The North Face, a prominent outdoor fashion retailer, has issued a comprehensive security notification to customers following the discovery of a credential stuffing attack against its website on April 23, 2025. The incident represents a growing cybersecurity threat where attackers…
Tag: Cyber Security News
State-Sponsored Groups Actively Targeting Manufacturing Sector & OT systems
A comprehensive analysis reveals an alarming escalation in cyberattacks targeting the manufacturing sector, with state-sponsored threat actors and hacktivist groups increasingly focusing their efforts on operational technology systems that control critical industrial processes. The manufacturing sector has emerged as a…
Microsoft Defender for Endpoint Contained 120,000 & Saved 180,000 Devices From Cyberattack
Microsoft has achieved significant cybersecurity milestones in its fight against ransomware and advanced persistent threats, with its Defender for Endpoint platform successfully containing 120,000 compromised user accounts and protecting over 180,000 devices from cyberattacks in just the last six months. …
Russian Hacker Black Owl Attacking Critical Industries To Steal Financial Details
A sophisticated Russian hacktivist group operating under multiple aliases has emerged as a significant threat to critical infrastructure across Russia, employing advanced malware and social engineering techniques to infiltrate and destroy organizational systems. The group, known primarily as BO Team…
Wireshark Certified Analyst: Official Wireshark Certification Released for Security Professionals
The Wireshark Foundation has officially launched the Wireshark Certified Analyst (WCA-101) certification, marking a significant milestone in professional network analysis education. This comprehensive certification program, designed by industry experts including Wireshark creator Gerald Combs, validates advanced proficiency in packet analysis…
Apple’s iOS Activation Vulnerability Allows Injection of Unauthenticated XML Payloads
A critical security vulnerability has been discovered in Apple’s iOS activation infrastructure that allows attackers to inject unauthenticated XML payloads during the device setup phase. This flaw, affecting the latest iOS 18.5 stable release as of May 2025, exposes millions…
CISA Releases ICS Advisories Covering Vulnerabilities & Exploits
CISA issued three critical Industrial Control Systems (ICS) advisories on June 3, 2025, warning organizations about severe vulnerabilities affecting Schneider Electric and Mitsubishi Electric industrial automation products. These advisories highlight exploitable flaws that could enable remote code execution, authentication bypass,…
DollyWay World Domination Attack Hacked 20,000+ Sites & Redirects Users to Malicious Sites
A sophisticated cybercrime operation dubbed “DollyWay World Domination” has successfully infiltrated more than 20,000 WordPress websites since 2016, redirecting unsuspecting users to malicious destinations. The attack, named after the distinctive code snippet define (‘DOLLY_WAY’, ‘World Domination’) found within the malware,…
Threat Actors Bribed Overseas Support Agents to Steal Coinbase Customer Data
Cryptocurrency company Coinbase revealed a significant security incident in which cybercriminals successfully bribed overseas customer support agents to steal sensitive customer data, affecting less than 1% of monthly transacting users. Rather than pay a $20 million ransom demand, the company has…
Russian Dark Web Markets Most Popular Tools Fuels Credential Theft Attacks
Russian Market has emerged as the dominant force in the cybercriminal underground, establishing itself as what security experts describe as “the Amazon of stolen credentials.” This notorious marketplace has fundamentally transformed how threat actors acquire and exploit compromised account information,…