Latest Intelligence
Lazarus APT Jumps on ClickFix Bandwagon in Recent Attacks
The Lazarus APT group, linked to North Korea, has intensified its campaign against job seekers by employing social engineering tactics to target centralized finance (CeFi) organizations with the GolangGhost backdoor. This highlights the ongoing threat posed by state-sponsored cyber actors in exploiting vulnerable populations.
Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation
ReliaQuest has successfully raised $500 million in a new funding round, increasing its total funding to over $830 million and achieving a valuation of $3.4 billion. This significant investment highlights the growing importance of cybersecurity operations in the current digital landscape.
Ransomware Group Takes Credit for National Presto Industries Attack
A ransomware group has claimed responsibility for a cyberattack on National Presto Industries' subsidiary, National Defense Corporation, which occurred in March. This incident highlights the ongoing threat of ransomware attacks to industrial sectors.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added a new vulnerability, CVE-2025-24813, related to Apache Tomcat, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal networks and emphasizes the need for timely remediation to mitigate cyber threats.
CISA Releases Two Industrial Control Systems Advisories
CISA has released two advisories regarding vulnerabilities in Industrial Control Systems, specifically affecting Rockwell Automation and Hitachi Energy products. These advisories highlight the importance of addressing security issues in ICS environments to prevent potential exploits.
Rockwell Automation Lifecycle Services with Veeam Backup and Replication
Rockwell Automation has reported a critical remote code execution vulnerability (CVE-2025-23120) in its Lifecycle Services with Veeam Backup and Replication, which could allow an attacker with administrative privileges to execute arbitrary code on the target system. The vulnerability is significant due to its high CVSS v4 score of 9.4 and its potential impact on critical manufacturing sectors worldwide.
Critical Vulnerability Found in Canon Printer Drivers
Microsoft's offensive security team has identified a critical code execution vulnerability in Canon printer drivers, which poses significant risks for users. This vulnerability could allow attackers to execute arbitrary code on affected systems.
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
Apple has released critical fixes for three vulnerabilities affecting older iOS and macOS devices that are currently being exploited. The vulnerabilities, including a use-after-free bug, pose significant risks to users of legacy systems.
Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign
Cybersecurity researchers have reported a significant increase in login scanning attempts targeting Palo Alto Networks' PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses involved. This coordinated effort indicates potential vulnerabilities that could be exploited by attackers.
CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability
CrushFTP is facing exploitation attempts related to vulnerabilities CVE-2025-2825 and CVE-2025-31161, which have been rapidly targeted by hackers. The company has criticized security firms for their role in the swift exploitation of these vulnerabilities.
New Case Study: Global Retailer Overshares CSRF Tokens with Facebook
A global retailer inadvertently exposed sensitive CSRF tokens to Facebook due to misconfigurations in their security settings. This incident highlights the importance of proper security token management to prevent data leaks and unauthorized tracking.
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions
Cybersecurity researchers have identified a new China-linked threat actor, Earth Alux, which has been conducting multi-stage cyber intrusions targeting critical sectors across the Asia-Pacific and Latin American regions since mid-2023. The significance of this threat lies in its potential impact on various industries including government and technology.
Check Point Responds to Hacking Claims
Check Point has acknowledged a hacking incident involving sensitive data theft but asserts that the impact was limited. This response highlights ongoing concerns regarding cybersecurity and data protection in the industry.
Apple Patches Recent Zero-Days in Older iPhones
Apple has addressed two recent zero-day vulnerabilities in older iPhone models through a significant security update. This action underscores the importance of keeping devices updated to protect against potential exploits.
France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency
France's antitrust watchdog has imposed a fine of 150 million euros on Apple due to issues related to its App Tracking Transparency feature, which is intended to protect user privacy. This ruling highlights the ongoing scrutiny of tech giants regarding their privacy practices and the enforcement of antitrust regulations in Europe.