International Criminal Court (ICC) admits that last week, it was targeted by a “sophisticated and targeted cyberattack” but offers few additional details.
Posted inCybersecurity News

International Criminal Court (ICC) admits that last week, it was targeted by a “sophisticated and targeted cyberattack” but offers few additional details.

The International Criminal Court (ICC) announced on Monday that it is investigating a new “sophisticated and targeted” cyberattack that struck its systems late last week. The breach was detected and contained by the ICC’s internal alert and response mechanisms, and a court-wide impact analysis is underway to assess any damage or potential data compromise. The ICC has not disclosed details about the nature of the attack, its impact, or the identity or motive of the attackers, and declined to say whether any confidential information was accessed or stolen.
Healthcare provider Esse Health reports that April 2025 data breach leaked personal information of more than 263,000 individuals.
Posted inCybersecurity News

Healthcare provider Esse Health reports that April 2025 data breach leaked personal information of more than 263,000 individuals.

Esse Health, a major healthcare provider in Missouri, reported that the personal information of over 263,000 individuals was stolen during a cyberattack in April 2025. The breach was discovered on April 21, 2025, and significantly disrupted Esse Health’s operations by impacting access to its electronic medical record system and taking down its phone system.
Cloudflare blocks AI crawlers from content on websites it protects.
Posted inCybersecurity News

Cloudflare blocks AI crawlers from content on websites it protects.

Cloudflare has reversed its AI crawler policy from an optional block to a default block, fundamentally changing how AI bots can access content on the websites it protects. Previously, website owners had to opt in to block AI crawlers, but now, all new Cloudflare sites automatically block AI bots unless explicit permission is granted by the site owner. This makes Cloudflare the first major internet infrastructure provider to enforce a permission-based, opt-in model for AI content access.
Ask a LLM to take you to a company’s login page, and there’s a 1 in 3 chance it will send you to someone else’s website.
Posted inCybersecurity News

Ask a LLM to take you to a company’s login page, and there’s a 1 in 3 chance it will send you to someone else’s website.

A recent study by Netcraft highlights a significant security risk posed by large language models (LLMs) when users ask them for login URLs of well-known brands. In their research, Netcraft found that 34% of the URLs provided by a popular LLM in response to natural language queries about where to log in to 50 major brands were not actually owned or controlled by those brands.
Johnson Controls informed customers about data breach that exposed 27 terabytes of information from over 76 million households and 7 million small businesses.
Posted inCybersecurity News

Johnson Controls informed customers about data breach that exposed 27 terabytes of information from over 76 million households and 7 million small businesses.

Johnson Controls has started notifying individuals affected by the major data breach and ransomware attack that occurred in September 2023. The breach, attributed to the Dark Angels ransomware group, resulted in the theft of over 27 terabytes of data, including sensitive corporate information, building floor plans, client details, and potentially personal information of individuals associated with Johnson Controls and its clients.
Researchers find critical vulnerabilities in Microsens’ NMP Web+ network management platform that allow remote takeover of ICS.
Posted inCybersecurity News

Researchers find critical vulnerabilities in Microsens’ NMP Web+ network management platform that allow remote takeover of ICS.

Critical vulnerabilities in Microsens’ NMP Web+ network management platform have been discovered that allow unauthenticated attackers to remotely compromise industrial control systems. These flaws enable full system takeover through authentication bypass and arbitrary code execution, affecting versions 3.2.5 and earlier on both Windows and Linux platforms.
Google releases urgent Chrome updates to address a critical zero-day vulnerability that is currently being exploited in the wild.
Posted inCybersecurity News

Google releases urgent Chrome updates to address a critical zero-day vulnerability that is currently being exploited in the wild.

Google has released urgent security updates for Chrome to address a critical zero-day vulnerability, CVE-2025-6554, which is actively being exploited in the wild. This flaw is a type confusion vulnerability in the V8 JavaScript and WebAssembly engine, the core component responsible for running JavaScript in Chrome and other Chromium-based browsers.
Interpol says digital crime hubs are emerging in West Africa, and many rely on victims of human trafficking for their operations.
Posted inCybersecurity News

Interpol says digital crime hubs are emerging in West Africa, and many rely on victims of human trafficking for their operations.

Interpol has recently warned that West Africa is emerging as a new regional hub for digital crimes, particularly online scam centers, alongside Central America and the Middle East. This shift marks a significant development in the global landscape of cyber-enabled crime, which was previously concentrated in Southeast Asia.