The phishing campaign involved emails impersonating a South Korean defense-related institution, claiming to manage ID issuance for military personnel. These emails contained malicious attachments.

Vietnam’s National Credit Information Center suffered a cyberattack by the ShinyHunters group, exploiting an n-day vulnerability in unsupported software. The attackers accessed and leaked personal data, which was listed for sale on the dark web.

A new AI-powered penetration testing tool named Villager has garnered nearly 11,000 downloads on PyPI. Villager’s AI-driven architecture enables large-scale, parallelized exploitation.

A recent investigation has revealed how the Model Context Protocol (MCP), an open standard for integrating AI assistants with external tools, can be exploited as a supply chain attack vector.

A significant data breach at Fairmont Federal Credit Union has compromised the sensitive personal, financial, and medical information of over 187,000 individuals. The compromised information includes: Full names and dates of birth, SSNs, and more.

A record-breaking Layer 7 (L7) Distributed Denial of Service (DDoS) attack was successfully mitigated after being launched by a massive botnet comprising 5.76 million compromised devices.

A massive 600 GB data leak allegedly tied to the Great Firewall of China has surfaced online, exposing a trove of internal documents, source code, and operational data. The leaked data is attributed to the hacktivist group Enlace Hacktivista.

The FBI has issued a FLASH alert warning organizations of ongoing malicious campaigns by cybercriminal groups UNC6040 and UNC6395. These groups are actively targeting Salesforce platforms to conduct data theft and extortion operations.

A critical vulnerability (CVE-2025-5086) in DELMIA Apriso factory software is being actively exploited in the wild. The flaw, a deserialization of untrusted data issue, enables remote code execution and affects versions from 2020 through 2025.

In Vietnam, the CIC was breached, with attackers claiming to have stolen 160 million records. In Panama, the Ministry of Economy and Finance (MEF) was targeted by the INC ransomware group, which claims to have exfiltrated 1.5 TB of data.