A sophisticated cyberattack targeting Walt Disney Company has resulted in the theft of 1.1 terabytes of sensitive corporate data, as revealed by the U.S. Department of Justice. The breach, orchestrated by 25-year-old American Ryan Kramer operating under the alias “NullBulge,” demonstrates an alarming evolution in social engineering tactics leveraging artificial intelligence trends. Sophisticated Social Engineering: … Read more

A groundbreaking international investigation has uncovered one of the most sophisticated phishing operations to date, with the Darcula platform compromising 884,000 bank cards across more than 100 countries. The investigation, conducted by NRK, Bayerischer Rundfunk, Le Monde, and Mnemonic, revealed that malicious links distributed through the platform were accessed over 13 million times by unsuspecting … Read more

Cybersecurity researchers at Arctic Wolf have uncovered widespread exploitation of a critical vulnerability in Samsung’s MagicINFO content management system. The security flaw, tracked as CVE-2024-7399, is actively being weaponized by threat actors, putting thousands of organizations worldwide at immediate risk of system compromise. Understanding the Critical Security Vulnerability The vulnerability, which received a CVSS score … Read more

Orange Cyberdefense researchers have uncovered a large-scale cyber attack campaign exploiting two critical vulnerabilities in the Craft CMS platform. The security flaws enable unauthorized server access and malicious code execution, putting thousands of websites at significant risk. Understanding the Critical Vulnerabilities The first vulnerability (CVE-2024-58136) affects the Yii PHP framework, which powers Craft CMS. Rated … Read more

SAP has released an emergency security patch addressing a critical zero-day vulnerability in NetWeaver Visual Composer that cybercriminals are actively exploiting. The vulnerability, tracked as CVE-2025-31324, has received the maximum CVSS severity score of 10.0, enabling unauthenticated remote code execution that poses an immediate threat to enterprise systems worldwide. Understanding the Technical Impact The security … Read more

Security researchers at Oligo Security have uncovered a series of critical vulnerabilities in Apple’s AirPlay protocol, collectively dubbed “AirBorne.” This significant security discovery impacts an estimated 2.35 billion Apple devices and numerous third-party products incorporating AirPlay technology, presenting a substantial cybersecurity risk to the global technology ecosystem. Understanding the Severity and Scope of AirBorne Vulnerabilities … Read more

Google’s Threat Intelligence Group (GTIG) has released its comprehensive analysis of zero-day vulnerabilities for 2024, documenting 75 distinct exploitation cases. While this figure represents a decrease from the record-breaking 97 incidents in 2023, it maintains a concerning upward trajectory compared to 63 cases in 2022, highlighting the persistent evolution of sophisticated cyber threats. State-Sponsored Actors … Read more

In a significant cybersecurity incident on April 26, 2025, Hitachi Vantara, a leading provider of data management and cloud solutions, experienced a severe ransomware attack orchestrated by the notorious Akira cybercrime group. The company implemented immediate containment measures, including the strategic shutdown of server infrastructure to minimize potential damage to its systems and client data. … Read more

Brave Browser has unveiled Cookiecrumbler, an innovative open-source solution that leverages advanced machine learning technology to combat intrusive cookie consent banners. This groundbreaking tool represents a significant advancement in web privacy protection, offering users a seamless browsing experience while maintaining website functionality. Advanced Machine Learning Technology for Precise Cookie Banner Detection Unlike conventional blocking methods … Read more

Leading cryptocurrency exchange Coinbase has released a crucial security update addressing a significant authentication logging vulnerability that had caused widespread concern among its user base. The fix resolves a critical issue in how the platform recorded and classified failed login attempts, which had previously led users to incorrectly assume their accounts were compromised. Understanding the … Read more