More results...
Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the company attributes to Western intelligence agencies. The stolen funds belonged to Russian users, as the […]
A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022 credential stuffing attack against DraftKings. He continued selling stolen login data online even after pleading […]
Operation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation PowerOFF is an international law enforcement action that dismantled 53 domains linked to DDoS-for-hire services used by over 75,000 cybercriminals. Authorities arrested four suspects, seized infrastructure, and gained access to databases containing more than […]
New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt operations by altering hydraulic pressure and increasing chlorine levels to unsafe levels. The malware combines […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by […]
Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code and impersonate any user within the affected services. The issues pose serious security risks, prompting […]
A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved […]
CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive […]
Sweden says a pro-Russian group attacked a heating plant in 2025. The failed cyberattack highlights growing threats to Europe’s energy infrastructure. Sweden has blamed a pro-Russian group linked to Russian intelligence for a failed cyberattack on a heating plant in 2025. Officials say the incident is part of a broader wave of attacks targeting critical […]
An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and take full control of Nginx servers. A critical vulnerability in nginx-ui, tracked as CVE-2026-33032 (CVSS score of 9.8), is being actively exploited, allowing attackers to bypass authentication and fully take over Nginx servers. The issue stems from improper protection of the /mcp_message endpoint, […]