Operation Eastwood takes down more than 100 DDoS servers used to support Russia’s invasion of Ukraine.
Posted inCybersecurity News

Operation Eastwood takes down more than 100 DDoS servers used to support Russia’s invasion of Ukraine.

In a major international effort, law enforcement agencies across 19 countries have successfully disrupted a vast network of servers used to carry out cyberattacks in support of Russia’s invasion of Ukraine. The coordinated action, codenamed Operation Eastwood, targeted the pro-Russian hacktivist group NoName057(16), known for orchestrating large-scale distributed denial-of-service (DDoS) attacks against Ukraine and its allies.
Google patches zero-day in Chrome browser that would have allowed attackers to escape Chrome’s sandbox.
Posted inCybersecurity News

Google patches zero-day in Chrome browser that would have allowed attackers to escape Chrome’s sandbox.

Google has released a security update for its Chrome browser addressing a high-severity zero-day vulnerability that was actively exploited in the wild. The flaw, tracked as CVE-2025-6558, allowed attackers to escape Chrome’s sandbox—a key security feature designed to isolate browser processes from the host operating system.
Air Serbia becomes the next airline under siege as a cyberattack disrupts internal systems.
Posted inCybersecurity News

Air Serbia becomes the next airline under siege as a cyberattack disrupts internal systems.

Air Serbia, the national carrier of Serbia, is currently battling the aftermath of a significant cyberattack that has disrupted internal systems and delayed the issuance of employee payslips. Aviation industry sources confirmed that the airline alerted staff earlier this month about growing cybersecurity concerns, which culminated in a temporary halt to the distribution of payroll documents for June 2025.
Google’s AI “Big Sleep” agent foils exploitation of previously unknown critical software vulnerability.
Posted inCybersecurity News

Google’s AI “Big Sleep” agent foils exploitation of previously unknown critical software vulnerability.

In a groundbreaking development for cybersecurity, Google has announced that its artificial intelligence agent successfully identified and thwarted an attempt to exploit a previously unknown critical vulnerability. This marks the first known instance in which an AI system proactively prevented the exploitation of a zero-day vulnerability, underscoring the growing role of artificial intelligence in safeguarding digital infrastructure.
New threat intelligence assessment says predominant threats to most sectors over the next 12 months will come from domestic violent extremists.
Posted inCybersecurity News

New threat intelligence assessment says predominant threats to most sectors over the next 12 months will come from domestic violent extremists.

According to a recent threat intelligence assessment by the Insikt Group, domestic violent extremists (DVEs) operating within the United States pose a growing and evolving risk to both public and private sector organizations. Over the next twelve months, the predominant threats from these actors are expected to take the form of targeted attacks against individuals and sabotage of critical facilities—tactics that reflect a shift away from mass-casualty events toward more calculated and disruptive actions.
Critical Golden dMSA attack in Windows Server 2025 lets attackers enable cross-domain lateral movement.
Posted inCybersecurity News

Critical Golden dMSA attack in Windows Server 2025 lets attackers enable cross-domain lateral movement.

Windows Server 2025 introduces delegated Managed Service Accounts (dMSA), designed to bolster identity security in Active Directory environments. However, recent research from Semperis and Akamai, supported by industry analysis, has revealed a critical flaw known as the "Golden dMSA attack." This vulnerability threatens to undermine foundational identity controls across large enterprises and government networks.
Computer hacker with Android robot on desk
Posted inCybersecurity News

A counterfeit Android Telegram app is being spread from more than 600 malicious domains.

A newly observed Android malware campaign is leveraging more than 600 malicious domains to distribute counterfeit versions of the Telegram messaging app. The operation, which primarily targets Chinese-speaking users, has raised concerns in the cybersecurity community due to its scale, sophistication, and exploitation of old Android vulnerabilities.
Ex-U.S. Soldier Cameron Wagenius Pleads Guilty in Telecom Hacking and Extortion Case.
Posted inCybersecurity News

Ex-U.S. Soldier Cameron Wagenius Pleads Guilty in Telecom Hacking and Extortion Case.

Cameron John Wagenius, a 21-year-old former U.S. Army soldier from Texas, has pleaded guilty to federal charges stemming from a wide-ranging cybercrime and extortion scheme that targeted major telecommunications providers, including AT&T and Verizon. The admissions of guilt follow a federal investigation into a coordinated hacking operation that spanned from April 2023 through December 2024.