Author: Intel_0189

A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories. According to Trellix researchers, the campaign has been running since March and is ongoing, having launched at least 19 spearphishing attacks against high-value targets. Although infrastructure and techniques match the pllaybook of North Korean actor Kimsuky (APT43), there are signs that

The U.S. Department of Justice (DoJ) announced the seizure of more than $2.8 million in cryptocurrency from suspected ransomware operator Ianis Aleksandrovich Antropenko. Antropenko, indicted in Texas for computer fraud and money laundering, was linked to Zeppelin ransomware, a now-defunct extortion operation that ran between 2019 and 2022. Apart from the digital asset seizure, the authorities

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was reported responsibly to Fortinet and is now tracked as CVE-2025-52970. Fortinet released a fix on August 12. Security researcher Aviv Y named the vulnerability FortMajeure and describes

UK-based telecommunications company Colt Technology Services is dealing with a cyberattack that has caused a multi-day outage of some of the company’s operations, including hosting and porting services, Colt Online, and Voice API platforms. The British telecommunications and network services provider disclosed that the attack started on August 12 and the disruption continues as its IT staff

More than $300 million worth of cryptocurrency linked to cybercrime and fraud schemes has been frozen due to two separate initiatives involving law enforcement and private companies. One initiative is the T3+ Global Collaborator Program launched by the T3 Financial Crime Unit (T3 FCU), a joint effort deployed almost a year ago by intelligence firm TRM

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM is a central security monitoring and analytics system used for logging, network telemetry, and security incident alerts, serving as an integral part of security operation centers, where

Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks. Last month, Allianz Life disclosed that it suffered a data breach when the personal information for the “majority” of its 1.4 million customers was stolen from