CISA adds 3 vulnerabilities to KVE catalog. Urgent patching advised.
Posted inCybersecurity News

CISA adds 3 vulnerabilities to KVE catalog. Urgent patching advised.

Today, the Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding three recently discovered and actively exploited security flaws. The newly cataloged vulnerabilities affect widely used business software and network devices, underscoring the persistent threat landscape and the critical importance of rapid patch management for organizations in all sectors, especially those overseeing critical infrastructure.
Scattered Spider shifts gears and begins exploiting VMware’s ESXi to deploy ransomware on critical U.S. infrastructure.
Posted inCybersecurity News

Scattered Spider shifts gears and begins exploiting VMware’s ESXi to deploy ransomware on critical U.S. infrastructure.

A highly active and sophisticated cybercriminal collective known asΒ Scattered Spiderβ€”also referred to as UNC3944, 0ktapus, Octo Tempest, and Muddled Libraβ€”has escalated its attacks on critical U.S. infrastructure by targeting the VMware ESXi hypervisor, a core component of many enterprise data centers. By deploying ransomware on these systems, the group has successfully disrupted a range of sectors, highlighting the growing risks associated with virtualized environments.
France categorically denies that hackers breached their leading defense contractor’s systems. Hackers then post code and architecture details for naval combat systems.
Posted inCybersecurity News

France categorically denies that hackers breached their leading defense contractor’s systems. Hackers then post code and architecture details for naval combat systems.

Naval Group, France’s leading defense contractor, has publicly denied claims of a significant cyber-attack after reports circulated online suggesting the firm’s internal systems had been breached. The company, which is majority-owned by the French government and recognized for its role in producing advanced naval vessels, including submarines and aircraft carriers, is at the center of a growing cybersecurity controversy.
In what could be the most significant cyberattack targeting Russian civil infrastructure, hackers say they took down Aeroflot, Russia’s largest airline.
Posted inCybersecurity News

In what could be the most significant cyberattack targeting Russian civil infrastructure, hackers say they took down Aeroflot, Russia’s largest airline.

Russia’s flagship carrier, Aeroflot, faced a widespread disruption on Monday morning as a catastrophic failure of its information technology systems forced the airline to cancel dozens of flights. The incident affected both domestic and international operations, leaving thousands of passengers stranded and triggering a criminal investigation.
Congress Targets AI-Driven β€œSurveillance Pricing” with Groundbreaking Legislation.
Posted inCybersecurity News

Congress Targets AI-Driven β€œSurveillance Pricing” with Groundbreaking Legislation.

In response to mounting concerns about the use of artificial intelligence (AI) to set individualized consumer prices and wages, lawmakers in Congress have unveiled a landmark proposal: the Stop AI Price Gouging and Wage Fixing Act of 2025. Sponsored by Rep. Greg Casar (D-Texas) and Rep. Rashida Tlaib (D-Mich.), the bill seeks to prohibit the use of personal data by companies to algorithmically determine prices and pay rates, a growing practice known as β€œsurveillance pricing.”
Global Operation Disrupts BlackSuit Ransomware Group With Major Dark Web Seizures
Posted inCybersecurity News

Global Operation Disrupts BlackSuit Ransomware Group With Major Dark Web Seizures

In a coordinated international law enforcement effort dubbed Operation Checkmate, authorities have successfully seized the key dark web domains operated by BlackSuit, one of the world’s most prolific ransomware gangs. This operation marks a significant advance in the global battle against ransomware, crippling a network that extorted hundreds of organizations and garnered over half a billion dollars in ransom payments.
NRO confirms recent cyber intrusion but says no classified data was exposed, SharePoint link unclear.
Posted inCybersecurity News

NRO confirms recent cyber intrusion but says no classified data was exposed, SharePoint link unclear.

The U.S. National Reconnaissance Office (NRO) has confirmed a recent cyber intrusion affecting its unclassified Acquisition Research Center (ARC) portal, a network separate from its classified internal systems. While the agency asserts that no classified information was exposed, the incident highlights ongoing concerns over the security of government infrastructure in the wake of widespread cyberattacks exploiting Microsoft SharePoint vulnerabilities.
NASCAR Confirms Medusa Ransomware Attack Following $4 Million Extortion Demand.
Posted inCybersecurity News

NASCAR Confirms Medusa Ransomware Attack Following $4 Million Extortion Demand.

NASCAR, the premier organization in American motorsports, has confirmed it was the victim of a sophisticated ransomware attack orchestrated by the notorious cybercriminal group Medusa. The breach, which initially went undetected until June 24, 2025, resulted in the exfiltration of more than one terabyte of sensitive data from NASCAR’s internal systems.
BreachForums Resurfaces on Its Original Dark Web Address Amid Heightened Scrutiny
Posted inCybersecurity News

BreachForums Resurfaces on Its Original Dark Web Address Amid Heightened Scrutiny

BreachForums, one of the most infamous hubs for hacking and illicit data trading, has unexpectedly resurfaced on its original .onion address on the dark web as of July 25–26, 2025. This reemergence comes after several months of law enforcement pressure, community suspicion, and widespread disruption within the underground cybercrime ecosystem.