December 20, 2025

Cisco Email Security Products Under Active Attack

Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances are currently being actively exploited by a China-linked advanced persistent threat (APT) group tracked as UAT-9686, with known associations to APT41 and UNC5174. Cisco’s Product Security Incident Response Team (PSIRT) identified the activity during a Technical Assistance Center (TAC) support investigation, with evidence indicating the campaign had […]
December 17, 2025

PDVSA Cyberattack Disrupts Administrative Systems, Oil Cargo Deliveries Suspended

Venezuela’s state-owned oil company, Petróleos de Venezuela S.A. (PDVSA), faced a major ransomware cyberattack detected days before December 15, 2025, severely disrupting its centralized administrative systems. Although PDVSA publicly insisted that oil production, refining, and domestic fuel distribution remained operational thanks to isolated security protocols the incident halted all oil cargo deliveries, stranding millions of barrels on tankers bound for […]
November 24, 2025

Cox Enterprises Oracle E-Business Suite Zero-Day Breach

Cl0p ransomware operators launched a targeted campaign against Cox Enterprises by exploiting a critical zero‑day vulnerability in Oracle E‑Business Suite (Oracle EBS), tracked as CVE‑2025‑61882, which allowed remote, unauthenticated access to one of the company’s most sensitive back‑office platforms. The intrusion window ran roughly between 9 and 14 August 2025 and went undetected until late September, giving attackers ample time […]
November 18, 2025

Coupang breach exposes data of over 33 million users

South Korean e‑commerce giant Coupang has disclosed a massive data breach that exposed personal information from approximately 33.7 million customer accounts, making it one of the largest cyber incidents in the country’s history. ​The exposed data includes names, email addresses, phone numbers, postal or shipping addresses, and order histories, with some reports noting leak of delivery entrance codes, raising concerns […]
November 9, 2025

Chinese Hackers Used Anthropic’s AI to Automate Cyberattacks

Anthropic, the developer of the Claude AI model, disclosed in mid-November 2025 that it disrupted the first documented large scale cyber-espionage campaign orchestrated primarily by artificial intelligence, attributed with high confidence to a Chinese state sponsored hacking group. Detected in mid-September 2025, the operation dubbed GTG-1002 involved hackers manipulating Anthropic’s Claude Code tool to automate intrusions against approximately 30 high-value […]
October 20, 2025

Microsoft pins latest GoAnywhere MFT exploitation campaign on Medusa ransomware group

Microsoft has identified a cybercriminal group tracked as Storm-1175 as responsible for actively exploiting a critical deserialization vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere Managed File Transfer (MFT) software. This vulnerability affects the License Servlet component and allows unauthenticated remote code execution (RCE) by processing attacker-controlled serialized data. The attackers leveraged this zero-day flaw to gain initial access to targeted networks by […]
October 16, 2025

US Air Force warns of SharePoint data breach

The U.S. Air Force publicly acknowledged a significant data breach involving Microsoft SharePoint, which potentially exposed sensitive personal and health information of service members. According to an official notification circulated by the Air Force Personnel Center, the breach stemmed from misconfigured SharePoint permissions, resulting in the unauthorized access to Personally Identifiable Information (PII) and Protected Health Information (PHI). To mitigate […]
October 1, 2025

Homebuyers shrug off cybersecurity risks, even as scammers target property deposits

Many home buyers remain surprisingly unconcerned about cybersecurity risks despite a rise in scammers targeting property deposits. A recent report from InfoTrack shows that around half of Australians have little to no worry about sharing personal information during property transactions, even though the average deposit is now approximately $160,000. This complacency is alarming given the increasing number of cybercriminals exploiting […]
September 29, 2025

Personal data potentially stolen in Asahi cyber-attack

Asahi Group Holdings, Japan’s largest brewer, was hit by a major ransomware attack, which forced the immediate shutdown of its domestic order placement, shipment, and customer service systems. The attack, attributed to the Russia-linked Qilin ransomware group, encrypted key IT infrastructure and disrupted nearly all digital business operations for Asahi’s beer and beverage products across Japan. As a consequence, the […]
1234567
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.