What we know about the SimpleHelp Remote Monitoring and Management cyberattack.
Posted inCybersecurity News

What we know about the SimpleHelp Remote Monitoring and Management cyberattack.

In June 2025, a significant cyberattack targeted organizations using SimpleHelp’s Remote Monitoring and Management (RMM) software. The attack exploited unpatched vulnerabilities in SimpleHelp, most notably CVE-2024-57727, a path traversal flaw that allowed ransomware actors to compromise systems, steal sensitive data, and deploy ransomware in double extortion schemes.
Researchers see dramatic escalation in cyberthreats linked to Israel-Iran conflict – Here’s how to prepare for cyberwar.
Posted inCybersecurity News

Researchers see dramatic escalation in cyberthreats linked to Israel-Iran conflict – Here’s how to prepare for cyberwar.

As expected, there has been clear, well-documented evidence of a dramatic escalation in cyberthreats linked to the ongoing Israel-Iran conflict. This surge includes both the frequency and sophistication of attacks, with direct implications for Israel, Iran, their allies, and potentially the United States' infrastructure.
Hacker in front of China Chinese flag
Posted inCybersecurity News

Silver Fox is ramping up attacks against Taiwan using malware variants linked to the Gh0st RAT family.

Silver Fox APT (also known as Void Arachne) has intensified cyberattacks against Taiwan using sophisticated malware variants linked to the Gh0st RAT family, including Winos 4.0 and ValleyRAT. While “Gh0stCringe” and “HoldingHands RAT” are not explicitly named in recent reports, the group’s tactics align with evolving Gh0st RAT derivatives.
Cybercriminals are leveraging Hacklink to manipulate search engine rankings and load malware to compromised sites.
Posted inCybersecurity News

Cybercriminals are leveraging Hacklink to manipulate search engine rankings and load malware to compromised sites.

Cybercriminals are using a black-market SEO platform called Hacklink to manipulate search engine rankings and promote malicious content through compromised websites. Hacklink serves as a marketplace where attackers can purchase access to thousands of compromised sites, often targeting high-reputation domains such as .gov, .edu, or country-code TLDs. These domains are highly valued for their trustworthiness in search algorithms.
Emerging group, Water Curse, is weaponizing GitHub repositories and targeting cybersecurity professionals.
Posted inCybersecurity News

Emerging group, Water Curse, is weaponizing GitHub repositories and targeting cybersecurity professionals.

A newly identified threat actor, known as Water Curse, has launched a sophisticated supply chain attack targeting information security professionals, developers, red teamers, game developers, and DevOps teams. The campaign leverages weaponized GitHub repositories—at least 76 compromised accounts—to distribute advanced, multistage malware through seemingly legitimate open-source projects.
US insurance industry warned of uptick in Scattered Spider attacks.
Posted inCybersecurity News

US insurance industry warned of uptick in Scattered Spider attacks.

Cybersecurity experts and Google’s Threat Intelligence Group (GTIG) issued urgent warnings to the US insurance industry regarding a surge of cyberattacks believed to be orchestrated by the hacker collective known as Scattered Spider. This group, also tracked as UNC3944, 0ktapus, Muddled Libra, and other aliases, is infamous for sophisticated social engineering campaigns that have previously targeted sectors such as retail, casinos, telecommunications, and financial services in both the US and UK.
New research suggests several legit AdTech companies, including Los Pollos and RichAds, are linked with cybercriminal operations.
Posted inCybersecurity News

New research suggests several legit AdTech companies, including Los Pollos and RichAds, are linked with cybercriminal operations.

Recent research from Infoblox Threat Intel has uncovered extensive links between seemingly legitimate AdTech companies—specifically Los Pollos, Partners House, BroPush, and RichAds—and cybercriminal operations, particularly those distributing malware and running large-scale scam campaigns through compromised websites.
Washington Post breach leaks journalists’ email accounts and sensitive email messages.
Posted inCybersecurity News

Washington Post breach leaks journalists’ email accounts and sensitive email messages.

In mid-June 2025, The Washington Post disclosed a significant cyberattack targeting its email system, resulting in the compromise of several journalists’ Microsoft email accounts. The breach was discovered on a Thursday evening, and staff were notified via an internal memo on Sunday, June 15, 2025. The memo, signed by Executive Editor Matt Murray, described the breach as a “possible targeted unauthorized intrusion”.