16 Jul, 2026

US seizes E-Note crypto exchange for laundering ransomware payments

Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million. It is believed that the funds originated from ransomware and account takeover attacks, and were subsequently funneled through an international network of “money mules.” “Since 2017, the FBI identified more than […]

1 min read

France arrests Latvian for installing malware on Italian ferry

French authorities arrested two crew members of an Italian passenger ferry suspected of infecting the ship with malware that could have enabled them to remotely control the vessel. As the Paris prosecutor’s office announced this week, a Bulgarian national has been released without any charge, while a Latvian suspect who recently joined the crew of […]

2 mins read

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely. OneView is HPE’s infrastructure management software that helps IT admins streamline operations and automate the management of servers, storage, and networking devices from a centralized interface. This critical security flaw (CVE-2025-37164) was reported by […]

2 mins read

Zeroday Cloud hacking event awards $320,0000 for 11 zero days

The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. The first hacking event focused on cloud systems, the competition is hosted by Wiz Research in partnership with Amazon Web Services, Microsoft, and Google Cloud. The researchers were successful in 85% of the […]

2 mins read

France arrests suspect tied to cyberattack on Interior Ministry

French authorities arrested a 22-year-old suspect on Tuesday for a cyberattack that targeted France’s Ministry of the Interior earlier this month. In a statement issued by Public Prosecutor Laure Beccuau, officials said the suspected hacker was arrested on December 17, 2025, as part of an investigation into the attack. “A person was arrested on December […]

4 mins read

Amazon: Ongoing cryptomining campaign uses hacked AWS accounts

Amazon’s AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for Identity and Access Management (IAM). The operation started on November 2nd and employed a persistence mechanism that extended mining operations and hindered incident responders. The threat actor used a Docker […]

2 mins read

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on Microsoft’s legitimate device login page, unknowingly authorizing an attacker-controlled application and granting them access to the target account without stealing credentials or bypassing multi-factor authentication (MFA). Although the […]

3 mins read

New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock

The UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks that can bypass early-boot memory protections. The security issue has received multiple identifiers (CVE-2025-11901, CVE-2025‑14302, CVE-2025-14303, and CVE-2025-14304) due to differences in vendor implementations DMA is a hardware feature that allows devices such as graphics […]

4 mins read

Over 25,000 FortiCloud SSO devices exposed to remote attacks

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability. Fortinet noted on December 9th, when it patched the security flaw tracked as CVE-2025-59718 (FortiOS, FortiProxy, FortiSwitchManager) and CVE-2025-59719 (FortiWeb), that the vulnerable FortiCloud SSO login feature is not enabled until admins […]

2 mins read