CISA Emergency Directive Issued After F5 Source Code Theft by Nation-State Actor; Microsoft Patches Four Actively Exploited Zero-Days

Microsoft Thwarts Ransomware Campaign by Revoking 200+ Malicious Code-Signing Certificates

Microsoft has taken decisive action to disrupt a ransomware campaign by the threat group Vanilla Tempest (also known as Vice Society), which has been targeting education and healthcare. The group was using over 200 fraudulently obtained code-signing certificat...

Full Industrial Control: Two CVSS 10.0 Flaws Found in Red Lion ICS RTUs

Security researchers have discovered and disclosed two critical vulnerabilities, both rated CVSS 10.0, in Red Lion Sixnet series industrial remote terminal units (RTUs). The flaws, CVE-2023-42770 (authentication bypass) and CVE-2023-40151 (remote code executio...

New 'LinkPro' Linux Rootkit Uses eBPF and 'Magic Packets' for Ultimate Stealth

Security researchers have uncovered a sophisticated new GNU/Linux rootkit named 'LinkPro' after investigating a compromised AWS environment. The malware demonstrates advanced stealth capabilities by leveraging extended Berkeley Packet Filter (eBPF) modules to...

Vietnam Airlines Breach: 7.3M Customer Records Exposed in Salesforce Supply Chain Attack

Update:The data breach attributed to 'Scattered LAPSUS$ Hunters' has significantly expanded in scope, now explicitly confirming Qantas as a victim alongside Vietnam Airlines. The total number of affected customers has risen to approximately 13 million, comprising 7.3...

Qilin Ransomware Group Adds New Victims to Leak Site

Update:The Qilin ransomware group has significantly escalated its operations in October 2025, claiming numerous new victims across the United States, France, and Africa. This includes critical infrastructure targets like electric cooperatives, as well as healthcare a...