Home - Cybercory

Breaking News: Supply-Chain Breach Hits Palo Alto Networks and Zscaler via Salesloft’s Drift App

September 4, 2025 0

A widespread supply-chain cyberattack has unfolded, centering on OAuth tokens stolen from the Salesloft - Drift application - a third-party AI-powered sales tool that integrates...

Securing Critical Infrastructure: Insights from Evgeny Kurtukov at Dubai Cyber Show

Podcast & Cyber Talks 3 days ago

Virtual private networks (VPNs)

Coordinated Brute-Force Campaign Targets Fortinet SSL VPN and FortiManager Services

On 3 August 2025, threat intelligence firm GreyNoise detected an unprecedented surge in brute-force attempts against Fortinet SSL VPNs - over 780 unique IPs...

Breaking news:

Podcast & Cyber Talks

Securing Critical Infrastructure: Insights from Evgeny Kurtukov at Dubai Cyber Show

At the recent 100 CISO Summit in Dubai, Ouaissou...

Advanced Persistent Threat

Salt Typhoon & UNC4841: Silent Push Uncovers New Domains in Global Espionage Campaign

Silent Push threat analysts have uncovered dozens of new...

Saintynet Certification Training Flyer 2025

Saintynet Certification Training Flyer 2025 (1)

Saintynet Certification Training Flyer 2025 (2)

Stay on top of what's going on with our subscription deal!

Worldwide

AI & Cybersecurity

Breaking News: Supply-Chain Breach Hits Palo Alto Networks and Zscaler via Salesloft’s Drift App

A widespread supply-chain cyberattack has unfolded, centering on OAuth...

National Security

Iran-Nexus Spear-Phishing Masquerades as Omani MFA to Target Global Governments

In August 2025, Dream’s Cyber Threat Intelligence (CTI) agents...

AI & Cybersecurity

Ooredoo and Qatar Airways Sign MoU to Establish Qatar as Regional AI, Cloud & Cybersecurity Innovation Hub

On 30 August 2025, Ooredoo and Qatar Airways signed...

Application Security

Malicious Versions of Nx NPM Packages Published: Developers Urged to Update Immediately

Cybersecurity researchers have discovered that malicious versions of the...

Africa

EFCC Arrests 37 Suspected Internet Fraudsters in Wukari, Taraba State

On 27 August 2025, the Economic and Financial Crimes...

AI & Cybersecurity

PromptLock: ESET Uncovers First Known AI-Powered Ransomware

ESET researchers published on 27 August 2025 that they...

Banking & Cybersecurity

Hook Version 3 Emerges: Banking Trojan Gains Ransomware Overlays, NFC Tricks, Screen-Streaming – Enterprise Security at Risk

On 25 August 2025, Zimperium’s zLabs disclosed the release...

Africa

Nigeria Deports 42 Foreign Cybercriminals After Historic EFCC Raid; 150 More to Follow

On 18 August 2025, the Nigerian Immigration Service, in...

Middle East

PipeMagic Resurfaces: Kaspersky and BI.ZONE Report New Backdoor Activity in GCC and Latin America

On 19 August 2025, Kaspersky and BI.ZONE disclosed the...

Blockchain & Crypto Security

Google Play Enforces Stricter Global Licensing Rules for Cryptocurrency Apps

Google Play has introduced new, jurisdiction-specific licensing requirements for...

Patch

Microsoft Patches 111 CVEs in August 2025 Security Update, Including Critical Azure OpenAI Flaw

On 13 August 2025, Microsoft released its monthly security...

Virtual private networks (VPNs)

Coordinated Brute-Force Campaign Targets Fortinet SSL VPN and FortiManager Services

On 3 August 2025, threat intelligence firm GreyNoise detected...

Europe

Dutch NCSC Confirms Advanced Zero-Day Attacks on Citrix NetScaler: Multiple Critical Organizations Breached

On 11 August 2025, the Dutch National Cyber Security...

Africa

Nigeria Convicts 21 Foreign Hackers, Fines Each ₦1 Million, Orders Deportation in Six Days

On 8 August 2025, the Federal High Court in...

Phishing & Solution

The Cost of a Call: How Voice Phishing Campaigns Escalated into Salesforce Data Extortion

A sophisticated cybersecurity campaign leveraging voice phishing (vishing) has...

Featured Interviews

#Interview: Navigating Security Challenges in the IoT Era: Insights from Industry...

Read The Interview

More...

#Interview: Navigating the Intersection of PCI DSS Compliance and Cyber Law:...

Read The Interview

More...

#Interview: AI and Machine Learning in Zero Trust: Enhancing Threat Detection...

Read The Interview

More...

Middle East

View All

Ooredoo and Qatar Airways Sign MoU to Establish Qatar as Regional AI, Cloud & Cybersecurity Innovation Hub

Ouaissou DEMBELE - September 1, 2025

On 30 August 2025, Ooredoo and Qatar Airways signed a landmark Memorandum of Understanding to establish Qatar as...

PipeMagic Resurfaces: Kaspersky and BI.ZONE Report New Backdoor Activity in GCC and Latin America

Ouaissou DEMBELE - August 20, 2025

On 19 August 2025, Kaspersky and BI.ZONE disclosed the reemergence of the PipeMagic backdoor, a malware strain first...

Oman’s Civil Aviation Authority Boosts Cybersecurity Awareness at Muscat and Salalah Airports

August 4, 2025

Jordan’s Cyber Incidents Soar: NCC Reports 6,758 Attacks in 2024

August 1, 2025

CPX’ Latest Whitepaper for Securing OT: Trust, Collaboration, and the Future of Industrial Cyber Defense

July 14, 2025

UAE Employees Surpass European Peers in Cyber Readiness, Cohesity Study Reveals

June 24, 2025

Iran’s State TV Hijacked to Broadcast Protest Videos Satellite Hack amid Rising Tensions

June 21, 2025

Jordan’s NCSC Greenlights 2025-2028 National Cybersecurity Strategy to Elevate Regional Digital Security

June 20, 2025

AI & Cybersecurity

View All

Breaking News: Supply-Chain Breach Hits Palo Alto Networks and Zscaler via Salesloft’s Drift App

Ouaissou DEMBELE - September 4, 2025

A widespread supply-chain cyberattack has unfolded, centering on OAuth tokens stolen from the Salesloft - Drift application - a third-party AI-powered sales...

Ooredoo and Qatar Airways Sign MoU to Establish Qatar as Regional AI, Cloud & Cybersecurity Innovation Hub

September 1, 2025

PromptLock: ESET Uncovers First Known AI-Powered Ransomware

August 28, 2025

MTN South Africa Launches Nation’s First Re-Usable Biometric Digital ID Across All Stores

August 8, 2025

CVE‑2025‑7847: Arbitrary File Upload in AI Engine Puts 100K+ WordPress Sites at Risk of RCE

August 2, 2025

The Top 10s

View All

Fortressing Your Business Data: Top 10 Most Secure ERP Systems in 2024

Ouaissou DEMBELE - June 11, 2024

In today's data-driven business landscape, Enterprise Resource Planning (ERP) software plays a critical role. It manages core functionalities like finance, inventory, human...

The Digital Fortress: Top 10 Most Secure Operating Systems in 2024

June 10, 2024

Guarded Gates: Top Best 10 Secure Email Services in 2024

June 10, 2024

Securing the Gateway: Top Best 10 Web Application Firewalls (WAFs) in 2024

June 8, 2024

Safeguarding Your Digital Assets: Top 10 Data Backup Solutions in 2024

June 7, 2024

Africa

View All

Africa

EFCC Arrests 37 Suspected Internet Fraudsters in Wukari, Taraba State

Africa

African Authorities Dismantle Massive Cybercrime Networks in INTERPOL-Led Crackdown

Africa

Nigeria Deports 42 Foreign Cybercriminals After Historic EFCC Raid; 150 More to Follow

America

View All

America

Chinese National Sentenced to Four Years for Deploying “Kill Switch” on Employer’s Network

America

SIM-Swapper “Scattered Spider” Hacker Sentenced to 10 Years, Ordered to Pay $13 Million

Asia

View All

Advanced Persistent Threat

Singapore Under Siege: UNC3886 Launches Cyber‑Espionage Strikes on Critical Infrastructure

Asia

Taiwan NSB Warns of Critical Cybersecurity Risks in China-Made Mobile Apps

Asia

Malaysian Home Minister’s WhatsApp Hacked via Foreign VPN: Police Launch Cybercrime Probe

How To

View All

How To

How to identify fake social media profiles? A Guide to Unmasking the Imposters & Identifying Fake Social Media Profiles

How To

How to avoid social engineering scams on social media?: The Social Siren Song

How To

How To Avoid Online Shopping Scams?: The Siren Song of Savings

How To

How to protect your credit card information online?: Fort Knox for Your Wallet

What Is

View All

DoS & DDoS

Under Siege: Understanding DoS and DDoS Attacks in Cybersecurity

What Is

What Is VPN? Tunneling Through the Web: A Comprehensive Guide

What Is

What Is A Computer Virus? The Invisible Invaders: A Comprehensive Guide

What Is

What Is Ransomware? Held Hostage in the Digital Age: Understanding the Threat

Europe

Data Breach

Berlin Charges Alleged German “Anonymous” Member for Major Rosneft Cyberattack

Ouaissou DEMBELE - August 29, 2025

Europe

Dutch NCSC Confirms Advanced Zero-Day Attacks on Citrix NetScaler: Multiple Critical Organizations Breached

Ouaissou DEMBELE - August 12, 2025

View All

Oceania

America

US Deports Notorious Australian Hacker After Landmark Cybercrime Conviction

DENVER/ADELAIDE – United States Immigration and Customs Enforcement (ICE)...

