Latest Internet & Cybersecurity News
Marquis Software Ransomware Breach Impacts Over 74 US Banks
On August 14, 2025, Marquis Software Solutions suffered a ransomware attack via a compromised SonicWall firewall, exposing personal and financial data for over 400,000 customers across 74 banks and credit unions, including sensitive information like Social Security numbers and dates of birth.
Inotiv Experiences Ransomware Attack Affecting 9,542 Individuals
Pharmaceutical researcher Inotiv disclosed a Qilin ransomware attack between August 5-8, 2025, affecting thousands. Over 176GB of data, including employee and family information, was stolen; the company has restored systems and is notifying affected parties.
University of Pennsylvania and University of Phoenix Breached via Oracle E-Business Suite Zero-Day
Both universities suffered data breaches in August 2025 due to exploitation of a zero-day vulnerability (CVE-2025-61882) by the Clop ransomware group, part of a wider extortion campaign targeting academic institutions and major corporations globally.
Asus Supplier Hit by Everest Ransomware, 1TB of Sensitive Camera Data Stolen
On December 2, 2025, Everest ransomware group leaked over 1TB of proprietary smartphone camera source code and internal tools from an Asus supplier, highlighting escalating supply chain cyber risks in 2025.
Cloudflare Mitigates Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet
Cloudflare successfully blocked the largest distributed denial-of-service attack ever recorded at 29.7 terabits per second, launched by the AISURU botnet, which has targeted various organizations globally throughout 2025.
Myanmar Military Shuts Down Forced-Labor Scam Center Operating Cross-Border Cyberfraud
Authorities dismantled a major scam operation linked to forced labor, involving workers from 28 countries, as part of ongoing efforts to curtail cross-border online fraud operations tied to large humanitarian concerns.
Microsoft Teams Notifications Exploited in CallBack Phishing Attacks
Threat actors have exploited Microsoft Teams notifications to conduct CallBack phishing attacks, illustrating evolving social engineering techniques targeting enterprise communication platforms.
Critical React2Shell Vulnerability Actively Exploited by China-Linked Attacks
The React2Shell flaw has been actively exploited since late 2025 in attacks attributed to China-linked groups, raising concerns over widespread vulnerabilities in widely used software frameworks.
European Commission Selects Capgemini for EU Cybersecurity Framework Implementation
Capgemini has been chosen by the European Commission's Directorate-General for Digital Services to support the EU cybersecurity framework contract, advancing regional cyber resilience initiatives.
CISA Issues Urgent Directive for D-Link Router Buffer Overflow Exploit (CVE-2022-37055)
The U.S. Cybersecurity and Infrastructure Security Agency classified a critical buffer overflow vulnerability in D-Link routers as actively exploited, mandating urgent patches and heightened defenses for federal and private sectors.