Collaborate Disseminate
Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover. Continue reading Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems
China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google’s Mandiant reports. Continue reading China-Linked Hackers Hit US Tech Firms with BRICKSTORM Malware
Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers. Continue reading ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service
The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’… Continue reading FBI Warns of Fake IC3 Websites Designed to Steal Personal Data
New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data. Continue reading Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General’s office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens. Continue reading Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office
A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker. Continue reading Fake Ukrainian Police Emails Spread New CountLoader Malware Loader
Radware researchers revealed a service-side flaw in OpenAI’s ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed. Continue reading ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent
The UK’s spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security. Continue reading MI6 Opens Dark Web Portal “Silent Courier” for Russians to Share Secrets
New investigation exposes a China-based ring that sold over 6,500 fake United States and Canadian IDs using well-planned covert packaging. Learn how this operation threatens national security and enables financial crime. Continue reading Chinese Network Selling Thousands of Fake US and Canadian IDs