Stay updated with the latest in cybersecurity threats, data privacy, and digital marketing trends. CyberPulse delivers breaking stories, expert analysis, and insights for today’s digital professionals
Microsoft's March 2025 Patch Tuesday has addressed a total of 57 vulnerabilities, including six critical zero-day flaws that are actively exploited. The vulnerabilities have been categorized with 23 related to remote code execution, indicating a significant risk to systems.
DollyWay is a long-running malware campaign that has compromised over 20,000 WordPress sites globally. The operation primarily targets WordPress sites, using a sophisticated approach to maintain control and inject malware. The malware redirects visitors to scam pages via traffic broker networks.
About 200 U.S. businesses were impacted by a significant ransomware attack linked to the REvil ransomware gang. The attack targeted Kaseya, a Florida-based IT firm, which then spread through corporate networks utilizing its software. Kaseya acknowledged the incident in a statement and indicated that it was investigating a "potential attack." The U.S. Cybersecurity and Infrastructure Agency (CISA) is actively addressing the situation, providing guidance for affected organizations CISA statement.
Beware of a new PayPal invoice scam that uses old tricks to bypass email security. As Google rolls out AI-powered protections to aid Android users, scammers are reverting to methods that exploit email vulnerabilities.
AWS prioritizes the confidentiality, integrity, and authenticity of customer data through cryptographic security. Current public-key cryptographic schemes rely on mathematical problems; however, the advent of quantum computing poses a threat to these systems. AWS is proactively preparing for a post-quantum world by investing in quantum-resistant cryptographic methods. The AWS team is engaged in developing and testing new cryptographic systems, focusing on post-quantum key agreement and signature schemes to safeguard customer data.
Some HomeTeamNS servers were compromised by a ransomware attack, as reported on March 3. The incident was discovered on February 25, impacting servers that stored data of current and former employees, alongside vehicle details of members and affiliate members.
Stolen passwords and 2FA codes are critical factors in ransomware attacks. Google has warned that cybercrime is becoming a national security threat, evidenced by ongoing chaos from ransomware gangs. The leak of private internal chat logs from the Black Basta crime group has provided insight into their operations. Threat intelligence analysts, such as Alexander Martin from Recorded Future News, note that several members of Black Basta were previously involved in the Conti and Ryuk ransomware schemes.
Meerah Rajavel, the chief information officer of Palo Alto Networks, has expressed concerns regarding the rapid development of generative AI technologies by major companies, including OpenAI, Anthropic, and Google. She highlighted that the speed at which these technologies are being deployed is compromising safety and increasing risks for businesses and individuals.
Between early November and December 2024, Palo Alto Networks researchers discovered a new Linux malware called Auto-color. This malware employs several advanced evasion tactics to avoid detection, including the use of benign-looking file names and hiding its command and control (C2) connections.