Abilene, Texas, shut down systems after a cyberattack caused server issues. The incident occurred on April 18, 2025. Texas emergency services remained operational, and no financial irregularities were found. “On April 18, 2025, City officials received reports of unresponsive servers within our internal network and immediately began executing our incident response plan and disconnecting affected and critical assets to secure our systems,” reads the notice of security incident published by the co
All Articles (2757)
Sort by
Across every stage of the attack chain, automation is reshaping threat behavior. In the reconnaissance phase, cybercriminals launched over 36,000 scans per second in 2024, a 16.7% global increase. These scans are no longer just searching for exposed ports; they’re probing deep into operational technology (OT), cloud APIs, and identity layers. SIP-based VoIP systems, RDP servers, and industrial protocols like Modbus TCP are being mapped automatically and continuously.
Automation also extends to
Have you ever thought of becoming a cybercriminal? There is no better time than now. Cheap ransomware is being sold for one-time use on the Dark Web, allowing the most inexperienced amateur criminals to get involved with cyber-crime without any direct interaction with the makers. Some of these kits that enable criminals with minimal tech skills to deploy malware to steal personal information, carry out identity theft and access bank accounts, are available for less than $25.
Such malware infe
A Chinese Advanced Persistent Threat (APT) Group has successfully exploited critical vulnerabilities in Ivanti Connect Secure VPN appliances to infiltrate organizations across 12 countries and 20 industries, according to the Taiwan cybersecurity firm TeamT5. The campaign, active since late March 2025, exploits the stack-based buffer overflow flaws in CVE-2025-0282 and CVE-2025-22457, which have maximum CVSS (Common Vulnerability Scoring System) scores of 9.0, to deploy the SPAWNCHIMERA malware
A threat actor has advertised a zero-day exploit targeting FortiGate firewall products from Fortinet on a prominent Dark Web forum. The exploit claims to enable unauthenticated remote code execution (RCE) and full configuration access to FortiOS, allowing attackers to seize control of vulnerable devices without needing credentials.
This alarming development has raised concerns among some users about the security of Fortinet firewalls, which are widely used in enterprises and government agencies
Politically motivated pro-Russian hackers Noname057(16) are ramping up distributed denial of service (DDoS) attacks against German organizations, disrupting the websites of banks, manufacturers, and other companies. The Russia-aligned hacking group claims to have attacked Bayerische Landesbank, a major state-owned German bank; BayWa AG, a global agriculture, energy, and building materials company; COBUS Industries, a manufacturer of airport shuttle buses; and Aluminium Rheinfelden Alloys, a pr
Ransomware, as the name suggests, is malicious software designed to block access to a computer system or encrypt its data until a sum of money (a ransom) is paid. These attacks have been carried out on both individuals and corporations. “With ransomware groups leveraging increasingly sophisticated methods, companies in the region are all feeling the pressure as attackers exploit vulnerabilities in the increasingly complex corporate IT and network infrastructure,” said Adrian Hia, managing dire
According to Dutch military intelligence, Russia is increasing its hybrid attacks aimed at undermining society in the Netherlands and its European allies, and Russian hackers have already targeted the Dutch public service. "We see the Russian threat against Europe is increasing, including after a possible end to the war against Ukraine," MIVD director Peter Reesink said in the agency's annual report. In the Netherlands, we saw the first (Russian) cyber sabotage act against a public service, wi
Whenever a new form of digital communication becomes prevalent, actors inevitably adopt it to send spam and try to profit from unsuspecting users. Email has been the perennial choice for spam delivery, but the prevalence of new communications platforms has expanded the spam attack surface considerably.
This report explores AkiraBot, a Python framework that targets contact forms and chat widgets on small to medium-sized business websites. AkiraBot is designed to post AI-generated spam messages ta
One of the new challenges in cybersecurity is the rise of AI-driven phishing campaigns. Recent findings from Hoxhunt https://noxhunt.com show that artificial intelligence is now outpacing human red teams in developing more sophisticated phishing attacks. As these attacks become more personalized and effective, it is crucial for organizations worldwide to understand the profound impact of AI on cyber threats. This understanding is vital for developing strategies to counteract these advanced threa
FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Unlike previous malware targeting these devices, this variant is written in Rust, a programming language introduced by Mozilla in 2010. Due to its Rust-based implementation, analysts have named the malware “RustoBot.”
Incidents - In January and February of 2025, FortiGuard Labs observed a significant increase in alerts related to attacking via TOTOLINK vulnerabilities.
TOTOLINK vulnerabilities often stem fro
Cybercriminals are constantly finding new ways to trick people, and one of the latest scams on the rise is called vishing, short for voice phishing. Unlike email scams (also known as phishing), vishing occurs over the phone. Recent studies have highlighted a dramatic escalation in vishing attacks.
See: https://redskyalliance.org/xindustry/let-s-talk-about-vishing
The 2025 CrowdStrike Global Threat Report documented a 442% surge in vishing incidents from the first to the second half of 2024. Addi
The Maritime Union of Australia (MUA) has claimed that DP World’s port automation plan at Melbourne, Sydney and Brisbane will make Australian container terminals become less productive, more costly and less safe. In correspondence to the MUA, DP World has indicated plans to spend more than AU$600m (US$383m) on automated equipment within the Australian container terminal network.
The announcement has been made without fulfilling consultation requirements set out in the Enterprise Agreement signe
A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) was actively exploited within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites.
"The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to
On 16 April, US DHS CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability.
Found in CVE-2021-20035, this security flaw impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v (ESX, KVM, AWS, Azure) devices. Successful exploitation can allow remote threat actors with low privileges to execute arbitrary code in low-complexity attacks. "Improper neutralization of speci
Artificial intelligence (AI) has made remarkable strides over the past few decades, transforming various industries and applications. Among the most notable advancements is the development of AI-generated chatbots, which have revolutionized customer service, personal assistance, and content generation. These chatbots, powered by sophisticated algorithms and machine learning techniques, offer seamless and intuitive interactions with users, redefining the boundaries of human-machine communication
The rapid adoption of Generative AI (GenAI) and the emergence of Agentic AI has unlocked new opportunities for security teams to stay ahead of attacks better. In security operations centers worldwide, organizations rapidly adopt AI tools to augment human analysts, improve efficiency, and lay the foundation for a more autonomous SOC. Across the industry, the focus has shifted from whether to adopt AI, from behavioral AI and machine learning to generative AI and now agentic AI, to how best to impl
Several government security agencies worldwide are warning people about spyware that has been snooping on mobile phone users' private data. An advisory from the various agencies recently revealed that the spyware variants have been targeting users connected to Taiwanese independence and similar movements. Known as Badbazaar and Moonshine, the two spyware strains have been spoofing legitimate apps to trick unsuspecting victims. [1]
The advisory comes from a host of agencies, including the Austral
Threat actors are using a technique known as "spam bombing" to overload victims' email inboxes and provide cover for more harmful activity. Security vendor Darktrace, analysts Maria Geronikolou and Cameron Boyd detailed an example of the technique where the threat actor used a legitimate email campaign product to swarm a victim with spam emails and then attempted to phish them under the guise of a "helpful" IT staffer. The attack is an example of how threat actors use legitimate products for mal
The social media platform, owned by leading Chinese technology firm Bytedance, was the target of legislation following an order by the US Congress that it be sold or face a permanent ban in the US market, where it has 170 million users. The original deadline was set for the end of February, although this was extended by 90 days following Donald Trump's inauguration. The US President has signed an executive order and given TikTok a 75-day extension in a move intended to provide his administration
