Recorded Future has uncovered ties between the Beijing Institute of Electronics Technology and Application (BIETA) and China's Ministry of State Security (MSS), the country's primary civilian intelligence service. BIETA, the cybersecurity firm says, was likely established in some form in 1983, the same year the MSS was created, and supports, together with its subsidiary Beijing Sanxin Times Technology Co (CIII), MSS operations across various activities. READ MORE...
In December 2024, CPAP Medical Supplies and Services Inc. (CPAP), a Jacksonville-a Florida-based provider of sleep therapy services and CPAP machines-experienced a cybersecurity incident that compromised the personal data of over 90,000 patients. Since CPAP Medical specializes in tailored sleep apnea equipment for the US military, most of the patients are military members, veterans, and their families. READ MORE...
Florida-based public safety communications solutions provider BK Technologies Corp (BKTI:NYSE American) revealed on Monday that its IT systems were hacked recently. The company said in a regulatory filing that it detected an intrusion on September 20. An investigation was launched and action was taken to remove the attacker from its systems. The incident resulted in some "minor disruptions" to non-critical systems and operations were not affected, the SEC was told. READ MORE...
In a very recent and well-targeted phishing attempt, scammers tried to get hold of the 1Password credentials belonging to a Malwarebytes employee. Stealing someone's 1Password login would be like hitting the jackpot for cybercriminals, because they potentially export all the saved logins the target stored in the password manager. While the email looks convincing enough, you can spot a few red flags. READ MORE...
A hacker group claims to have breached leading enterprise open source software vendor Red Hat and is threatening to release hundreds of gigabytes of stolen information if the company does not pay a ransom. In a Dark Web post, a group calling itself the Crimson Collective claimed to have stolen data from more than 28,000 Red Hat code repositories, including access tokens and customer engagement reports that contain network audits. READ MORE...
An email-based extortion campaign targeting Oracle E-Business Suite customers since early last week is now linked to a zero-day vulnerability, security researchers warned Sunday. The campaign, from hackers linked to Clop ransomware, has targeted executives at companies that use E-Business Suite since last Monday. Oracle, in a blog post released on Friday, urged customers to download a critical patch update that originally was released in July. READ MORE...
Bot farms have moved into the center of information warfare, using automated accounts to manipulate public opinion, influence elections, and weaken trust in institutions. Thales reports that in 2024, automated bot traffic made up 51% of all web traffic, the first time in a decade it has surpassed human activity online. As bots become more common and harder to tell from real users, people start to lose confidence in what they see online. READ MORE...
Widely known time-related software bugs that could cause significant disruptions when triggered in more than a decade are actually exploitable by hackers today, researchers warn. One of the bugs, known as 'The Year 2038 problem' and Y2K38, could cause computers to malfunction on January 19, 2038. The issue affects systems that use a 32-bit integer to store time as the number of seconds that have passed since the Unix epoch (January 1, 1970). READ MORE...
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote Dictionary Server) is an open-source data structure store used in approximately 75% of cloud environments, functioning like a database, cache, and message broker, and storing data in RAM for ultra-fast access. READ MORE...
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. Tracked as CVE-2025-10035, this security flaw impacts Fortra's web-based secure transfer GoAnywhere MFT tool, caused by a deserialization of untrusted data weakness in the License Servlet. This vulnerability can be exploited remotely in low-complexity attacks that don't require user interaction. READ MORE...