LATEST POST
Crimson Collective claims to have hacked Nintendo
Computing.co.uk reports; Notorious hacking group Crimson Collective has claimed responsibility for a major breach of Nintendo’s internal systems. Crimson Collective says it has access to sensitive production assets, developer files, and backup data. This claim was given weight by cybersecurity intelligence firm Hackmanac which shared a screenshot on X purportedly showing folders labeled “Production Assets,” “Dev Builds,” […]
DDoS Botnet Aisuru Blankets US ISPs in Record DDoS
KrebsOnSecurity.com reports: The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet’s attacks, which shattered […]
FBI Alert: Update Red Hat OpenShift AI Now
The FBI urges all organizations using Red Hat’s OpenShift AI platform to address a 9.9/10 security flaw. It allows an attacker with authenticated access to a low-privileged account to escalate privileges, potentially leading to stolen data, disrupted services, and complete takeover of the underlying infrastructure. If you have OpenShift deployed in your environment, urgent action is […]
Policyholder Plot Twist: Cyber Insurer Sues Policyholder’s Cyber Pros
Hunton Andrews Kurth writes: When a cyber incident occurs and the insurer pays out the claim, they often face the frustrating reality that pursuing the actual criminals – the threat actors – for indemnification is virtually impossible. Thus, insurers are now turning to subrogation claims against the very cybersecurity vendors entrusted by policyholders to protect […]
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions (1)
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing resources in what they describe as an increasingly “challenging” ransomware business environment. DragonForce, Qilin, and LockBit announced the partnership in early September, with DragonForce proposing the collaboration shortly after LockBit reemerged with its LockBit 5.0 […]
Hackers claim Discord breach exposed data of 5.5 million users
Bleeping Computer reports: Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs […]
Nearly a third of Mississippi state agencies fail cybersecurity requirements
The Vicksburg Daily News reports on the findings by the state auditor: According to Mississippi State Auditor Shad White, a third of state offices are at risk of cybercrimes due to not meeting cybersecurity assessment requirements according to a report released yesterday, Tuesday, Oct. 7. Auditor Shad White stated in the release, “Part of our […]
Critical Vulnerability Alert: Oracle E-Business Suite
The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch and hunt promptly: Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14. The vulnerability allows unauthenticated attackers to execute […]