The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files. […]
Pro-Russian hackers blamed for water dam sabotage in Norway
The Norwegian Police Security Service (PST) says that pro-Russian hackers took control of critical operation systems at a dam and opened outflow valves. […]
New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks.
“MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous
“MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous
Microsoft fixes Windows Server bug causing cluster, VM issues
Microsoft has resolved a known issue that triggers Cluster service and VM restart issues after installing July’s Windows Server 2019 security updates. […]
Booking.com phishing campaign uses sneaky ‘ん’ character to trick you
Threat actors are leveraging a Unicode character to make phishing links appear like legitimate Booking.com links in a new campaign distributing malware. The attack makes use of the Japanese hiragana character, ん, which can, on some systems, appear as a forward slash and make a phishing URL appear realistic to a person at first. […]
When Theft Replaces Encryption: Blue Report 2025 on Ransomware & Infostealers
Ransomware and infostealers are winning on stealth, not encryption. Picus Blue Report 2025 reveals just 3% of data exfiltration attempts are stopped. Find and fix your biggest exposure gaps before they’re exploited. […]
Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution
Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core.
The post Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution appeared first on SecurityWeek.
Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS
Japan’s CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system control.
The agency said the activity was detected between September and December 2024, targeting
The agency said the activity was detected between September and December 2024, targeting
Canada’s House of Commons investigating data breach after cyberattack
The House of Commons of Canada is currently investigating a data breach after a threat actor reportedly stole employee information in a cyberattack on Friday. […]
CISA Warns of Attacks Exploiting N-able Vulnerabilities
CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched.
The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek.