The Muddled Libra group, also known as Scattered Spider, executed a sophisticated attack using a rogue virtual machine within a VMware vSphere environment. This attack exposed critical tactics, techniques, and procedures (TTPs) used by the group.

Foxit Software has addressed multiple cross-site scripting (XSS) vulnerabilities in Foxit PDF Editor Cloud and Foxit eSign. These vulnerabilities could allow attackers to execute arbitrary JavaScript within a user's browser.

The CrossCurve bridge suffered a cyberattack resulting in a $3 million loss. Attackers exploited a vulnerability in the smart contract infrastructure, specifically a gateway validation bypass within the ReceiverAxelar contract.

ShadowHS is an advanced fileless Linux exploitation framework designed for stealthy, in-memory operations. It enables attackers to maintain long-term access to compromised systems without leaving persistent traces.

A critical security vulnerability was discovered in the Bondu AI toy, where an exposed admin panel allowed unauthorized access to sensitive data, including children's personal information and conversation transcripts.

Manage My Health, a widely used digital health platform in New Zealand, experienced a cyberattack that compromised documents stored in the "My Health Documents" section. The breach exposed sensitive documents including clinical letters.

The telecommunications sector experienced a four-fold increase in ransomware attacks over the past 4 years. This sector is a critical component of national infrastructure, making it a prime target for both ransomware groups and nation-state actors.

A critical security vulnerability has been identified at the HitBTC Exchange by the blockchain security researchers. Despite attempts to responsibly disclose the issue, HitBTC has not responded.

The hacking group Crimson Collective has claimed responsibility for a significant data breach involving the U.S. fiber broadband provider Brightspeed. The breach reportedly affects over a million residential customers.

The CL0P ransomware group has targeted Oracle EBS vulnerabilities, affecting organizations such as Korean Air and the University of Phoenix. The University of Phoenix reported a breach compromising personal data of nearly 3.5 million individuals.