The cryptocurrency ecosystem is experiencing heightened scrutiny from both regulatory authorities and criminal organizations, as Google Play implements stringent publishing requirements for crypto applications while the FBI warns of sophisticated recovery scams targeting previous fraud victims. These developments highlight the…
Category: EN
Threat Actors Use Advanced Tactics to Personalize Phishing for Malware Delivery
Threat actors are using topic customization as a more advanced strategy in targeted malware-delivery phishing campaigns as the environment of cyber threats changes. This method involves crafting personalized subject lines, attachment names, and embedded links to mimic authentic communications, fostering…
Fortinet VPNs Under Coordinated Attack
Time for your Weekly Cyber Snapshot with Adam Pilton, former Cybercrime Investigator, currently Cybersecurity Advisor. The five major cyber stories this week go from North Korea’s cyber playbook getting leaked to the silent burnout creeping up on MSPs. Let’s go.…
Romance scammers in Ghana charged with more than $100 million in theft
Four men from Ghana were extradited for their alleged role in stealing more than $100 million through romance scams and BEC. This article has been indexed from Malwarebytes Read the original article: Romance scammers in Ghana charged with more than…
BtcTurk suspends operations amid alleged $49M hot wallet heist
Turkish exchange is the latest victim of a recent spate of major crypto thefts Turkish cryptocurrency exchange BtcTurk is halting all deposits and withdrawals amid fears that blockchain bandits succeeded in significantly compromising its hot wallets.… This article has been…
New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks. “MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a…
Hackers Exploit Microsoft Flaw to Breach Canadian House of Commons to Gain Unauthorized Access
The Canadian House of Commons has fallen victim to a significant cyberattack orchestrated by an unidentified “threat actor” who successfully exploited a recent Microsoft vulnerability to access sensitive government employee data. The incident, which occurred on Friday, August 9, 2025,…
Rockwell Automation ControlLogix Ethernet Modules
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ControlLogix Ethernet Modules Vulnerability: Initialization of a Resource with an Insecure Default 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote…
Rockwell FactoryTalk Linx
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Rockwell Equipment: FactoryTalk Linx Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to to create, update, and delete FTLinx…
Rockwell Automation FactoryTalk Viewpoint
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Viewpoint Vulnerability: Improper Handling of Insufficient Permissions or Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could result in full privilege escalation.…