Cybercrime

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps

A recent study conducted by OMICRON has uncovered serious cybersecurity shortcomings within operational technology networks used across substations, power plants, and control centers globally. The assessment, which analyzed more than 100 real world energy installations, reveals repeated technical, organizational, and functional weaknesses that continue to expose critical infrastructure to cyber threats. The research is based […]

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps Read More »

CERT/CC Warns Binary Parser Bug Enables Privilege Level Code Execution in Node.js

The CERT Coordination Center (CERT/CC) has issued a warning about a security vulnerability in the widely used binary-parser npm library that could allow attackers to execute arbitrary JavaScript code under certain conditions. The flaw is tracked as CVE-2026-1245 and affects all versions of binary-parser released before 2.3.0. The issue was fixed on November 26, 2025, and users are strongly advised

CERT/CC Warns Binary Parser Bug Enables Privilege Level Code Execution in Node.js Read More »

Black Basta Ransomware Leader Added to EU Most Wanted List and INTERPOL Red Notice

Law enforcement authorities in Ukraine and Germany have identified two Ukrainian nationals suspected of supporting the Russia linked Black Basta ransomware as a service operation. Officials also confirmed that the alleged leader of the group has now been placed on both the European Union Most Wanted list and INTERPOL Red Notice database. The suspect has been named as Oleg Evgenievich Nefedov, a 35

Black Basta Ransomware Leader Added to EU Most Wanted List and INTERPOL Red Notice Read More »

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud

Microsoft has successfully taken legal measures in the U.S. and U.K. to dismantle RedVDS, a subscription-based cybercrime service that enabled criminals to carry out widespread online fraud. The action included seizing domains redvds[.]com, redvds[.]pro, and vdspanel[.]space, effectively taking the illegal service offline. RedVDS allowed threat actors to access cheap, disposable virtual computers for as little as $24 per month,

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud Read More »

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution

Fortinet has released security updates to address a critical vulnerability in FortiSIEM that could allow unauthenticated attackers to execute arbitrary code on affected systems. The flaw poses a serious risk to organizations using vulnerable FortiSIEM deployments, particularly those with exposed management services. Vulnerability Overview The issue, tracked as CVE-2025-64155, carries a CVSS score of 9.4, indicating critical

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution Read More »

Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages

Cybersecurity researchers have uncovered a large scale web skimming operation that has remained active since January 2022, silently harvesting payment card data from compromised online checkout pages. The campaign targets organizations connected to major global payment networks, including American Express, Diners Club, Discover, JCB, Mastercard, and UnionPay. According to a newly published report by Silent

Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages Read More »

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

A renewed wave of GoBruteforcer activity has been observed targeting databases linked to cryptocurrency and blockchain projects. The campaign aims to hijack vulnerable servers and enroll them into a botnet capable of brute forcing user credentials for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux based systems. Campaign Drivers and Initial Findings According

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials Read More »

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers

A major cybersecurity incident has impacted Gulshan Management Services, Inc., a gas station operator headquartered in Sugar Land, Texas, resulting in the exposure of personal information belonging to more than 377,000 customers. The breach has raised serious concerns about the protection of customer data within retail and fuel service operations across multiple US states. Breach

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers Read More »

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts

A major data exposure incident has reportedly impacted around 17.5 million Instagram user accounts, with sensitive personal information now circulating on dark web marketplaces. The issue was highlighted earlier this week by cybersecurity firm Malwarebytes, triggering serious concerns about user privacy, account security, and the potential for large scale abuse. What Information Was Exposed According

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts Read More »

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Europol has announced the arrest of 34 individuals in Spain accused of being members of the international organized crime syndicate known as Black Axe. The arrests are part of a coordinated law enforcement operation targeting large-scale fraud and organized criminal activity. Coordinated International Law Enforcement Operation The operation was led by the Spanish National Police with

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime Read More »