Circuit Board Maker Unimicron Targeted in Ransomware Attack
A ransomware group is threatening to leak data stolen from Taiwan-based printed circuit board (PCB) manufacturer Unimicron Technology. Unimicron is one of the world's largest PCB makers, with manufacturing sites in China, Germany and Japan. The company announced on February 1 that its IT systems had been targeted in a ransomware attack on January 30. Unimicron said at the time that it had launched an investigation aided by an external cyber forensics team. READ MORE...
Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure
Attempts to exploit an authentication bypass vulnerability affecting Palo Alto Networks firewalls started just one day after the flaw was publicly disclosed, according to threat intelligence firm GreyNoise. Palo Alto Networks announced patches and mitigations for the vulnerability on February 12. The PAN-OS flaw, tracked as CVE-2025-0108, allows an unauthenticated attacker to gain access to the firewall's management interface and execute certain PHP scripts. READ MORE...
US charges two Russian men in connection with Phobos ransomware operation
The US Department of Justice (DOJ) has unsealed criminal charges against two Russian nationals, alleged to have operated a cybercrime gang that used ransomware to target over 1000 American organisations. Roman Berezhnoy and Egor Nikolaevich Glebov, 33 and 39 years old respectively, are alleged to have extorted over US $16 million in ransom payments using the Phobos ransomware. Between May 2019 and at least October 2024, they are alleged to have hit a wide range of victims. READ MORE...
North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called "ClickFix" tactic. The ClickFix social engineering tactic has been dubbed thus because of the initial pretext used by malware peddlers: the users, wanting to read a webpage or document or join a video call, are shown a fake browser notice saying that the page or doc cannot be displayed correctly. READ MORE...
Roundtable: Is DOGE Flouting Cybersecurity for US Data?
Elon Musk and his band of programmers have been granted access to data from US government systems to aid their stated efforts to slash the size of government, leaving cybersecurity experts deeply concerned over how all of this sensitive data is being secured. So far, Musk and his Department of Government Efficiency (DOGE) have accessed the computer systems of the Department of Treasury, as well as classified data from the US Agency for International Development (USAID) and the Office of Personnel Management (OPM). READ MORE...
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. Specifically, the operators of Zservers were accused of facilitating LockBit ransomware attacks and supporting cybercriminals. READ MORE...
Salt Typhoon Exploits Cisco Devices in Telco Infrastructure
The Chinese advanced persistent threat (APT) known as Salt Typhoon has targeted more than a thousand Cisco devices located within the infrastructures of telecommunications companies, internet service providers (ISPs), and universities. Salt Typhoon (aka RedMike, Earth Estries, FamousSparrow, GhostEmperor, and UNC2286) first made its name last fall, with explosive reports about its targeting major US telecommunications providers like T-Mobile, AT&T, and Verizon. READ MORE...
Critical PostgreSQL bug tied to zero-day attack on US Treasury
A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say. Rapid7's principal security researcher, Stephen Fewer, disclosed CVE-2025-1094 (8.1) on Thursday, saying it was a key part of the exploit chain that also included the BeyondTrust zero-day (CVE-2024-12356). In fact, CVE-2025-1094 was so important to the chain that the BeyondTrust attack couldn't have been pulled off without it. READ MORE...
- ...in 1948, illusionist and writer Raymond Joseph Teller, AKA the silent half of comedy magic duo Penn & Teller, is born in Philadelphia, PA.
- ...in 1970, actor Simon Pegg ("Shaun of the Dead", "Mission: Impossible" series) is born in Gloucestershire, England.
- ...in 1990, the Voyager 1 space probe takes one last photograph of Earth before leaving our Solar System, a 6-billion-mile shot known as "Pale Blue Dot".
- ...in 2005, the video sharing site YouTube is launched by founders Chad Hurley, Steve Chen, and Jawed Karim.
