Security researcher Jeremiah Fowler uncovered an unsecured ElasticSearch database holding 184 million login records—usernames and plain-text passwords for services such as Apple, Google, Facebook, Microsoft and many more. A spot-check of 10,000 entries revealed hundreds of government email addresses from at least 29 countries, including the UK and the US, raising national-security concerns. The trove, […]
Interlock, a ransomware gang, breached the education network of Scotland’s West Lothian Council. The council first said no data had been taken, but after Interlock dumped files online it admitted that “a small percentage” of data was stolen. Personal information on teachers, parents and carers—including scanned passports and driving licences—has appeared on the criminals’ leaks […]
Authorities have issued an alert to law firms about Luna Moth (also known as Silent Ransom Group, Chatty Spider and Storm-0252), an extortion gang that has been running sophisticated “callback phishing” attacks since 2022. Victims first receive innocuous emails—often about fake invoices or subscription renewals—asking them to telephone a customer-service number. Once on the call, […]
I’ve been elbow-deep in other people’s networks for nineteen years now, and if there’s one constant it’s that the shiny toys always turn up long before the basics are nailed down. The EDR / MDR / XDR mirage Over the last half-decade every board slide has the same checkbox: “SOC in place – ✅”. They […]
The Conti ransomware group published an “EDR Tier List” on X (formerly Twitter), grading well-known Endpoint Detection and Response tools from S Tier (hardest to evade) down to “LOL” Tier (trivial to bypass). A surprise entry in the bottom tier is Microsoft Defender for Endpoint (MDE), which the gang says is easy to sidestep in […]
CISA Issues Warning Over Oracle Cloud Credential Leak The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organisations that a January breach of two obsolete Oracle Cloud servers may expose millions of credentials. • Oracle privately told customers that its core Oracle Cloud Infrastructure (OCI) was not compromised, but attackers accessed usernames from legacy […]
ASUS Routers Hit by Critical AiCloud Security Flaw ASUS has disclosed CVE-2025-2492, a critical authentication-bypass flaw (CVSS 9.2) affecting multiple router models that run the AiCloud remote-access feature. A crafted request lets remote attackers execute functions without logging in. ASUS has released patched firmware in the 382, 386, 388 and 102 branches and urges owners […]
SessionShark: The Phishing Kit That Sidesteps Office 365 MFA Security researchers at SlashNext have uncovered “SessionShark,” a new phishing kit for hire that steals Microsoft Office 365 session tokens and lets criminals bypass multi-factor authentication (MFA). Sold on underground markets, SessionShark spins up convincing fake Office 365 login pages. When a victim enters their credentials, […]
Q1 2025: 159 Vulnerabilities Exploited in the Wild – Is Your Firm Still Behind on Patching? Threat-intelligence analysts have counted 159 distinct CVEs actively exploited in the wild during Q1 2025—a 28 percent rise on the same period last year. Nearly half of the in-use flaws date from 2023 or earlier, confirming that organisations still […]
