Published on: 2025-06-04 23:09:19
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. The write-up by Horizon3 researchers does not contain a 'ready-to-run' proof of concept RCE exploit script, but it does provide enough information for a skilled attacker or even an LLM to fill in the missing pieces. Given the immediate risk of weaponization and widespread use in attacks, it is recommended th
Keywords: attacker file flaw horizon3 upload
Find related items on AmazonPublished on: 2025-06-06 03:11:07
Marks & Spencer has warned that its online services will continue to be disrupted until July following last month's cyberattack. Shoppers have not been able to place orders on the M&S website or app since 25 April, and it had been unclear when online orders would resume. Today, as part of the retailer’s financial results that confirmed an estimated £300 million hit to its 2025/26 operating profit as a result of the attack, M&S revealed that customers would not be able to order via its website
Keywords: business customers cyberattack online orders
Find related items on AmazonPublished on: 2025-06-07 20:08:00
Your Asus Wi-Fi router may have been hacked, according to a new blog post from the cybersecurity firm GreyNoise. As of Tuesday, over 9,000 Asus routers have been confirmed compromised in what the firm characterizes as an “ongoing exploitation campaign.” GreyNoise has been tracking the attack since March 17. In the months since, they’ve seen only 30 requests related to the attack, which indicates how quietly the campaign is operating. The attackers have maintained access to affected routers eve
Keywords: asus attack firmware router ssh
Find related items on AmazonPublished on: 2025-06-09 05:02:12
Today’s threat landscape, attack surfaces are expanding faster than most security teams can track. Every new cloud asset, exposed API, forgotten subdomain, or misconfigured service becomes an opportunity for an attacker to exploit. Modern threat actors are leveraging Attack Surface Management (ASM) to map out your digital footprint before you even realize what’s exposed. Through automated reconnaissance, asset discovery tools, and open-source intelligence, they’re thinking like red teamers, act
Keywords: asm attack attacker sprocket surface
Find related items on AmazonPublished on: 2025-06-12 17:44:15
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers' systems. Sophos was brought in to investigate the attack and believe the threat actors exploited a chain of older SimpleHelp vulnerabilities tracked as CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726 to breach the system. SimpleHelp is a commercial remote support and access t
Keywords: actors attacks dragonforce ransomware simplehelp
Find related items on AmazonPublished on: 2025-06-14 01:37:25
MathWorks, a leading developer of mathematical computing and simulation software, has revealed that a recent ransomware attack is behind an ongoing service outage. Headquartered in Natick, Massachusetts, and founded in 1984, MathWorks now has over 6,500 employees in 34 offices worldwide. MathWorks develops the MATLAB numeric computing platform and the Simulink simulation, which are used by over 100,000 organizations and over 5 million customers. "MathWorks experienced a ransomware attack. We h
Keywords: attack incident mathworks online ransomware
Find related items on AmazonPublished on: 2025-06-16 18:13:07
Indian IT giant investigates link to M&S cyber-attack 4 hours ago Share Save Graham Fraser Technology Reporter Share Save Getty Images An Indian IT company is conducting an internal investigation to determine whether it was the gateway for the cyber-attack on Marks & Spencer, BBC News understands. Tata Consultancy Services (TCS) has provided services to M&S for more than a decade. Earlier this week, M&S said the hackers who had brought huge disruption to the retailer had managed to gain acces
Keywords: attack cyber investigation said services
Find related items on AmazonPublished on: 2025-06-17 09:13:07
Indian IT giant investigates M&S cyber attack link 48 minutes ago Share Save Graham Fraser Technology Reporter Share Save Getty Images An Indian IT company is conducting an internal investigation to determine whether it was the gateway for the cyber attack on Marks & Spencer, BBC News understands. Tata Consultancy Services (TCS) has provided services to M&S for more than a decade. Earlier this week, M&S said the hackers who have brought huge disruption to the retailer managed to gain access t
Keywords: attack cyber investigation said services
Find related items on AmazonPublished on: 2025-06-17 15:46:22
The decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned. The project also announced a $5 million bounty to anyone providing relevant information leading to the identification and arrest of the attacker. Cetus Protocol is a decentralized exchange (DEX) and liquidity protocol operating on the Sui and Aptos blockchains. It employs a Concentrated Liquidity Market Maker (CL
Keywords: attacker cetus hacker million protocol
Find related items on AmazonPublished on: 2025-06-18 01:26:44
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks. Also known as Luna Moth, Chatty Spider, and UNC3753, this threat group has been active since 2022 and was also behind BazarCall campaigns that provided initial access to corporate networks for Ryuk and Conti ransomware attacks. In March 2022, following Conti's shutdown, the threat actors separated from the cybercri
Keywords: access attacks group ransom srg
Find related items on AmazonPublished on: 2025-06-19 17:15:27
