Category: Cyber Attack

Tablas Island Electric Cooperative, Inc. (TIELCO) Suffers Data Breach, Employee and Customer Information Exposed
Summary: The Tablas Island Electric Cooperative, Inc. (TIELCO) in Romblon, Philippines, has experienced a significant data breach that exposed sensitive employee and customer information. The breach, attributed to the threat actor known as “Lootz” from Deathnote Hackers, raises serious concerns about the security of TIELCO’s critical infrastructure and billing systems.…
Read More
Summary: A vulnerability in the popular file archiver 7-Zip, tracked as CVE-2025-0411, allows attackers to bypass Windows’ Mark-of-the-Web security feature, potentially enabling the execution of malware. This flaw, discovered by Trend Micro Zero Day Initiative, affects the extraction of files from crafted archives, removing critical security warnings.…
Read More
Summary: The OWASP has released its updated list of the top 10 vulnerabilities affecting smart contracts in 2025, providing crucial insights for developers and security professionals. This document highlights the most frequently exploited vulnerabilities in the Web3 landscape, emphasizing the need for improved security measures. Key vulnerabilities include access control flaws, price oracle manipulation, and reentrancy attacks, which have led to significant financial losses in the past year.…
Read More
Students, Educators Impacted by PowerSchool Data Breach
Summary: PowerSchool, a California-based education technology company, has reported a data breach that compromised personal information of students and educators. The breach, identified on December 28, 2024, affected its Student Information System (SIS) and involved unauthorized access through its customer support portal. Affected individuals will receive notifications and two years of free identity theft protection services.…
Read More
Summary: Oracle’s Critical Patch Update Pre-Release Announcement for January 2025 highlights upcoming security updates set for January 21st, 2025, addressing numerous vulnerabilities across its product range. Key areas of concern include Oracle Database Server, Communications Applications, MySQL, Financial Services Applications, and Fusion Middleware, with several vulnerabilities being remotely exploitable.…
Read More
Summary: IBM has revealed several critical vulnerabilities in its Sterling Secure Proxy (SSP) that could allow attackers to execute commands, access sensitive data, or cause denial of service. The vulnerabilities, with high CVSS scores, stem from improper input validation and incorrect permission assignments. IBM has released fix packs to address these issues, emphasizing the urgency of applying the updates.…
Read More
Victim: IntelBroker | IntelBroker Price: Not disclosed Data: Email addresses, IP addresses, operational tactics Keypoints :

Cybercriminal Profile: IntelBroker is a prominent figure in the cybercrime landscape, known for high-profile data breaches and ransomware attacks. Notable Breaches: His portfolio includes breaches of major entities like AMD, Europol, and Cisco.…
Read More
Grenoble University Hospital Thwarted Cyber Intrusion Attempt with No Medical Data Breach Detected
Date Reported: 2025-01-13 Country: FRA | France Victim: CHU de Grenoble | Grenoble University Hospital Website: chu-grenoble.fr Additional Information :The Grenoble University Hospital was targeted by a cyber intrusion attempt on January 13. Thanks to its security procedures, no medical data exfiltration has been detected so far.…
Read More
Summary: NVISO Labs has identified a sophisticated phishing campaign linked to the Black Basta ransomware group, utilizing Microsoft Teams for social engineering attacks. The campaign employs an email bombing strategy to distract victims before attackers impersonate IT personnel to gain remote access. Once inside, they disable security measures, exfiltrate data, and deploy malware, highlighting the need for proactive detection measures.…
Read More
Moxa Warns of Critical Authorization Vulnerability in EDS-508A Series Ethernet Switches
Summary: Moxa has issued a security advisory for CVE-2024-12297, a critical vulnerability (CVSS 9.2) in its EDS-508A Series Ethernet switches that affects firmware version 3.11 and earlier. This vulnerability allows attackers to bypass authentication, potentially gaining unauthorized access to sensitive configurations or disrupting operations. Moxa has provided a security patch and recommended mitigations to protect affected devices.…
Read More
Summary: Security researcher MrAle_98 has disclosed a proof-of-concept exploit for a zero-day vulnerability, CVE-2024-49138, affecting the Windows Common Log File System (CLFS) Driver. This elevation of privilege flaw, with a CVSS score of 7.8, allows attackers to gain SYSTEM privileges on affected devices. Microsoft confirmed that the vulnerability was actively exploited before a patch was released, emphasizing the urgency for users to update their systems.…
Read More
HPE Aruba Networking Addresses Security Vulnerabilities in AOS Systems
Summary: HPE Aruba Networking has released a security advisory regarding multiple vulnerabilities in its ArubaOS systems, which could allow attackers to execute unauthorized commands or overwrite system files. Two critical vulnerabilities have been identified, both with a CVSS score of 7.2, affecting the web-based management interface and the command-line interface.…
Read More
Summary: BlackBerry’s QNX Software Development Platform (SDP) has been issued a security advisory (QNX-2024-003) due to multiple vulnerabilities in its image codecs, which could lead to serious security risks including information disclosure, denial of service, and remote code execution. These vulnerabilities affect several versions of QNX SDP and have been assigned high CVSS scores, indicating their severity.…
Read More
Summary: Palo Alto Networks has issued a threat briefing on two critical vulnerabilities in Ivanti products, CVE-2025-0282 and CVE-2025-0283, which could allow attackers to execute remote code and escalate privileges. The vulnerabilities affect Ivanti’s Connect Secure, Policy Secure, and ZTA gateway appliances, widely used for remote network connections.…
Read More