Skip to content
data breach

data breach

Iranian Hacker Pleads Guilty in  Million Robbinhood Ransomware Attack on Baltimore

Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore

May 28, 2025Ravie LakshmananRansomware / Data Breach An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad (aka Sina Ghaaf),… 

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File

May 28, 2025Ravie LakshmananData Privacy / Vulnerability Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a user’s entire cloud storage content, as… 

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

May 28, 2025Ravie LakshmananIoT Security / Cryptocurrency Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks… 

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

May 28, 2025Ravie LakshmananCryptojacking / Vulnerability A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a… 

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

May 28, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month. The activity, observed by GreyNoise on May 8,…