Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware The Hacker [email protected] (The Hacker News)
May 28, 2025

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency …


How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds The Hacker [email protected] (The Hacker News)
May 28, 2025

Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens …


251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch The Hacker [email protected] (The Hacker News)
May 28, 2025

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The activity, observed by GreyNoise on May 8, 2025, involved as …


Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats The Hacker [email protected] (The Hacker News)
May 27, 2025

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App …


Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model darkreadingRobert Lemos, Contributing Writer
May 27, 2025

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attract businesses legitimate and shady. The region offers …


ISC Stormcast For Wednesday, May 28th, 2025 https://isc.sans.edu/podcastdetail/9468, (Wed, May 28th) SANS Internet Storm Center, InfoCON: green
May 27, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Adidas Falls Victim to Third-Party Data Breach darkreadingKristina Beek, Associate Editor, Dark Reading
May 27, 2025

Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy's customer service help desk were impacted. Though Adidas said that no payment …


CISA Warns of Attacks Targeting Commvault SaaS Environment darkreadingJai Vijayan, Contributing Writer
May 27, 2025

A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service. A threat actor has gained access to Microsoft 365 environments of …


DragonForce Ransomware Strikes MSP in Supply Chain Attack darkreadingAlexander Culafi, Senior News Writer, Dark Reading
May 27, 2025

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs. DragonForce, a …


MathWorks, Creator of MATLAB, Confirms Ransomware Attack darkreadingKristina Beek, Associate Editor, Dark Reading
May 27, 2025

The attack dirsupted MathWorks' systems and online applications, but it remains unclear which ransomware group targeted the software company and whether they stole any data. The attack dirsupted MathWorks' systems and …