Data Breach

Australia’s Privacy Alarm Bells: A Deep Dive into the Notifiable Data Breaches Report (July-December 2024)

In an era where cyber threats are escalating with...

Banking & Finance

ASIC Sues FIIG Securities Over Cybersecurity Failures Leading to Data Theft

The Australian Securities and Investments Commission (ASIC) has launched...

Education System

Cybersecurity Breach at the University of Notre Dame Australia: Investigation Underway

The University of Notre Dame Australia is currently investigating...

Australia

Bunnings Faces Privacy Backlash Over Facial Recognition Technology Use

Bunnings Group Limited, a prominent retail chain in Australia,...

Hacked - Breached

Breached

Tenable and Qualys Disclose Impact from Salesloft Drift Supply-Chain Breach

AI & Cybersecurity

Breaking News: Supply-Chain Breach Hits Palo Alto Networks and Zscaler via Salesloft’s Drift App

Breached

Bouygues Telecom Cyberattack Exposes 6.4 Million Customers Second Telecom Breach in France This Month

Breached

Air France & KLM Hit in Supply-Chain CRM Breach; ShinyHunters Behind Salesforce Attacks on Global Giants

America

Allianz Life Suffers Data Breach via External Hack: Consumer Data at Risk

View All

Zero-Day

Europe

Dutch NCSC Confirms Advanced Zero-Day Attacks on Citrix NetScaler: Multiple Critical Organizations Breached

Patch

Apple Urges Immediate Update as July 2025 Security Patches Address Multiple Zero‑Days

Patch

Chrome Under Active Exploit: Google Patches High-Risk Zero-Day in V8 Engine (CVE-2025-5419)

Website Security

Unpatched Zero-Day in TI WooCommerce Wishlist Plugin Exposes Over 100K Sites to RCE Risk

Cyberespionage Spying

Marbled Dust Exploits Zero-Day in Output Messenger to Spy on Kurdish Targets: Inside a Sophisticated Regional Espionage Campaign

View All

Cryptocurrencies

Blockchain & Crypto Security

Google Play Enforces Stricter Global Licensing Rules for Cryptocurrency Apps

Application Security

Securing Kubernetes: Understanding and Mitigating Threats to Containerized Environments

Advanced Persistent Threat

Trojanized Messaging Apps and Budget Android Devices: A Perfect Storm for Cryptocurrency Theft

Banking & Finance

MorphoBlue Frontend Vulnerability Exploited for $2.6 Million: A Wake-Up Call for DeFi Security

Blockchain & Crypto Security

Triada Returns with a Vengeance: Preinstalled Trojan Targets Cryptocurrency, Messenger Accounts, and Phone Calls

View All

Cloud Security

AI & Cybersecurity

Ooredoo and Qatar Airways Sign MoU to Establish Qatar as Regional AI, Cloud & Cybersecurity Innovation Hub

Application Security

Microsoft Patches Critical Exchange Hybrid Vulnerability Allowing Cloud Privilege Escalation

Cloud Security

Attackers Unleash TeamFiltration: Active Account Takeover Campaign Hits Over 80,000 Users Across Entra ID Ecosystems

Advanced Persistent Threat

APT41 Unmasked: Chinese Cyber-Espionage Group Uses Google Calendar for Covert Attacks

Application Security

Securing Kubernetes: Understanding and Mitigating Threats to Containerized Environments

View All

Ransomware

AI & Cybersecurity

PromptLock: ESET Uncovers First Known AI-Powered Ransomware

Africa

African Authorities Dismantle Massive Cybercrime Networks in INTERPOL-Led Crackdown

Advanced Persistent Threat

New Charon Ransomware Adopts Earth Baxia APT Techniques to Target Enterprises

Ransomware

Muddled Libra Rebounds: Cybercrime Group Now Faster, Farther-Reaching, and More Impactful in 2025

America

US Sanctions Russia-Linked Bulletproof Hosting Provider Aeza Group for Enabling Ransomware and Infostealer Operations

View All

CVE‑2025‑7847: Arbitrary File Upload in AI Engine Puts 100K+ WordPress Sites at Risk of RCE

On 18 July 2025, researchers at Wordfence disclosed CVE‑2025‑7847, a high-severity (CVSS 8.8) arbitrary file upload vulnerability in the widely used AI Engine WordPress plugin, affecting versions...

