Security News

BlackLock ransomware claims nearly 50 attacks in two months
2025-03-17 20:40

A ransomware-as-a-service (RaaS) operation called 'BlackLock' has emerged as one of the more active ransomware operations of 2025. [...]

Supply chain attack on popular GitHub Action exposes CI/CD secrets
2025-03-17 15:24

A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build...

Improvements in Brute Force Attacks
2025-03-17 15:09

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are...

Critical RCE flaw in Apache Tomcat actively exploited in attacks
2025-03-17 13:29

A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. [...]

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
2025-03-17 13:12

An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in...

GitHub supply chain attack spills secrets from 23,000 projects
2025-03-17 12:34

Large organizations among those cleaning up the mess It's not such a happy Monday for defenders wiping the sleep from their eyes only to deal with the latest supply chain attack.…

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
2025-03-17 11:25

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat...

SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
2025-03-17 11:00

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute...

Ransomware gang creates tool to automate VPN brute-force attacks
2025-03-14 16:55

The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs. [...]

94% of Wi-Fi networks lack protection against deauthentication attacks
2025-03-14 05:30

A recent report from Nozomi Networks Labs, based on an analysis of over 500,000 wireless networks worldwide, reveals that only 6% are adequately protected against wireless deauthentication...