QILIN RANSOMWARE GANG CLAIMED RESPONSIBILITY FOR THE LEE ENTERPRISES ATTACK
The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises, Inc. is a publicly traded American media company. It publishes 79 newspapers in 25 states, and more than […]
SERBIAN STUDENT ACTIVIST’S PHONE HACKED USING CELLEBRITE ZERO-DAY EXPLOIT
Amnesty International reports that a Cellebrite zero-day exploit was used to unlock a Serbian activist’s Android phone. Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist. In a statement published on 25 February 2025, Cellebrite announced that it had blocked Serbia from using its solution after reports that police used […]
Sky Remote Code Execution Bugfix Review
On 25 September 2023, a security researcher named xss submitted a critical vulnerability to Sky (formerly known as MakerDAO) through Immunefi. The white-hat was able to execute malicious code on vote.makerdao.com to extract sensitive content from the filesystem such as /etc/passwd. The vulnerability has since been fixed, on Sep 28, 2023. The report was validated and confirmed by the Sky team […]
Poland’s Space Agency Breached: Cybersecurity Services Launch Investigation
The Polish officials has confirmed that the country’s cybersecurity services had detected an unauthorized breach of the Polish Space Agency’s (POLSA) IT infrastructure. The cyberattack on POLSA prompted immediate action to protect sensitive systems and launch an investigation to identify the perpetrators behind the incident. Minister for Digitalization Krzysztof Gawkowski reported the breach via his official […]
DragonForce Ransomware Group Targets Saudi Arabia with Large-Scale Data Breach
The DragonForce ransomware group has launched a major cyberattack against organizations in Saudi Arabia, marking its first known attack on a large KSA enterprise entity. The attack, disclosed in a recent Resecurity report, which was first announced on February 14, 2025, resulted in the exfiltration of over 6 TB of confidential data. The timing of […]
10 New Vulnerabilities Found in MediaTek Chipsets
MediaTek has unveiled its March 2025 Product Security Bulletin, detailing a series of newly identified security vulnerabilities that affect a broad range of its chipsets – spanning smartphones, tablets, AIoT devices, smart displays, OTT hardware, computer vision platforms, audio systems, and smart televisions. The bulletin details 10 vulnerabilities, with three rated as high severity and the rest as […]
Windows Hyper-V Zero-Day CVE-2025-21333: PoC Drops, SYSTEM Access Exposed
Security researcher Alessandro Iandoli has published a proof-of-concept (PoC) exploit for CVE-2025-21333, a zero-day vulnerability in Windows Hyper-V that has been actively exploited in attacks. The flaw, rated with a CVSS score of 7.8, enables attackers to gain SYSTEM privileges on affected Windows devices. While details regarding real-world exploitation remain undisclosed, the vulnerability was anonymously reported and […]
“Scattered Spider Spins a New Web: Detecting 0ktapus Phishing Domains”
“Scattered Spider Spins a New Web: Detecting 0ktapus Phishing Domains” Scattered Spider Spins a New Web: Detecting 0ktapus Phishing Domains In today’s rapidly evolving digital landscape, cybersecurity threats are becoming increasingly sophisticated and harder to detect. Among the most dangerous forms of cyberattacks are phishing campaigns, where attackers trick individuals into revealing sensitive information like […]