Middle East

Jordan’s Cyber Incidents Soar: NCC Reports 6,758 Attacks in 2024

On 31 July 2025, Jordan’s National Cybersecurity Center (NCC) revealed that 6,758 cyber incidents targeted national cyberspace in 2024 a 175 percent increase versus 2023. Detection rates...

Advanced Persistent Threat

Russian FSB‑Linked “Secret Blizzard” Launches ISP‑Level AiTM Campaign Against Moscow Embassies

Microsoft Threat Intelligence has uncovered an advanced cyberespionage campaign by Russian state‑aligned actor Secret Blizzard (also known as Turla) targeting foreign embassies in Moscow...

Patch

Apple Urges Immediate Update as July 2025 Security Patches Address Multiple Zero‑Days

Apple has rolled out a major security update on 29 July 2025, patching over two dozen vulnerabilities-including zero‑day flaws actively exploited in Chrome and privilege escalation...

Vulnerability Management

Hackers Actively Exploit Critical RCE in WordPress Alone Theme (CVE-2025-5394)

A newly disclosed flaw in the Alone – Charity Multipurpose Non-profit WordPress Theme (versions ≤ 7.8.3) enables unauthenticated attackers to deploy arbitrary plugin ZIP files-containing...

America

Allianz Life Suffers Data Breach via External Hack: Consumer Data at Risk

Allianz Life Insurance Company of North America has disclosed a significant cybersecurity breach involving unauthorized access to external systems on 16 July 2025, according...

Application Security

Tea App Confirms Cyberattack: Legacy Data Leak Exposes 72,000 Images Including Selfie IDs

On 25 July 2025, women-centric platform Tea confirmed a serious cybersecurity incident involving unauthorized access to a legacy storage system. Roughly 72,000 images, including...

Africa

New Mobile Money Scam in Burkina Faso: Central Cybercrime Unit Raises Alarm

The Central Brigade for the Fight Against Cybercrime (BCLCC) in Burkina Faso has issued a high-alert fraud advisory after detecting a growing scam targeting...

Ransomware

Muddled Libra Rebounds: Cybercrime Group Now Faster, Farther-Reaching, and More Impactful in 2025

A reinvigorated Muddled Libra, also known as Scattered Spider and UNC3944, has reemerged with evolved tactics, broader reach, and accelerated operations across key sectors...

Breached

Massive Data Breach at the UK Legal Aid Agency: What Happened, What’s at Risk, and How to Respond

In one of the most concerning public sector cyber incidents of the year, the UK’s Legal Aid Agency (LAA) has confirmed a serious data...

Africa

African Cyber Cooperation Takes a Strategic Leap: Senegal’s CHEDS Visits Côte d’Ivoire’s ANSSI Headquarters

On 23 July 2025, a delegation from Senegal’s Centre des Hautes Études de Défense et de Sécurité (CHEDS), led by General Jean DIEME, visited Côte d’Ivoire’s National...

Europe

NCSC Report: 6,779 Cyber Incidents Impact Individuals & SMEs in Aotearoa NZ during 2023/24

New Zealand’s National Cyber Security Centre (NCSC) recorded 7,122 cyber security incidents between 1 July 2023 and 30 June 2024, with the vast majority-6,779...

Cyber Attack

US Nuclear Agency Hacked Through Microsoft SharePoint Flaws

Microsoft SharePoint has frequently made headlines—and often for negative reasons—due to its involvement in various hacking incidents and data breaches. The platform has been...

Europe

Key Admin of Russian-Language Cybercrime Forum xss.is Arrested in Ukraine After Europol-Led Crackdown

Kyiv, Ukraine - 22 July 2025: A high-profile administrator behind one of the most influential Russian-speaking cybercrime forums, xss.is, was arrested in a coordinated...

Open Source Intelligence (OSINT)

Google Launches OSS Rebuild to Reinforce Open Source Supply Chain Security

21 July 2025 - Mountain View, CA - In a bold move to reinforce software supply chain security, Google has unveiled OSS Rebuild, a...

Technology & Telecom

Cisco ISE RCE Crisis: Critical Unauthenticated Vulnerabilities Demand Immediate Patch

Cisco has disclosed three unauthenticated remote code execution (RCE) flaws-CVE‑2025‑20281, CVE‑2025‑20282, and CVE‑2025‑20337-affecting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE‑PIC)....

