In a landmark coordinated effort, international law enforcement agencies have taken down critical infrastructure linked to the BlackSuit ransomware group (also known as Royal), marking a significant blow against one of the most persistent cybercriminal operations targeting the United States. The operation, conducted on July 24, 2025, led to the seizure of four servers, nine […]
SSHamble – An Advanced Open-Source Tool for Uncovering SSH Vulnerabilities SSHamble is a cutting-edge open-source reconnaissance utility built to detect and exploit security weaknesses in SSH protocol implementations across internet-facing systems. First showcased at DEFCON 33, the tool has already revealed major flaws in enterprise networking equipment and exposed widespread SSH misconfigurations impacting millions of
SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol Read More »
Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware In recent weeks, several sponsored advertisements began appearing at the top of Google search results, claiming to offer preorders for Tesla’s upcoming Optimus robots. These ads redirected unsuspecting users to fraudulent microsites designed to mimic Tesla’s official branding, tricking them into paying a
Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware Read More »
Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers A major cyberattack has hit French telecommunications giant Bouygues Telecom, compromising personal data belonging to 6.4 million customers. The breach, detected on August 4th, has raised serious concerns over data security and customer safety. Details of the Breach Bouygues, which serves nearly 27 million mobile
Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers Read More »
Hackers Can Exploit New Win-DDoS Flaws to Turn Public Domain Controllers into Powerful Botnets A newly discovered attack method could be used to hijack thousands of publicly accessible Domain Controllers (DCs) worldwide, transforming them into a massive botnet capable of delivering high-powered Distributed Denial-of-Service (DDoS) attacks. The technique, named Win-DDoS, was uncovered by SafeBreach researchers
Windows RPC Vulnerability CVE-2025-49760 Enables EPM Poisoning and Privilege Escalation Attacks Cybersecurity experts have revealed fresh details about a now-patched flaw in Microsoft Windows Remote Procedure Call (RPC) that could allow attackers to spoof legitimate services and impersonate trusted servers. The issue, tracked as CVE-2025-49760 with a CVSS score of 3.5, was described by Microsoft as a Windows
WinRAR Vulnerability CVE-2025-8088 Exploited as Zero-Day to Deploy RomCom Malware A critical security flaw in WinRAR, identified as CVE-2025-8088, has been exploited in zero-day phishing campaigns to install the RomCom malware. This vulnerability, a directory traversal bug, was addressed in WinRAR version 7.13. It allows attackers to create malicious archive files that, when extracted, can
WinRAR Zero-Day Exploited to Deliver Malware During Archive Extraction Read More »
“Google Confirms Data Breach Exposed Potential Google Ads Customer Information” Google has confirmed a data breach involving one of its corporate Salesforce CRM instances used for communicating with potential Google Ads customers. The incident exposed basic business contact details but did not affect financial or active Ads account data. In a data breach notification sent to affected parties and
Google Confirms Data Breach Exposed Potential Google Ads Customer Information Read More »
Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024 A recent report from blockchain intelligence firm TRM Labs reveals that the Embargo ransomware group has generated approximately $34.2 million in cryptocurrency since its emergence in April 2024. Most of the identified victims are based in the United States, particularly within the healthcare, business services, and manufacturing
Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024 Read More »
Darknet markets operate outside the control of traditional payment processors and legal systems, making escrow systems essential for securing cryptocurrency transactions between buyers and sellers. These systems, often using multisignature (multisig) wallets and automated release mechanisms, are designed to enhance transaction safety and manage disputes. While they offer improved protection compared to direct payments, weaknesses
Darknet Market Escrow Systems at Risk of Administrator Exit Scams Read More »