targeted

  • Blog

    Russian army targeted by new Android malware hidden in mapping app

    A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. Attackers promote the trojanized app as a free, cracked version of the premium Alpine Quest Pro, using Telegram channels and Russian app catalogs for distribution. AlpineQuest is a legitimate GPS…

    Read More »
  • Blog

    SonicWall SMA VPN devices targeted in attacks since January

    A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. This security flaw (CVE-2021-20035) impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v devices and was patched almost four years ago, in September 2021, when SonicWall said it could…

    Read More »
  • Blog

    Apple fixes two zero-days exploited in targeted iPhone attacks

    Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an “extremely sophisticated attack” against specific targets’ iPhones. The two vulnerabilities are in CoreAudio (CVE-2025-31200) and RPAC (CVE-2025-31201), with both bugs impacting iOS, macOS, tvOS, iPadOS, and visionOS. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against…

    Read More »
  • Blog

    Ukrainian military targeted in new Signal spear-phishing attacks

    Ukraine’s Computer Emergency Response Team (CERT-UA) is warning about highly targeted attacks employing compromised Signal accounts to send malware to employees of defense industry firms and members of the country’s army forces. The bulletin mentions that the attacks started this month, with Signal messages containing archives posing as meeting reports. With some of these messages sent from existing contacts targets…

    Read More »
  • Blog

    Chinese hackers targeted sanctions office in Treasury attack

    ​Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. OFAC was created in December 1950, blocking all Chinese and North Korean assets under U.S. jurisdiction after China entered the Korean War. In a letter sent to Congress this week, the Treasury Department disclosed…

    Read More »
  • Blog

    Romania’s election systems targeted in over 85,000 cyberattacks

    A declassified report from Romania’s Intelligence Service says that the country’s election infrastructure was targeted by more than 85,000 cyberattacks. Threat actors also obtained access credentials for election-related websites and leaked them on a Russian hacker forum less than a week before the first presidential election round. Attacks originating from 33 countries The Romanian Intelligence Service (SRI) says that on…

    Read More »
  • Blog

    Starbucks, Supermarkets Targeted in Ransomware Attack

    Starbucks and several major U.K. supermarkets experienced disruption due to a ransomware attack on the prominent supply chain software provider Blue Yonder. The company disclosed the incident on Thursday, Nov. 21, and it was still working to restore services the following Monday. The disruption to the Blue Yonder platform prevented Starbucks from paying its baristas and managing their schedules, according…

    Read More »
  • Blog

    GitHub projects targeted with malicious commits to frame researcher

    GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker’s true intentions. ‘Innocent looking PR’ caught injecting backdoor On Tuesday, Alex Cheema, co-founder of EXO Labs warned everyone…

    Read More »
  • Blog

    Why you should always offboard outgoing staff: A disgruntled ex-Disney employee targeted former colleagues with DDoS attacks and hacked its menu system to change peanut allergen information

    A former Disney employee faces federal cyber crime charges after being accused of hacking into the entertainment giant’s menu system. The disgruntled ex-menu production manager, Michael Scheuer, was fired in June for alleged misconduct, but is now charged with attempting to mislabel menu items, hiding the fact they contained peanuts. “The threat actor manipulated the allergen information on menus by…

    Read More »
  • Blog

    Google fixes two Android zero-days used in targeted attacks

    Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 and CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks. “There are indications that the following may be under limited, targeted exploitation,” says Google’s advisory. The CVE-2024-43047 flaw is a high-severity use-after-free issue…

    Read More »
Back to top button
close