Advanced Persistent Threat

Singapore Under Siege: UNC3886 Launches Cyber‑Espionage Strikes on Critical Infrastructure

Singapore is currently facing ongoing cyber-espionage attacks by the UNC3886 Advanced Persistent Threat (APT) group, an operation directly targeting its critical infrastructure, including energy,...

Internet Of Thing Security

Google Takes Legal Action to Disrupt BADBOX 2.0 Botnet of 10 Million+ Infected IoT Devices

Good catch, CISOs and cybersecurity professionals: Google, along with partners HUMAN Security and Trend Micro, has filed a lawsuit in New York federal court...

Cyberespionage Spying

Phish and Chips: China‑Aligned Espionage Surge Targeting Taiwan Semiconductor Industry

Between March and June 2025, Proofpoint researchers tracked three distinct China‑aligned threat actors launching spear‑phishing campaigns against Taiwanese semiconductor firms, design houses, service providers, and...

Technology & Telecom

Emergency Alert: Critical Unauthenticated RCE Discovered in Cisco ISE/ISE‑PIC

Cisco has patched three severe unauthenticated remote code execution (RCE) vulnerabilities (CVE‑2025‑20281, CVE‑2025‑20282, CVE‑2025‑20337) in Identity Services Engine (ISE) and its Passive Identity Connector....

1 234...70 Page 3 of 70

- Gain full access to our premium content

- Never miss a story with active notifications

- Browse free from up to 5 devices at once

Patched

Patch

Microsoft Patches 111 CVEs in August 2025 Security Update, Including Critical Azure OpenAI Flaw

On 13 August 2025, Microsoft released its monthly security...

Application Security

Microsoft Patches Critical Exchange Hybrid Vulnerability Allowing Cloud Privilege Escalation

On 6 August 2025, Microsoft released a critical security...

Patch

Apple Urges Immediate Update as July 2025 Security Patches Address Multiple Zero‑Days

Apple has rolled out a major security update on...

View All

Bug Bounty

Bug Bounty Bonanza: WazirX Launches Program After $230 Million Cyberattack

In the ever-changing landscape of cybersecurity, the Indian cryptocurrency...

Bug Bounty

Why Your Company Needs a Bug Bounty Program: A Proactive Approach to Cybersecurity

In today's ever-evolving digital landscape, cybersecurity threats are a...

Bug Bounty

Big Bucks for Bugs: Google’s $10 Million Bug Bounty Award and Lessons for Responsible Disclosure

In the ever-evolving battle against cybercrime, bug bounty programs...

View All

ISC/SCADA Security

National Security

Cybercrime Surge, State-Sponsored Faketivists, and Evolving OT Threats: Key Insights from 2025H1

Forescout’s newly released 2025H1 Threat Review (5 August 2025)...

Advanced Persistent Threat

Singapore Under Siege: UNC3886 Launches Cyber‑Espionage Strikes on Critical Infrastructure

Singapore is currently facing ongoing cyber-espionage attacks by the...

Middle East

CPX’ Latest Whitepaper for Securing OT: Trust, Collaboration, and the Future of Industrial Cyber Defense

The UAE-based cybersecurity leader CPX has released a groundbreaking...

View All

IAM

Africa

FABMISR Deploys SailPoint IAM Tool with Hemaya IT, Strengthening Cybersecurity and Digital Governance in Egypt

On 19 August 2025, First Abu Dhabi Bank Misr...

Access Control Systems

MTN South Africa Launches Nation’s First Re-Usable Biometric Digital ID Across All Stores

On 8 August 2025, MTN South Africa announced the...

Access Control Systems

HPE Issues Emergency Patch for Critical StoreOnce Vulnerabilities Enabling Remote Authentication Bypass and Code Execution

Hewlett Packard Enterprise (HPE) has released urgent security patches...

View All

cybercory.comcybercory.com

Cybercory Magazine

Cybercory.com serves as a platform for promoting, motivating, and educating its audience on cybersecurity matters, contributing to a more secure digital environment. Cybercory is a part of Sainttly Group.

Popular:

Breaking news:

Featured Interviews

.tdi_194{margin-bottom:10px!important}#Interview: Navigating the Intersection of PCI DSS Compliance and Cyber Law:...

.tdi_218{margin-bottom:10px!important}#Interview: AI and Machine Learning in Zero Trust: Enhancing Threat Detection...

Cybercory Magazine

Latest

Popular

Sitemap

#Interview: Navigating the Intersection of PCI DSS Compliance and Cyber Law:...

#Interview: AI and Machine Learning in Zero Trust: Enhancing Threat Detection...