April 5, 2025

 Massive Cyber-Attack Halts Marks & Spencer Operations

Marks & Spencer experienced a massive cyberattack that completely halted its online operations, including website and app transaction processing. While customers could still browse products, all new orders were suspended as a precautionary measure stores remained open for in-person shopping.The breach, which began during the Easter weekend, also disrupted click-and-collect services, contactless payments, and other in-store functionalities. M&S relied on […]
March 30, 2025

Cyber Attack Disrupts Ukrainian Railway’s Online Services

Ukrainian state railway operator Ukrzaliznytsia was formally and definitively attacked by a large-scale, multi-layered cyberattack that disrupted its online services, particularly the mobile app and website used for ticket purchases. Despite this, train schedules remained unaffected, and all physical train operations continued uninterrupted. As a result of the attack, significant queues formed at Kyiv’s central railway station and other major […]
March 28, 2025

Massive Supply Chain Attack on GitHub Actions

A major supply chain attack targeted GitHub Actions, one of the most widely used automation platforms in modern software development. The incident involved the compromise of the popular open-source Action tj-actions/changed-files, which had been adopted in more than 23,000 repositories. Researchers discovered that malicious code had been injected into the Action, enabling the exfiltration of sensitive secrets such as API […]
March 25, 2025

Alarming Emergence of Fake Banking App Targeting Android Users via Telegram

Cybersecurity researchers discovered a troubling surge in cyberattacks involving a fake banking app specifically crafted to target Android users using Telegram as the primary distribution channel. The fake app was engineered to closely mimic authentic banking apps, meticulously replicating user interface elements and official logos to instill false trust among unsuspecting users. The app was disseminated through Telegram groups and […]
March 5, 2025

Oracle Cloud Breach 6 Million Records Exposed

A major breach targeted Oracle Cloud in March 2025, with the threat actor “rose87168” claiming to have stolen 6 million records containing sensitive credentials, including SSO passwords and Java KeyStore files, impacting over 140,000 tenant organizations worldwide. The attacker attempted to extort Oracle, demanding $20 million in exchange for technical information. Oracle initially denied the breach but later began notifying […]
February 22, 2025

Countermeasures Against DDoS Attacks NISC

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) took a significant step to bolster global cybersecurity defenses against Distributed Denial-of-Service (DDoS) attacks, particularly those targeting edge devices. Collaborating with international partners, NISC co-published a comprehensive document titled “Mitigation Strategies for Edge Devices,” originally authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).This joint advisory, […]
February 10, 2025

Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack

The government of Kazakhstan announced a comprehensive audit of its Ministry of Foreign Affairs in response to a significant cybersecurity breach believed to be orchestrated by Russia-linked threat actors. The cyberattack, which reportedly targeted internal communications and sensitive diplomatic data, raised immediate concerns regarding national security and the integrity of Kazakhstan’s foreign policy apparatus.According to official statements released by the […]
February 4, 2025

DeepSeek AI tools impersonated by infostealer malware on PyPI

Cybersecurity researchers identified that threat actors had uploaded multiple packages impersonating legitimate tools developed by DeepSeek, a prominent company known for its advanced artificial intelligence models. The malicious packages were crafted to closely resemble genuine DeepSeek AI utilities, leveraging nearly identical names and descriptions. Unsuspecting developers who installed these packages unknowingly activated a stealthy infostealer malware designed to harvest sensitive […]
February 2, 2025

Casio UK online store hacked to steal customer credit cards

Casio Computer Co., Ltd., a globally recognized manufacturer of electronic products, confirmed that its UK online store was the target of a sophisticated cyberattack aimed at stealing customer payment information. The breach, which specifically affected the e-commerce segment of Casio’s UK operations, raised serious concerns about the security of online retail platforms and the safety of consumer financial data.According to […]
Prev page
123456789101112131415161718192021222324252627282930313233343536373839404142
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.