Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and students. The institution said the breach was limited to a single system and was detected last week. It promptly shut down the unauthorized access and notified the New South Wales Privacy Commissioner, the Australian Cyber Security Centre, and education regulators. READ MORE...
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted highly targeted phishing campaigns that masquerade as professional services firms to mislead finance teams into transferring money to fraudsters' accounts. However, unlike conventional BEC actors, Scripted Sparrow uses a structured, consistent, and disciplined approach. READ MORE...
There are cybercriminals, and then there are North Korean state-sponsored threat groups. The cybercriminal groups linked to the rogue nation continue to see tremendous success, starting 2025 with a $1.5 billion theft of Ethereum cryptocurrency from exchange ByBit in February and continuing with efforts to embed tech workers in companies and compromise software supply chains. So far this year, North Korean groups have stolen at least $2.02 billion in cryptocurrency. READ MORE...
A newly identified Android botnet has infected over 1.8 million devices and can launch massive distributed denial-of-service (DDoS) attacks, Chinese cybersecurity firm XLab warns. Dubbed Kimwolf, the botnet has proxy forwarding, reverse shell, and file management capabilities. The threat appears linked to Aisuru, the TurboMirai-class IoT botnet recently blamed for a record-breaking 29.7 Tbps DDoS attack. READ MORE...
Researchers have found an active campaign aimed at taking over WhatsApp accounts. They've called this attack GhostPairing because it tricks the victim into completing WhatsApp's own device-pairing flow, silently adding the attacker's browser as an invisible linked device on the account. Device pairing lets WhatsApp users add additional devices to their account so they can read and reply to messages from a laptop or through WhatsApp Web. READ MORE...
Motherboards from several major vendors are affected by a vulnerability that can allow a threat actor to conduct early-boot attacks. According to an advisory published on Wednesday by Carnegie Mellon University's CERT/CC, an attacker can exploit the vulnerability to access data in memory or influence the initial state of the system. The security hole could allow an attacker to obtain sensitive data and conduct pre-boot code injection. READ MORE...
SonicWall Wednesday disclosed a zero-day vulnerability impacting its SMA1000 access platform that is under active exploitation via chained attacks. CVE-2025-40602 is a medium-severity local privilege escalation vulnerability in SonicWall's SMA1000 appliance management console (AMC). The flaw, which received a 6.6 CVSS score, stems from insufficient authorization in the AMC, according to SonicWall's advisory. READ MORE...
Chinese authorities on Thursday certified the China Environment for Network Innovation (CENI), a vast research network that Beijing hopes will propel the country to the forefront of networking research. As reported in Chinese state media, tests of the network saw it shift 72 terabytes of data in 1.6 hours, across a distance of around 1,000 km between a radio telescope in Guizhou province and a university in Hubei. READ MORE...