Latest Cybersecurity News and Articles

RondoDox botnet targets 56 n-day flaws in worldwide attacks

RondoDox is a large-scale botnet active since June 2025, targeting 56 n-day vulnerabilities across over 30 device types, including routers, DVRs, and web servers. Since its discovery, the botnet has expanded its arsenal of exploits

AI models can acquire backdoors from surprisingly few malicious documents

Recent research reveals that large language models (LLMs) can develop backdoor vulnerabilities from as few as 250 malicious documents embedded in their training data. The study involved training LLMs ranging from 600 million to 13 billion parameters.

All SonicWall Cloud Backup Users Had Firewall Configurations Stolen

A significant data breach has impacted all users of SonicWall’s MySonicWall cloud backup service. Threat actors accessed firewall configuration backup files, potentially exposing encrypted credentials and configuration data.

Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day

Williams & Connolly, a prominent Washington, DC-based law firm, was breached by Chinese state-sponsored hackers who exploited a zero-day vulnerability to access a limited number of attorney email accounts.

Telstra Denies Cyberattack Claims Amidst Ransom Threats from Scattered Spider

A threat actor group identifying as Scattered Lapsus$ Hunters claimed responsibility for a massive data breach involving Australian telecom giant Telstra. The group claims to have exfiltrated over 100GB of PII.

New Chaos-C++ Ransomware Targets Windows by Wiping Data, Stealing Crypto

A new variant of the Chaos ransomware family, dubbed Chaos-C++, has emerged targeting Microsoft Windows systems. This version is the first known Chaos variant not written in .NET, marking a significant shift in its development.

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

A new ransomware alliance has emerged between DragonForce, LockBit, and Qilin, signaling a major evolution in the cyber threat landscape. This coalition aims to enhance attack effectiveness by sharing tools and infrastructure.

Salesforce refuses to submit to extortion demands linked to hacking campaigns

Salesforce has confirmed it will not comply with extortion demands following a series of cyberattacks attributed to a threat group linked to Scattered Spider, Lapsus$, and ShinyHunters.

Hackers exploit auth bypass in Service Finder WordPress theme

A critical authentication bypass vulnerability (CVE-2025-5947) in the Service Finder WordPress theme is being actively exploited by threat actors. Over 13,800 exploitation attempts have been recorded since August 1.

Institute of Culinary Education notifies 33,000+ people of data breach that leaked SSNs

The Institute of Culinary Education (ICE) has disclosed a ransomware attack affecting 33,342 individuals. The ransomware group Payouts King claimed responsibility, stating it exfiltrated 1.5 TB of data.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags