December 20, 2025

Cisco Email Security Products Under Active Attack

Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances are currently being actively exploited by a China-linked advanced persistent threat (APT) group tracked as UAT-9686, with known associations to APT41 and UNC5174. Cisco’s Product Security Incident Response Team (PSIRT) identified the activity during a Technical Assistance Center (TAC) support investigation, with evidence indicating the campaign had […]
December 10, 2025

Kimwolf Botnet Hijacks 1.8 million Android TVs, Launches Large Scale DDoS Attacks

Kimwolf botnet has infected over 1.8 million Android devices worldwide, primarily targeting smart TVs, set-top boxes, and tablets like TV BOX, SuperBOX, X96Q, and MX10, turning them into a massive army for DDoS attacks. Discovered by QiAnXin XLab on October 24, 2025, via a suspicious malware sample, the botnet’s command and control (C2) domain 14emeliaterracewestroxburyma02132.su briefly topped Cloudflare’s global rankings, […]
November 30, 2025

Spyware targeting messaging apps announced by CISA

CISA issued an urgent alert on November 24, 2025, warning of multiple cyber threat actors actively using commercial spyware to target users of popular mobile messaging apps like Signal, WhatsApp, and Telegram. These actors employ sophisticated social engineering and targeting techniques, such as malicious QR codes for device pairing, zero-click exploits that infect devices silently without user interaction, and fake […]
November 24, 2025

Cox Enterprises Oracle E-Business Suite Zero-Day Breach

Cl0p ransomware operators launched a targeted campaign against Cox Enterprises by exploiting a critical zero‑day vulnerability in Oracle E‑Business Suite (Oracle EBS), tracked as CVE‑2025‑61882, which allowed remote, unauthenticated access to one of the company’s most sensitive back‑office platforms. The intrusion window ran roughly between 9 and 14 August 2025 and went undetected until late September, giving attackers ample time […]
November 18, 2025

Coupang breach exposes data of over 33 million users

South Korean e‑commerce giant Coupang has disclosed a massive data breach that exposed personal information from approximately 33.7 million customer accounts, making it one of the largest cyber incidents in the country’s history. ​The exposed data includes names, email addresses, phone numbers, postal or shipping addresses, and order histories, with some reports noting leak of delivery entrance codes, raising concerns […]
November 10, 2025

Critical vulnerability found in 7-Zip archiving tool

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-11001 (CVSS 7.0), was disclosed in the popular open-source 7-Zip archiving tool, affecting all versions before 25.00 released in July 2025. The flaw stems from improper handling of symbolic links in ZIP archives, enabling attackers to craft malicious files that allow directory traversal outside the intended extraction folder. When a user […]
October 20, 2025

Microsoft pins latest GoAnywhere MFT exploitation campaign on Medusa ransomware group

Microsoft has identified a cybercriminal group tracked as Storm-1175 as responsible for actively exploiting a critical deserialization vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere Managed File Transfer (MFT) software. This vulnerability affects the License Servlet component and allows unauthenticated remote code execution (RCE) by processing attacker-controlled serialized data. The attackers leveraged this zero-day flaw to gain initial access to targeted networks by […]
October 10, 2025

Western Sydney University warns of scam emails revoking degrees

Western Sydney University warned students and alumni about a sophisticated scam involving fraudulent emails falsely claiming that recipients’ academic degrees had been revoked and that they were permanently excluded from the university. These emails, which appeared very official and included students’ full names and ID numbers, caused significant alarm among recipients. WSU confirmed the emails were fake, not issued by […]
October 1, 2025

Homebuyers shrug off cybersecurity risks, even as scammers target property deposits

Many home buyers remain surprisingly unconcerned about cybersecurity risks despite a rise in scammers targeting property deposits. A recent report from InfoTrack shows that around half of Australians have little to no worry about sharing personal information during property transactions, even though the average deposit is now approximately $160,000. This complacency is alarming given the increasing number of cybercriminals exploiting […]
12345678910111213141516171819202122
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.