE-2025-27363, is an out-of-bounds write in the FreeType open-source library, which could allow for arbitrary code execution. This flaw was initially highlighted in a Meta advisory in mid-March 2025, warning that it may have been exploited in the wild.
WordPress theme, Motors, populer in automotive industry, is actively exploited via improper validation during password updates.
Posted inCybersecurity News

WordPress theme, Motors, populer in automotive industry, is actively exploited via improper validation during password updates.

A critical-severity vulnerability (CVE-2025-4322) was discovered in the popular Motors theme for WordPress, affecting all versions up to and including 5.6.67. This flaw allowed unauthenticated attackers to escalate privileges by resetting passwords for any user, including administrators, resulting in full site takeover.
Sophisticated Android MaaS malware, AntiDot, has compromised over 3,775 devices.
Posted inCybersecurity News

Sophisticated Android MaaS malware, AntiDot, has compromised over 3,775 devices.

Cybersecurity researchers have recently exposed the inner workings of a sophisticated Android malware called AntiDot, which has compromised over 3,775 devices across 273 distinct campaigns. AntiDot is operated by the financially motivated threat actor group LARVA-398 and is actively sold as Malware-as-a-Service (MaaS) on underground forums, enabling a wide range of mobile attack campaigns.
Those hackers that siphoned millions of Iranian crypto just burned the house down. $90 million in crypto vaporized alongside taunts against Iran’s Revolutionary Guard!
Posted inCybersecurity News

Those hackers that siphoned millions of Iranian crypto just burned the house down. $90 million in crypto vaporized alongside taunts against Iran’s Revolutionary Guard!

Remember those wily hackers that siphoned $90 million from Nobitex, Iran’s largest cryptocurrency exchange yesterday? Today, they taunted Iran's Revolutionary Guard Corps and then burned the entire pile of crypto. More than $90 million vaporized! The stunning $90 million destruction marks a brazen escalation in the covert cyber war that has simmered between Israel and Iran for more than a decade.