Category: Cybersecurity

Medusa Ransomware Actors Exploit Critical Fortra GoAnywhere Flaw Summary Threat actors deploying Medusa ransomware (linked to Storm-1175) have been observed exploiting a maximum-severity deserialization vulnerability in Fortra’s GoAnywhere managed file…

Chaos Ransomware Upgrades With Aggressive New C++ Variant Summary FortiGuard Labs has documented a new, more aggressive Chaos ransomware variant rewritten in C++ (Chaos-C++). The variant introduces faster, more destructive…

Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks Summary Researchers from Cisco Talos observed China-based threat group Storm-2603 (also tracked as Gold Salem) abusing the open-source DFIR tool Velociraptor…

Microsoft Drops Terrifyingly Large October Patch Update Summary Microsoft’s October Patch Tuesday is enormous: 175 CVEs were patched, including multiple zero-days that are already being exploited and several flaws Microsoft…

Feds Shutter ShinyHunters Salesforce Extortion Site Summary The FBI, working with French law enforcement, seized the BreachForums domain that had been repurposed as an extortion portal by the group calling…

Cyberattackers Target LastPass, Top Password Managers Summary Major password managers — including LastPass, 1Password and Bitwarden — have been impersonated in a wave of phishing attacks. Over a three-week period…

Leaks in Microsoft VS Code Marketplace Put Supply Chain at Risk Summary Researchers at Wiz found more than 550 validated secrets exposed inside VS Code extension packages across Microsoft’s VS…

‘Mysterious Elephant’ Moves Beyond Recycled Malware Summary Kaspersky researchers say the threat group tracked as “Mysterious Elephant” has evolved from reusing others’ malware to deploying a compact, custom toolset in…

F5 BIG-IP Environment Breached by Nation-State Actor Summary Application security vendor F5 disclosed on 15 October 2025 that a sophisticated nation-state actor maintained long-term, persistent access to parts of its…