Aggregator

Data breach at Serviceaide, Inc., a technology vendor for Catholic Health, exposed sensitive information belonging to approximately 480,000 patients. The incident, caused by an improperly secured Elasticsearch database, left names, Social Security numbers, medical records, and login credentials publicly accessible for nearly seven weeks. While forensic analysts found no direct evidence of data misuse, the […]

The post Cyberattack on Serviceaide Compromises Data of 480,000 Catholic Health Patients appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Red Hat Enterprise Linux 10 provides a strategic and intelligent backbone for enterprise IT to navigate complexity, accelerate innovation and build a more secure computing foundation for the future. As enterprise IT grapples with the proliferation of hybrid environments and the imperative to integrate AI workloads, the need for an intelligent, resilient and durable operating system has never been greater. Red Hat Enterprise Linux 10 rises to this challenge, delivering a platform engineered for agility, … More →

The post Red Hat Enterprise Linux 10 helps mitigate future quantum-based threats appeared first on Help Net Security.

A newly identified cyberattack campaign has revealed the persistent and evolving threat of Bumblebee malware, a sophisticated downloader first discovered in 2022 and linked to ransomware groups like Conti. According to a recent report by Cyjax, threat actors have orchestrated a cunning SEO poisoning scheme targeting users of the Bing search engine. This campaign leverages […]

The post Threat Actors Deploy Bumblebee Malware via Poisoned Bing SEO Results appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

You must login to view this content

You must login to view this content

A sophisticated malware campaign leveraging search engine optimization (SEO) poisoning on Microsoft Bing has emerged, delivering the notorious Bumblebee malware to unsuspecting users. The campaign, identified in May 2025, specifically targets users searching for specialized software tools, demonstrating a concerning evolution in malware distribution tactics that exploits trusted search engine results. Bumblebee, a downloader malware […]

The post Threat Actors Deliver Bumblebee Malware Poisoning Bing SEO appeared first on Cyber Security News.

Adidas Korea has announced a security breach affecting customer data, marking the second major incident in the fashion industry targeting Korean consumers this month. The sportswear giant revealed that unauthorized access was gained through a third-party customer service provider, compromising customers’ personal information who had contacted their service centers. On May 16, Adidas disclosed on […]

The post Adidas Data Breach – Customers’ Personal Information Exposed appeared first on Cyber Security News.

CISA released thirteen Industrial Control Systems (ICS) advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-140-01 ABUP IoT Cloud Platform
• ICSA-25-140-02 National Instruments Circuit Design Suite
• ICSA-25-140-03 Danfoss AK-SM 8xxA Series
• ICSA-25-140-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products
• ICSA-25-140-05 Siemens Siveillance Video
• ICSA-25-140-06 Schneider Electric PrismaSeT Active - Wireless Panel Server
• ICSA-25-140-07 Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL
• ICSA-25-140-08 Schneider Electric Modicon Controllers
• ICSA-25-140-09 AutomationDirect MB-Gateway
• ICSA-25-140-10 Vertiv Liebert RDU101 and UNITY
• ICSA-25-140-11 Assured Telematics Inc (ATI) Fleet Management System with Geotab Integration
   
• ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B)
• ICSA-25-023-05 Schneider Electric EcoStruxure Power Build Rapsody (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

The phishing attack landscape continues to evolve in 2025, with cybercriminals using more sophisticated techniques to bypass security measures, emphasizing the need for phishing attack prevention. Phishing remains one of the most prevalent and damaging cyber threats facing organizations worldwide. In the fourth quarter of 2024 alone, nearly a million phishing attacks were observed, showing […]

The post Phishing Attack Prevention – Best Practices for 2025 appeared first on Cyber Security News.

Outpost24 announced the addition of AI-enhanced summaries to the Digital Risk Protection (DRP) modules within its External Attack Surface Management (EASM) platform. With Outpost24’s DRP modules, organizations are able to identify, monitor, and protect against threats before they can be exploited. DRP’s threat intelligence provides continuous scans for exposed credentials, brand impersonations, data leaks and more. While this is all valuable information to have, these DRP findings can be challenging and time-consuming for security teams … More →

The post Outpost24 simplifies threat analysis with AI-enhanced summaries appeared first on Help Net Security.

A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure researchers have discovered. KeeLoader: Passoword manager that acts as data stealer and malware loader In February 2025, WithSecure’s inicident responders were hired by an European IT service provider to help with response and remediation after a ransomware gang encrypted their VMware ESXi servers’ datastores. While the attack itself was relatively typical, … More →

The post Trojanized KeePass opens doors for ransomware attackers appeared first on Help Net Security.