Latest Internet & Cybersecurity News
Italy Blocks Suspected Russian Cyberattacks Ahead of Winter Olympics
Italian authorities foiled cyberattacks targeting government infrastructure, Olympic websites, and hotels in Cortina d’Ampezzo, attributed to Russia by Foreign Minister Antonio Tajani. The attacks aimed to disrupt foreign ministry systems and an embassy site in Washington, D.C.
No major disruptions occurred due to proactive defenses.
Ransomware Groups Exploit Critical VMware ESXi Flaw
CISA confirmed ransomware actors exploiting CVE-2025-22225, a high-severity VMware ESXi vulnerability with CVSS 8.2, allowing VM isolation escape and hypervisor control. Broadcom patched it in March 2025, but active attacks persist.
Organizations urged to apply updates immediately.
Incognito Dark Web Narcotics Market Operator Jailed for 30 Years
The operator of Incognito, a major dark web narcotics market, was sentenced to 30 years by Judge Colleen McMahon, calling it the most serious drug case in her career. Law enforcement seized servers for transactions, DDoS protection, and crypto payments in March 2024.
The operation made the perpetrator a global drug kingpin.
AI-Driven Phishing Surges at Unprecedented Scale
Phishing accelerated in 2025, with filters blocking one malicious email every 19 seconds, doubled from prior year, fueled by AI integration in campaigns. Reports show 105% rise in remote access tools and 204% in malware-delivering emails.
Post-delivery analysis and human validation now essential.
SQL Injection Flaw Impacts Thousands of WordPress Sites
A critical SQL injection vulnerability affects thousands of WordPress sites, enabling potential data breaches and site takeovers. Immediate patching recommended for all vulnerable plugins and themes.
No specific exploitation details yet reported.
Zendesk Abuse Fuels Global Spam Wave
Attackers exploit unsecured Zendesk support systems to send automated spam mimicking legitimate notifications, flooding user inboxes worldwide. Messages bypass filters, appearing as account activations or support alerts.
Users report hundreds of emails in short periods.
CISA Adds SolarWinds RCE to Known Exploited Vulnerabilities
CISA listed a critical SolarWinds Web Help Desk flaw allowing unauthenticated remote command execution via untrusted data handling. Active attacks confirmed, urging immediate patching.
Part of ongoing exploitation trends.
Betterment Data Breach Exposes 1.4 Million Accounts
Hackers stole personal data including emails, names, and addresses from over 1.4 million Betterment accounts in January, enabling crypto scams. Customer investment accounts reportedly unaffected.
Breach notification ongoing.
Sinobi Ransomware Hits Impressico Business Solutions
Sinobi Ransomware compromised 150 GB of data from global IT firm Impressico, including contracts, financials, and customer info, now published on dark web. Company headquartered in India with international operations.
No ransom payment details disclosed.
Russian-Linked ELECTRUM Targets Polish Power Grid
Russia-linked group ELECTRUM, overlapping with Sandworm/APT44, attacked Polish power facilities, causing loss of control and equipment damage but no outages. Disrupted communication systems at multiple sites.
Attributed to GRU military intelligence.
Notepad++ Critical Vulnerability Exploited by Nation-State Actor
NIST detailed a critical flaw in Notepad++ update component (pre-8.8.9), exploited June-November 2025 likely by nation-state actors disrupting updates. Widely used in healthcare and other sectors.
Patch applied; monitor for related threats.
New Zealand Health Portal Breach Exposes Sensitive Data
Ransom hackers accessed and downloaded documents from Manage My Health portal's My Health Documents section, threatening dark web release. Affects thousands of users in public health system.
Highlights privacy framework gaps.