Researchers have found malicious software that received more than 6,000 downloads from the NPM repository over a two-year span, in yet another discovery showing the hidden threats users of such open source archives face. Eight packages using names that closely mimicked those of widely used legitimate packages contained destructive payloads designed to corrupt or delete important data and crash systems, Kush Pandya, a researcher at security firm Socket, reported Thursday. The packages have been
Keywords: attack data diversity downloads packages
Find related items on AmazonPublished on: 2025-06-20 05:00:03
A consortium of global law enforcement agencies and tech companies announced on Wednesday that they have disrupted the infostealer malware known as Lumma. One of the most popular infostealers worldwide, Lumma has been used by hundreds of what Microsoft calls “cyber threat actors” to steal passwords, credit card and banking information, and cryptocurrency wallet details. The tool, which officials say is developed in Russia, has provided cybercriminals with the information and credentials they nee
Keywords: attacks infrastructure lumma malware microsoft
Find related items on AmazonPublished on: 2025-06-21 04:18:18
Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems. Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed. Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-W
Keywords: 10 access attackers critical versa
Find related items on AmazonPublished on: 2025-06-21 06:43:02
M&S website back online, allowing users to browse 1 hour ago Share Save Hafsa Khalil & Annabelle Liang BBC News Share Save In Pictures via Getty Images The Marks & Spencer website is back online after leaving users unable to browse for several hours. Customers have been unable to make online orders for weeks as the retailer deals with the aftermath of a cyber-attack, but on Wednesday evening the website went down completely. A message read: "Sorry you can't browse the site currently. We're ma
Keywords: attack cyber online said website
Find related items on AmazonPublished on: 2025-06-22 09:27:21
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems. This tactic was previously linked to the Black Basta ransomware gang and later observed in FIN7 attacks, but its effectiveness has driven a wider adoption. Sophos reports seeing at least 55 attacks leveraging this technique between November 2024 and January 2025, linked to two distinct th
Keywords: 3am attacks email ransomware sophos
Find related items on AmazonPublished on: 2025-06-23 02:55:44
M&S cyber-attack disruption to last until July 3 hours ago Share Save Lucy Hooker Business reporter, BBC News Share Save Getty Images Marks & Spencer has said its online services will continue to be disrupted until July following last month's cyber-attack on the retailer. Customers have been unable to order online for almost a month, but can expect to see a gradual return to normal. "We expect online disruption to continue throughout June and into July as we restart, then ramp up operations,"
Keywords: attack cyber machin online said
Find related items on AmazonPublished on: 2025-06-23 14:45:08
Kettering Health, a healthcare network that operates 14 medical centers in Ohio, was forced to cancel inpatient and outpatient procedures following a cyberattack that caused a system-wide technology outage. The nonprofit organization also manages emergency centers and over 120 outpatient facilities across western Ohio, and it employs over 15,000 people, including more than 1,800 physicians. In a statement published on its website, Kettering Health confirmed that a cybersecurity attack is behin
Keywords: attack health kettering outage ransomware
Find related items on AmazonPublished on: 2025-06-23 17:49:56
Police investigation into UK retail hacks focuses on English-speaking youths 11 minutes ago Share Save Joe Tidy Cyber correspondent, BBC World Service Share Save Getty Images Detectives investigating cyber attacks on UK retailers are focussing on a notorious cluster of cyber criminals known to be young English-speakers, some of them teenagers, police have revealed. For weeks speculation has mounted that disruptive attacks on M&S, Co-op, Harrods and some US retailers could be the work of a hac
Keywords: attacks cyber nca scattered spider
Find related items on AmazonPublished on: 2025-06-24 01:30:30
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace. For reference, the
Keywords: aisuru attack botnet ddos forky
Find related items on AmazonPublished on: 2025-06-24 09:46:18
A critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers to hijack administrator accounts and take complete control of websites. Developed by StylemixThemes, Motors is one of the top-selling automotive themes for the WordPress platform. It is very popular among automotive businesses such as car dealerships, rental services, and used vehicle listing platforms. It has over 22,300 sales on the Envato market, wi
Keywords: 2025 attackers motors theme wordpress
Find related items on AmazonPublished on: 2025-06-24 08:50:18
Cyber-attack threat keeps me awake at night, bank boss says 5 hours ago Share Save Graham Fraser & Kevin Peachey Technology reporter & Cost of living correspondent Share Save Getty Images Ian Stuart said the HSBC banking group is spending hundreds of millions of pounds on its IT systems The boss of one of the UK's biggest banks has said the threat of cyber-attacks "keeps me awake at night". Ian Stuart, the CEO of HSBC UK, said cyber-security was "top of the agenda" for his banking group, and
Keywords: attacks cyber said stuart uk
Find related items on AmazonPublished on: 2025-06-25 13:01:15
