Information Security
Emerging Threat: Fake Microsoft OAuth Apps Fuel Sophisticated Account Takeover Campaigns
Cybersecurity researchers have uncovered a coordinated campaign in which threat actors are impersonating trusted enterprises using fraudulent Microsoft OAuth applications to hijack user accounts.
ChatGPT said: Ransomware Rampage: NHS Scotland Hit, Dollar Tree Denies Link to 1.2TB Data Leak
In March 2024, INC Ransomware launched a significant attack on NHS Scotland, stealing 3 terabytes of sensitive data and threatening to publish it unless a ransom—reportedly in excess of $5 million—was paid. Known for its double-extortion tactics, INC not only encrypts victims’ data but also exfiltrates it to pressure payment.
Chinese State-Sponsored Groups Exploit SharePoint Vulnerabilities, Microsoft Urges Immediate Action
Microsoft has confirmed that several Chinese state-backed hacking groups—Linen Typhoon, Violet Typhoon, and Storm-2603—are exploiting critical vulnerabilities in on-premises SharePoint servers.
Surge in ClickFix and Emerging Threats Signal Shifting Cyberattack Landscape
Cybersecurity firm ESET has reported a startling rise in ClickFix attacks, which surged over 500% in early 2025, becoming the second most common attack method after phishing.
Widespread SharePoint Zero-Day Attacks Target Governments in Global Cyber Campaign
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770/53771 and dubbed ToolShell, has led to the compromise of 396 systems globally. The Dutch cybersecurity firm Eye Security uncovered the widespread exploitation after analyzing over 27,000 SharePoint servers between July 18 and 23.
Louis Vuitton Data Breach Exposes UK Customer Info Amid Rising Cybersecurity Concerns for LVMH
Louis Vuitton has confirmed a data breach affecting its UK customer base, marking the third cybersecurity incident linked to LVMH brands in as many months.
New SAP and Citrix Vulnerabilities Raise Data Security Concerns
Cybersecurity researchers have uncovered and detailed two vulnerabilities in SAP’s Graphical User Interface (GUI) for Windows and Java, tracked as CVE-2025-0055 and CVE-2025-0056.
141 Million Files Exposed: Lab 1 and Zscaler Reports Reveal Alarming Surge in Data Breaches and Ransomware Extortion
A recent analysis of 141 million compromised files from 1,257 breach incidents, detailed in Lab 1’s Anatomy of a Data Breach report, underscores the growing threat of data breaches in today’s digital landscape.
Ransomware Gang Threatens to Leak Lorain County Auditor’s Office Data Today
A ransomware group known as Global has threatened to release sensitive data stolen from the Lorain County Auditor’s Office unless a ransom is paid by today.
Aflac Cyberattack Highlights Growing Threat to U.S. Insurance Sector
Aflac, the largest provider of supplemental insurance in the United States, has disclosed a cyberattack that affected its systems, according to a June 12, 2025, SEC filing.
Allianz Life Data Breach Exposes Personal Information of 1.4 Million Customers
On July 16, a significant data breach compromised the personal information of the majority of Allianz Life Insurance Company of North America’s 1.4 million customers, the Minneapolis-based company confirmed.
NimDoor macOS Malware Targets Crypto Firms in Sophisticated North Korean Campaign
North Korea-aligned hackers have launched a new wave of attacks against Web3 and cryptocurrency firms using a macOS malware strain called NimDoor, according to a July 2, 2025 report by SentinelLabs.
US cops bust cryptocurrency scam that used Facebook advertisements and scam websites
Stolen cryptocurrency was sent to domain registrars as payment to create fake cryptocurrency investment domains and to Meta as payment for Facebook advertisements that promoted fraudulent cryptocurrency investment opportunities.
