Latest Intelligence
CISA Says Russian Hackers Targeting Western Supply-Lines to Ukraine
Russian military intelligence hackers are increasingly targeting Western logistics and technology companies that supply goods to Ukraine, according to CISA. This escalation highlights the ongoing cyber threats related to the conflict and the importance of securing supply chains against such attacks.
Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation
Microsoft has disrupted the Lumma Stealer malware operation by sinkholing 394,000 Windows systems that were communicating with Lumma controllers, affecting a range of global manufacturers. This intervention is significant as it targets a notorious malware known for stealing sensitive information from compromised systems.
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
Russian state-sponsored hackers, attributed to APT28, are exploiting vulnerabilities in email and VPN systems to conduct espionage on Western logistics and technology companies involved in aiding Ukraine. This campaign, ongoing since 2022, highlights the ongoing cyber threats linked to geopolitical conflicts.
ESET takes part in global operation to disrupt Lumma Stealer
ESET participated in a global operation aimed at disrupting the Lumma Stealer malware, utilizing extensive monitoring of numerous malicious samples. This effort highlights the ongoing battle against cyber threats and the importance of collaborative initiatives in cybersecurity.
Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway
A critical vulnerability, identified as CVE-2025-36535, affects over 100 AutomationDirect MB-Gateway devices, potentially allowing remote attacks via the internet. This poses significant security risks for industrial environments relying on these devices.
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users
Coinbase has reported a data breach affecting 69,461 users, attributed to a rogue contractor. The breach dates back to December of the previous year, highlighting concerns over third-party vendor security.
PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
The article reports a significant increase in the distribution of PureRAT malware targeting Russian organizations, with attacks quadrupling in early 2025 compared to the previous year. This surge highlights the growing threat posed by phishing campaigns in the region, particularly against businesses.
Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
Counterfeit Facebook pages and sponsored ads are being used to lure users into downloading malware disguised as Kling AI, an AI-powered platform. This malicious campaign has the potential to impact over 22 million users, highlighting the significant risks associated with online scams.
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
The FBI and CISA have issued a joint advisory regarding the LummaC2 malware, which is used by threat actors to exfiltrate sensitive data from organizations. This malware has been observed in active campaigns targeting critical infrastructure sectors, posing significant risks to both individuals and organizations.
Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware
CISA and the FBI have issued a Cybersecurity Advisory regarding the LummaC2 malware, which targets U.S. critical infrastructure sectors and poses a significant risk by infiltrating networks and exfiltrating sensitive data. The advisory emphasizes the need for organizations to implement recommended mitigations to safeguard against this ongoing threat.
Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies
The article reports on a joint Cybersecurity Advisory from CISA and other agencies regarding a Russian GRU cyber espionage campaign targeting Western logistics and technology companies, particularly those involved in supporting Ukraine. The advisory highlights the need for increased monitoring and defense against the elevated threat posed by these actors.
Russian GRU Targeting Western Logistics Entities and Technology Companies
The article details a Russian state-sponsored cyber campaign by the GRU targeting Western logistics and technology companies, particularly those aiding Ukraine. This ongoing espionage effort utilizes a range of tactics and poses a significant threat to organizations involved in critical infrastructure and support operations.
Securing CI/CD workflows with Wazuh
The article discusses the importance of securing CI/CD workflows, highlighting the balance between the speed of software delivery and the potential security risks introduced by automation. As CI/CD practices are essential for modern software development, ensuring their security is crucial to prevent vulnerabilities.
US Student to Plead Guilty Over PowerSchool Hack
Matthew Lane, a US student, is set to plead guilty for hacking PowerSchool using stolen credentials and for extorting a telecoms provider. This incident highlights ongoing concerns regarding cybersecurity vulnerabilities in educational software systems.
How to Detect Phishing Attacks Faster: Tycoon2FA Example
Phishing attacks pose a significant threat as a single email can compromise entire systems, leading to credential theft and unauthorized access. As phishing techniques evolve, automated solutions are becoming less effective, highlighting the need for improved detection methods.