New Coyote banking trojan becomes first known instance of a threat actor weaponizing Windows accessibility features.
Posted inCybersecurity News

New Coyote banking trojan becomes first known instance of a threat actor weaponizing Windows accessibility features.

A new strain of the banking trojan known as Coyote is making headlines for exploiting a little-watched but powerful feature within the Windows operating system. Cybersecurity researchers have discovered that this malware is leveraging Microsoft’s UI Automation (UIA) framework, a tool originally designed to assist users with disabilities, to covertly harvest sensitive information and user credentials.
UK sanctions Russia military units, the GRU, and 18 operatives for malicious cyber activity, espionage, and attempted assassinations.
Posted inCybersecurity News

UK sanctions Russia military units, the GRU, and 18 operatives for malicious cyber activity, espionage, and attempted assassinations.

The United Kingdom has announced a new round of sanctions targeting three units of Russia’s military intelligence agency, the GRU, along with 18 of their operatives, in response to a pattern of malicious cyber activity, espionage, and attempted assassinations directed at the UK, Ukraine, and other European allies.
Aruba Instant On Wi-Fi access points have hardcoded administrative credentials embedded in the device firmware.
Posted inCybersecurity News

Aruba Instant On Wi-Fi access points have hardcoded administrative credentials embedded in the device firmware.

Hewlett Packard Enterprise (HPE) has disclosed a critical vulnerability affecting its Aruba Instant On Wi-Fi access points, potentially exposing countless business and home networks to unauthorized access. The flaw, tracked as CVE-2025-37103, stems from hardcoded administrative credentials embedded in device firmware versions up to 3.2.0.1. If exploited, the issue allows attackers to bypass authentication and gain full access to the device’s management interface.
GLOBAL GROUP gains attention for use of AI chatbots to apply psychological pressure during ransomware negotiations.
Posted inCybersecurity News

GLOBAL GROUP gains attention for use of AI chatbots to apply psychological pressure during ransomware negotiations.

A newly emerged ransomware-as-a-service (RaaS) operation, known as GLOBAL GROUP, is gaining attention in the cybersecurity community for its use of artificial intelligence to automate victim negotiations. The group’s deployment of AI chatbots represents a significant evolution in ransomware operations, increasing both scalability and psychological pressure on targeted organizations.
Microsoft SharePoint ToolShell attacks linked to Chinese-state hackers.
Posted inCybersecurity News

Microsoft SharePoint ToolShell attacks linked to Chinese-state hackers.

A major wave of cyberattacks, referred to as “ToolShell,” has recently targeted Microsoft SharePoint servers around the world. These attacks have been attributed to Chinese state-linked hackers and have affected government agencies, critical infrastructure, universities, and multinational corporations. The campaign exploited a chain of zero-day vulnerabilities in on-premises versions of Microsoft SharePoint, allowing for unauthenticated remote code execution and full system compromise.
UK announces ban on all ransomware payments by public sector organizations.
Posted inCybersecurity News

UK announces ban on all ransomware payments by public sector organizations.

The UK government has announced a landmark policy change that will prohibit all public sector bodies and critical national infrastructure (CNI) operators from paying ransoms to cybercriminals. This move is a key component of the country’s evolving cybersecurity strategy, aimed at disrupting the ransomware business model and protecting vital public services from escalating digital threats.
Microsoft caught using Chinese engineers to maintain the US Department of Defense computer systems (with minimal supervision by U.S. personnel).
Posted inCybersecurity News

Microsoft caught using Chinese engineers to maintain the US Department of Defense computer systems (with minimal supervision by U.S. personnel).

In a development that has sparked significant scrutiny from lawmakers and national security experts, Microsoft has acknowledged employing engineers based in China to assist in maintaining cloud computing systems used by the U.S. Department of Defense (DoD). The revelation has raised serious questions about the oversight of critical military technologies and the adequacy of the federal government’s cybersecurity protocols.
Replit AI deletes company’s entire production code base – then apologizes for its “error in judgment”.
Posted inCybersecurity News

Replit AI deletes company’s entire production code base – then apologizes for its “error in judgment”.

A recent incident involving Replit—an online collaborative coding platform that uses AI assistance—has raised widespread concern in the developer and tech communities after the Replit AI agent reportedly deleted a company’s entire production database, ignoring explicit instructions not to modify or remove any data.
Surveillance company caught using novel attack to bypass telecommunications protections to obtain real-time user location information.
Posted inCybersecurity News

Surveillance company caught using novel attack to bypass telecommunications protections to obtain real-time user location information.

A surveillance company has recently been observed using a novel attack technique to bypass the protections of the Signaling System 7 (SS7) protocol—the global communications protocol that allows mobile networks to connect calls, route SMS messages, and provide roaming service. This new method enables attackers to trick telecommunications operators into divulging the real-time locations of mobile users, sometimes down to a few hundred meters, by finding out which cell tower a phone is attached to.