A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified “large-scale exploitation” of CVE-2025-37164, a maximum-severity remote code execution bug in HPE’s data center management platform. Check Point has tied the activity to RondoDox, a Linux-based…
Terrabyte Group, a subsidiary of Terra International, has entered into a strategic partnership with Seqrite, the enterprise security arm of Quick Heal Technologies Limited. The collaboration leverages Terrabyte Group’s established market presence, regional expertise and experience in delivering enterprise-grade cybersecurity solutions across diverse Southeast Asian markets, strengthening Seqrite’s ability to address evolving cyber threats in…
Bengaluru-based Cybersecurity company CloudSEK on Tuesday said it has raised $10 million (about ₹90 crore) from Connecticut Innovations, the strategic venture capital arm of the State of Connecticut in the United States. With this investment, CloudSEK becomes the first Indian-origin cybersecurity company to receive funding from a US based back venture. CloudSEK had previously raised $19…
The Chinese-linked cyberespionage group ‘Mustang Panda’ targeted U.S. government and policy-related officials with phishing emails themed around Venezuela. The campaign, uncovered by Acronis, exploited geopolitical events to infect systems and steal data. The U.S. Department of Justice recognizes Mustang Panda as a hacker group backed by China. Chinese-linked cyberespionage group, identified as ‘Mustang Panda,’…
The exposed dataset contained numerous French records, from population registry data to car insurance information, totalling tens of millions of records. The Cybernews research team believes the database was likely compiled by malicious actors. Key takeaways: Over 45M French records were exposed in an open database likely compiled by malicious data collectors. The leaked data…
Crimson Collective claims to have stolen PII on 1M+ Brightspeed customers, including names, emails, phone numbers, and partial payment data Brightspeed has not confirmed the breach, saying it is investigating reports of a cybersecurity event The company, headquartered in Charlotte, NC, operates fiber broadband across 20 states and serves millions of premises One of the…
Meta revealed on Friday that it has signed agreements with three US nuclear energy companies as it aims to secure energy resources to power its expanding AI infrastructure. The tech giant inked agreements with retail electricity and power generation company Vistra, nuclear technology company TerraPower, and Sam Altman-backed nuclear technology startup Oklo. “Our agreements with…
Threat actors associated with the “Scattered Lapsus$ Hunters” (SLH) claim to have breached the systems of cybersecurity firm Resecurity and stolen internal data, while Resecurity says the attackers only accessed a deliberately deployed honeypot containing fake information used to monitor their activity. Today, threat actors published screenshots on Telegram of the alleged breach, claiming they stole…
For Cyberattacks, cyber criminals are increasingly leveraging artificial intelligence (AI) and machine learning (ML) to execute more advanced and sophisticated threats, amplifying the scale and impact of their attacks. As a result, the perception among many organizations is that they see the scales tipping in favor of the attackers. In fact, a recent Enterprise Strategy Group…
Attackers abused Google Cloud Application Integration to send phishing emails from legitimate Google domains Emails mimicked Google notifications, redirecting victims through trusted services Nearly 3,200 businesses targeted; most victims in U.S. manufacturing, tech, and finance sectors Over 3,000 organizations fell victim to a sophisticated phishing campaign in December 2025 that weaponized Google’s legitimate application infrastructure…
