Nike is investigating a potential data breach after the extortion group WorldLeaks claimed to have exfiltrated more than 1.4TB of files belonging to the global sportswear brand and published it on its leak site. In in a post on X over the weekend, threat intelligence organization JustaBreach reported the leak of 188,347 files allegedly stolen from Nike's internal systems. The sportswear company confirmed that it is currently investigating if an incident did indeed occur. READ MORE...
The coordinated attack on Poland's power grid in late December targeted multiple distributed energy resource (DER) sites across the country, including combined heat and power (CHP) facilities and wind and solar dispatch systems. Although the attacker compromised operational technology (OT) systems damaging "key equipment beyond repair," they failed to disrupt power, totalling 1.2 GW or 5% of Poland's energy supply. READ MORE...
ANorth Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released Thursday. Labeled "Labyrinth Chollima" by the company, the group follows a divergence pattern CrowdStrike observed previously. Labyrinth Chollima has spawned two additional groups: Golden Chollima and Pressure Chollima. The spin-offs allow Labyrinth Chollima to narrow its focus on espionage. READ MORE...
SolarWinds on Wednesday announced patches for six vulnerabilities in the Web Help Desk product, including four critical-severity bugs. First in line is CVE-2025-40551 (CVSS score of 9.8), a critical flaw described as an untrusted data deserialization issue that could lead to remote code execution (RCE) without authentication. According to Horizon3.ai, which discovered and reported the defect, CVE-2025-40551 exists in AjaxProxy functionality. READ MORE...
Ransomware crims have just lost one of their best business platforms. US law enforcement has seized the notorious RAMP cybercrime forum's dark web and clearnet domains. RAMP, which stands for Russian Anonymous Marketplace, was an online souk, favored by ransomware-as-a-service gangs, extortionists, initial access brokers, and other miscreants specializing in digital crime. Its websites now say "This Site Has Been Seized," with the notice attributing the takedown to the FBI. READ MORE...
Alarming critics, the acting director of the Cybersecurity and Infrastructure Security Agency (CISA), Madhu Gottumukkala, accidentally uploaded sensitive information to a public version of ChatGPT last summer, Politico reported. According to "four Department of Homeland Security officials with knowledge of the incident," Gottumukkala's uploads of sensitive CISA contracting documents triggered multiple internal cybersecurity warnings. READ MORE...
A wide range of adversaries including state-sponsored actors are targeting a vulnerability in popular file extraction software WinRAR that was addressed last year. The vulnerability impacts a wide range of organizations and could weigh heaviest on small and midsized businesses. Google Threat Intelligence Group (GTIG) yesterday published a research blog post regarding CVE-2025-8088, a high-severity flaw discovered by ESET and disclosed last August. READ MORE...
Fortinet customers are confronting another actively exploited zero-day vulnerability that allows attackers to bypass authentication in the single sign-on flow for FortiCloud and gain privileged access to multiple Fortinet firewall products and related services. The vendor issued a security advisory for the vulnerability - CVE-2026-24858 - warning that some instances of exploitation already occurred earlier this month. READ MORE...
Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host. Identified as CVE-2026-1470 and CVE-2026-0863, the vulnerabilities were discovered and reported by researchers at DevSecOps company JFrog. Despite requiring authentication, CVE-2026-1470 received a critical severity score of 9.9 out of 10. READ MORE...