Cyber attack threat keeps me awake at night, bank boss says 1 hour ago Share Save Graham Fraser & Kevin Peachey Technology reporter & Cost of living correspondent Share Save Getty Images Ian Stuart said the HSBC banking group is spending hundreds of millions of pounds on its IT systems The boss of one of the UK's biggest banks has said the threat of cyber attacks "keeps me awake at night". Ian Stuart, the CEO of HSBC UK, said cyber security was "top of the agenda" for his banking group, and d
Keywords: attacks cyber said stuart uk
Find related items on AmazonPublished on: 2025-06-27 01:53:27
Arla Foods has confirmed to BleepingComputer that it was targeted by a cyberattack that has disrupted its production operations. The Danish food giant clarified that the attack only affected its production unit in Upahl, Germany, though it expects this will result in product delivery delays or even cancellations. "We can confirm that we have identified suspicious activity at our dairy site in Upahl that impacted the local IT network," stated an Arla spokesperson. "Due to the safety measures i
Keywords: affected arla attack operations production
Find related items on AmazonPublished on: 2025-06-28 01:26:43
The inside story of a council held to ransom in cyber-attack 7 hours ago Share Save BBC England Investigations Share Save BBC A virus hidden in an email attachment spread though Redcar and Cleveland's computer network In the early hours an IT engineer raced into work through the dark, wintery streets of Redcar in north-east England. The dash was prompted by a worrying alert about the council's computer network, and he was soon hurriedly shutting down servers to try to halt the spread of a vir
Keywords: attack council cyber said services
Find related items on AmazonPublished on: 2025-06-29 17:13:19
On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. Solidlab security researcher Vsevolod Kokorin discovered the flaw (CVE-2025-4664) and shared technical details online on May 5th. Google released security updates to patch it on Wednesday. As Kokorin explained, the vulnerability is due to insufficient policy enforcement in Google Chrome's Loader component, and successful exploitation
Keywords: attacks chrome day exploited google
Find related items on AmazonPublished on: 2025-07-02 05:45:26
A Coinbase hack has seen some customers tricked into sending funds to the attackers, with the company estimating that they suffered losses of somewhere between $180M and $400M. The attackers also stole personal data, after Coinbase refused to pay a ransom demand – instead reporting the hack to law enforcement, and offering a $20M reward for information on the perpetrators … Reuters reports that the crypto company’s shares fell following the disclosure. Coinbase forecast a hit between $180 mil
Keywords: attackers coinbase customers instead pay
Find related items on AmazonPublished on: 2025-07-02 02:25:06
'They yanked their own plug': How Co-op averted an even worse cyber attack 13 hours ago Share Save Joe Tidy Cyber correspondent, BBC World Service Share Save EPA Co-op narrowly averted being locked out of its computer systems during the cyber attack that saw customer data stolen and store shelves left bare, the hackers who claim responsibility have told the BBC. The revelation could help explain why Co-op has started to recover more quickly than fellow retailer M&S, which had its systems more
Keywords: attack bbc cyber op ransomware
Find related items on AmazonPublished on: 2025-07-02 12:25:06
Co-op narrowly avoided an even worse cyber attack, BBC learns 5 hours ago Share Save Joe Tidy Cyber reporter Share Save Getty Images Co-op narrowly averted being locked out of its computer systems during the cyber attack that saw customer data stolen and store shelves left bare, the hackers who claim responsibility have told the BBC. The revelation could help explain why Co-op has started to recover more quickly than fellow retailer M&S, which had its systems more comprehensively compromised,
Keywords: attack bbc cyber op ransomware
Find related items on AmazonPublished on: 2025-07-03 09:38:53
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. "The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider," John Hultquist, Chief Analyst at Google Threat Intelligence Group, told BleepingComputer. "The actor, which has reportedly targeted retail in the UK following a long hia
Keywords: actors attacks scattered spider threat
Find related items on AmazonPublished on: 2025-07-04 23:14:20
Co-op says shelves to be more fully stocked this weekend 48 minutes ago Share Save Lucy Hooker & Imran Rahman-Jones Business & technology reporters Share Save BBC Shoppers have found some empty shelves over the past few weeks Co-op customers should see stocks on shelves start to return to more normal levels this weekend, the company said, after it announced it was switching its online ordering system for suppliers back on after a cyber-attack. The hack resulted in payment problems, widespread
Keywords: attack online op shelves suppliers
Find related items on AmazonGo K’awiil is a project by nerdhub.co that curates technology news from a variety of trusted sources. We built this site because, although news aggregation is incredibly useful, many platforms are cluttered with intrusive ads and heavy JavaScript that can make mobile browsing a hassle. By hand-selecting our favorite tech news outlets, we’ve created a cleaner, more mobile-friendly experience.
Your privacy is important to us. Go K’awiil does not use analytics tools such as Facebook Pixel or Google Analytics. The only tracking occurs through affiliate links to amazon.com, which are tagged with our Amazon affiliate code, helping us earn a small commission.
We are not currently offering ad space. However, if you’re interested in advertising with us, please get in touch at [email protected] and we’ll be happy to review your submission.