Category: Cyber Attack

Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
Summary: Threat actors are leveraging the Atlantis AIO Multi-Checker tool to automate credential stuffing attacks, allowing them to test millions of stolen credentials rapidly. This tool enables widespread unauthorized access to user accounts across various platforms and services, resulting in potential fraud and data theft. Organizations should implement strict password policies and multi-factor authentication to mitigate these risks.…
Read More
Abracadabra Cyberattack: How Hackers Drained M from DeFi Platform
Summary: Abracadabra, a decentralized finance (DeFi) platform, suffered a cyberattack resulting in the theft of nearly million in cryptocurrency from its gmCauldrons. The incident has raised concerns across the cryptocurrency market, particularly affecting entities relying on liquidity tokens from decentralized exchanges. Abracadabra is actively working to mitigate the impact and has even offered a bug bounty to the hacker for the return of the stolen funds.…
Read More
Malaysia Braces for Cyberattacks During Hari Raya: Cyber999 Issues Warning
Summary: A significant rise in cybersecurity incidents has been reported in Malaysia since early 2025, prompting Cyber999 to issue an advisory for heightened vigilance and preventive measures. The ongoing threats include ransomware, data breaches, and various scams, especially during the festive season. Key recommendations for system administrators, financial institutions, and home users are provided to mitigate these risks.…
Read More
CrushFTP warns users to patch unauthenticated access flaw immediately
Summary: CrushFTP has issued a warning about an unauthenticated HTTP(S) port access vulnerability affecting versions 10 and 11, urging customers to patch their servers immediately. The flaw allows attackers to gain unauthorized access to exposed servers, with over 3,400 instances currently exposed online. As a temporary measure, users can enable the DMZ feature to protect their systems until they can apply updates.…
Read More
Ransomware Attack Hits Union County, Exposing Residents’ Personal Data
Summary: Union County, Pennsylvania, experienced a ransomware attack compromising personal information of over 40,000 residents. Discovered on March 13, 2025, the attack has prompted investigations by county officials and federal law enforcement to assess the extent of data theft. Residents are being urged to take proactive measures to protect their personal information amid ongoing cybersecurity enhancements.…
Read More
New Android malware uses Microsoft’s .NET MAUI to evade detection
Summary: New Android malware campaigns leveraging Microsoft’s .NET MAUI framework have emerged, allowing attackers to disguise malicious apps as legitimate services to evade detection. These tactics, first reported by McAfee, pose a significant security risk, especially as targeting could expand beyond China and India. The use of multi-layered encryption and the unique storage of app logic in binary blob files complicates detection efforts further.…
Read More
Babuk2 Ransomware Attempts Extortion Based on False Claims
Summary: Investigations reveal that the Babuk2 ransomware group is making false extortion claims, reusing data from previous breaches without evidence of new attacks. Despite the group’s assertions of conducting multiple attacks, independent analyses show no confirmed incidents of ransomware encryption or intrusions. Businesses must take due diligence in verifying any extortion claims to mitigate financial and reputational risks.…
Read More
New VanHelsing ransomware targets Windows, ARM, ESXi systems
Summary: A new multi-platform ransomware-as-a-service operation called VanHelsing has emerged, targeting various operating systems, including Windows and Linux. It allows affiliates to keep 80% of ransom payments and employs sophisticated encryption methods and stealth tactics in its operations. The ransomware has already been used in attacks against at least three victims, with ransoms set at 0,000.…
Read More
23andMe files for bankruptcy, customers advised to delete DNA data
Summary: 23andMe, a California-based genetic testing provider, has filed for Chapter 11 bankruptcy and will sell its assets after facing significant financial challenges. Despite assurances about customer data security, privacy experts express concerns regarding the potential mishandling of sensitive genetic information. In light of this situation, the California Attorney General has advised customers on how to protect their data and test samples.…
Read More
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
Summary: Microsoft has introduced a new inline data protection feature for its Edge for Business browser to prevent data leakage into generative AI applications. Additionally, the company announced enhanced security features for Microsoft Teams to combat phishing attacks and protect sensitive communications. Lastly, Microsoft is expanding its Security Copilot with new AI agents to improve threat detection and response.…
Read More
23andMe files for bankruptcy, putting customers’ genetic data at risk
Summary: The genetic testing company 23andMe has initiated Chapter 11 bankruptcy proceedings, which alarmed regulators and privacy advocates who are urging customers to delete their genetic data. Following the bankruptcy announcement, CEO Anne Wojcicki resigned, while the company’s significant data breach earlier in October 2023 raised concerns over the safety of customer information.…
Read More