Car giant Stellantis is admitting that attackers targeted one of its third-party partners, spilling its own customers' details in the process. The automaker - which owns brands including Chrysler, Jeep, and Peugeot - confirmed the data leak to Reuters. The break-in exposed customer data, which Stellantis says was limited to names and email addresses, with no financial or sensitive information affected. READ MORE...
The cybersecurity incident impacting Collins Aerospace, which led to disruptions at several major airports across Europe, was the result of a ransomware attack, according to the EU cybersecurity agency ENISA. ENISA said the type of ransomware involved in the attack has been identified and law enforcement is conducting an investigation, but the agency did not share further information. The cyberattack hit services provided by US-based Collins Aerospace, which is owned by RTX (formerly Raytheon). READ MORE...
The FBI on Friday issued an alert on threat actors spoofing the official Internet Crime Complaint Center (IC3) government website. The FBI's IC3 website is the central hub for reporting cybercrime-related activities, such as online extortion, hacking, identity theft, money laundering, and ransomware attacks. Launched in 2000 as the Internet Fraud Complaint Center (IFCC), it was renamed in 2003. Spoofed websites can be used for the theft of personal information and to facilitate monetary fraud. READ MORE...
Fortra has released security updates for a maximum severity vulnerability found in GoAnywhere Managed File Transfer's (MFT) License Servlet. It carries the highest possible CVSS score of 10 out of 10. If exploited, the vulnerability (CVE-2025-10035) could allow a threat actor "with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection," according to Fortra's advisory. READ MORE...