When Giants Stumble
The recent cyberattack on Japan’s Asahi Group Holdings has triggered a production freeze across its domestic operations, exposing once again how even industry leaders remain vulnerable. The breach forced order processing, shipping, and customer support systems offline-and no clear timeline has been communicated for a full recovery. This disruption affected iconic brands like Asahi Super […]
Harrods Suffers Data Breach
Harrods has confirmed that approximately 430,000 customer records were exposed following a breach at a third-party service provider. The compromised data includes names, contact details, postal addresses, and marketing or loyalty labels. Importantly, Harrods states that no payment information or account passwords were accessed, and its internal systems were unaffected. Why This Matters The breach […]
Cisco ASA Firewalls Targeted
Multiple zero-day vulnerabilities in Cisco ASA (Adaptive Security Appliance) firewalls are currently being exploited by a threat group known as “ArcaneDoor.” The campaign targets ASA 5500-X and FTD devices with VPN web services enabled, using flaws like CVE-2025-20333 and CVE-2025-20362 to execute arbitrary code and access restricted endpoints without authentication. Why This Matters Firewalls and […]
Apache Airflow Exposed
A significant security flaw has surfaced in Apache Airflow (version 3.0.3), exposing sensitive connection information to users with read-only permissions. This issue highlights how even low-privilege access, when combined with system weaknesses, can lead to serious exposure of internal data. What’s Going On The vulnerability allows users with restricted privileges to view confidential connection configurations, […]
XCSSET Malware Evolves
Cybersecurity researchers have uncovered a new variant of the XCSSET malware, which is actively exploiting macOS systems. This malware, known for its history of targeting Xcode developers, has evolved with enhanced capabilities, making it even more dangerous for individuals and organizations relying on macOS environments. The latest version of XCSSET leverages malicious AppleScript files to […]
ColdRiver Expands Malware
A new campaign by the threat group ColdRiver (a.k.a. Star Blizzard or SEABORGIUM) is making waves in the cybersecurity landscape. Known for spear-phishing and credential theft, the group has now expanded its toolkit with custom backdoors designed to infiltrate high-value targets. The Campaign in Focus ColdRiver’s latest activity highlights a shift from traditional credential-harvesting tactics […]
Firebase Misconfigurations
A recent investigation revealed that dozens of mobile applications are unintentionally exposing highly sensitive data because of misconfigured Firebase services. In many cases, unauthenticated attackers can reach into databases, storage buckets, Firestore collections, and Remote Config systems. Here are the key findings: Around 150 Firebase endpoints tied to popular apps were found to be publicly […]
Ransomware Attack at Airport
UK law enforcement has arrested a man in West Sussex in connection with a major ransomware attack that disrupted airports across Europe-including London Heathrow, Brussels, Dublin, and Berlin. The suspect, in his forties, was detained under the UK Computer Misuse Act and released on conditional bail. The core of the problem was a failure in […]
North Korean Cyber Attack
In a sobering reminder of how far threat actors will go, cybersecurity researchers recently uncovered a sophisticated campaign tied to North Korea in which malicious actors used fake job applications as the entry point into target networks. The ruse is clever: pose as an innocent job candidate, get your foot in the door, then quietly […]
SolarWinds & Exploited Vulnerability
SolarWinds has released a hotfix addressing a critical remote code execution (RCE) vulnerability in its Web Help Desk product, tracked as CVE-2025–26399. This flaw, with a CVSS score of 9.8, is an unauthenticated AjaxProxy deserialization vulnerability that allows attackers to execute arbitrary commands on the host machine. Notably, this issue bypasses previous patches for CVE-2024–28988 […]