Hawaiian Airlines, the tenth-largest commercial airline in the United States, is investigating a cyberattack that has disrupted access to some of its systems. With over 7,000 employees, 235 average daily flights, and a fleet of over 60 airplanes, Hawaiian Airlines connects Hawai'i with 15 U.S. mainland cities and 10 other destinations across Asia and the Pacific. The airline stated in a statement issued on Thursday morning that the incident didn't affect flight safety. READ MORE...
One of the most notorious figures in the cybercriminal underworld has been apprehended by authorities. The US Department of Justice (DOJ) yesterday charged Kai West with various hacking crimes as the alleged operator of the "IntelBroker" online persona. West, a British national, was arrested by authorities in France in February and is awaiting extradition to the US. IntelBroker is a highly active cybercriminal persona connected to an assortment of high-profile breaches and cyberattacks in recent years. READ MORE...
Ahold Delhaize, one of the world's largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems. The multinational retailer and wholesale company operates over 9,400 local stores across Europe, the United States, and Indonesia, employing more than 393,000 people and serving approximately 60 million customers each week in-store and online. READ MORE...
A pro-Iranian hacktivist group known as Cyber Fattah leaked thousands of records containing information about visitors and athletes from past Saudi Games events. Saudi Games are an annual sporting event, held since 2022, that takes place in the Kingdom of Saudi Arabia. More than 6,000 athletes participate in the tournament, which features 53 different sports. According to cybersecurity firm Resecurity, the breach was announced via Telegram on June 22 in the form of SQL dumps. READ MORE...
Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems. Tracked as CVE-2025-20281 and CVE-2025-20282, Cisco assigned them both maximum 10/10 severity ratings, although the former was reduced to 9.8 by the National Vulnerability Database. Both bugs affect Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector, allowing attackers to execute code on the underlying OS as root. READ MORE...
SafePay is a relatively new ransomware threat that was first observed around September 2024. Like other ransomware, SafePay encrypts victims' files so they cannot be accessed, and then demands the payment of a cryptocurrency ransom for their recovery. As part of a "double extortion" tactic, the hackers behind SafePay also steal data from affected organisations and threaten to publish it on their dark web leak site if a ransom is not paid. READ MORE...
A vulnerability in Open VSX could have allowed attackers to take over the marketplace and tamper with any repository, Koi Security reports. An open source extension marketplace hosted by the Eclipse Foundation, Open VSX is an alternative to Microsoft's Visual Studio Code marketplace, allowing the community to publish VS Code projects for others to consume. Open VSX allows developers to upload extensions by themselves, or to submit them for auto-publishing through pull requests. READ MORE...
The recently patched Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025-5777 may be exploited in the wild, based on evidence uncovered by cybersecurity firm ReliaQuest. Citrix informed customers about CVE-2025-5777 in an advisory published on June 17, saying that this critical vulnerability affecting NetScaler ADC and NetScaler Gateway could lead, in certain cases, to a memory overread. READ MORE...
Hackers are exploiting a maximum-severity vulnerability that has the potential to give them complete control over thousands of servers, many of which handle mission-critical tasks inside data centers, the US Cybersecurity and Infrastructure Security Agency is warning. The vulnerability resides in the AMI MegaRAC, a widely used firmware package that allows large fleets of servers to be remotely accessed and managed even when power is unavailable or the operating system isn't functioning. READ MORE...