A 36-year-old Yemeni national, who is believed to be the developer and primary operator of ‘Black Kingdom’ ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft Exchange servers. The suspect, Rami Khaled Ahmed, is accused of deploying the Black Kingdom malware on roughly 1,500 computers in the United States and abroad, … Read more
A Ukrainian national has been extradited from Spain to the United States to face charges over allegedly conducting Nefilim ransomware attacks against companies. The suspect, Artem Aleksandrovych Stryzhak, 35, was arrested in Spain in June 2024 and extradited to the U.S. on April 30, 2025. According to the U.S. Department of Justice, Stryzhak allegedly participated … Read more
Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions. The situation was acknowledged via a statement by the country’s National Cyber Security Center (NCSC), part of the Dutch Ministry of Justice. “This week, several Dutch organizations have been targeted … Read more
AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages that can steal data, plant backdoors, and carry out other nefarious actions, newly published research shows. The study, which used 16 of the most widely used large language models to … Read more
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. On Tuesday, SonicWall updated security advisories for the CVE-2023-44221 and CVE-2024-38475 security flaws to tag the two vulnerabilities as “potentially being exploited in the wild.” CVE-2023-44221 is described as a high-severity command … Read more
A set of security vulnerabilities in Apple’s AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code execution. According to cybersecurity company Oligo Security security researchers who discovered and reported the flaws, they can be exploited in zero-click and one-click RCE attacks, man-in-the-middle (MITM) attacks, … Read more
Google’s Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. These numbers are down from 97 zero-days in 2023 but up from 63 in 2022, which GTIG analysts attributed to year-to-year swings reflecting expected variation within an upward trajectory for … Read more
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks. The flaws were added yesterday to CISA’s ‘Known Exploited Vulnerabilities’ (KEV) catalog, with the Broadcom Brocade Fabric OS and Commvault flaws not previously tagged as … Read more
Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. These figures come from Cloudflare’s 2025 Q1 DDoS Report, where the company says it mitigated a total of 21.3 million DDoS attacks in 2024. However, 2025 is looking to be … Read more
Mishaal Rahman / Android Authority TL;DR Google is adding an optional Android 16 feature to disable USB data access when the phone is locked for enhanced security. This protects against attackers from using USB devices to extract data or bypass the lock screen on lost or confiscated phones. Tied to the new Advanced Protection Mode, … Read more