Cyber Security – Page 25 – Simply Secure Group

Hackers Using Malicious Imageless QR Codes to Render Phishing Attack Via HTML Table

A recent phishing campaign is abusing QR codes in a new way, turning simple HTML tables into working codes that redirect users to malicious sites. Instead of embedding a QR image in the email body, the attackers build the code from hundreds of tiny table cells, each styled as black or white. The result still […]

GoBruteforcer Botnet brute-forces Passwords for FTP, MySQL, and phpMyAdmin on Linux Servers

A sophisticated Go-based botnet dubbed GoBruteforcer is aggressively targeting Linux servers worldwide, brute-forcing weak passwords on internet-exposed services including FTP, MySQL, PostgreSQL, and phpMyAdmin. Check Point Research recently documented a new 2025 variant of the malware that demonstrates significant technical improvements over previous versions and has successfully compromised tens of thousands of servers. The botnet […]

Sedgwick confirms Data Breach Following TridentLocker Ransomware Gang Claim

Sedgwick has confirmed a cybersecurity incident at its government-focused subsidiary after the TridentLocker ransomware gang claimed responsibility for stealing 3.4 gigabytes of data. The breach highlights ongoing risks to federal contractors handling sensitive U.S. agency data. Claims administration giant Sedgwick acknowledged on January 4, 2026, that Sedgwick Government Solutions (SGS) experienced unauthorized access to an […]

Critical AdonisJS Vulnerability Allow Remote Attacker to Write Files On Server

A critical path traversal vulnerability in AdonisJS has been discovered that could allow remote attackers to write arbitrary files to server filesystems, potentially leading to complete system compromise. The vulnerability, tracked as CVE-2026-21440, affects the bodyparser module of the popular TypeScript-first web framework and carries a critical CVSS v4 severity rating. The security flaw resides in […]

Threat Actors Allegedly Promoting New Brutus Brute-Force Tool Targeting Fortinet Services

A threat actor operating under the moniker “RedTeam” has begun advertising a new brute-force attack tool, “Brutus,” designed to target Fortinet services, according to recent dark web intelligence. The tool is priced at $1,500, signaling growing interest in automated credential-stuffing attacks against enterprise infrastructure. Brutus is engineered to attack multiple remote access protocols, making it […]

WhatsApp Vulnerabilities Leaks Users Metadata Including Devices Operating System

WhatsApp’s multi-device encryption protocol has long leaked metadata, allowing attackers to fingerprint users’ device operating systems, aiding targeted malware delivery. Recent research highlights partial fixes by Meta, but transparency issues persist. Meta’s WhatsApp, with over 3 billion monthly active users, uses end-to-end encryption (E2EE) for message security; however, its multi-device feature reveals device information. In […]

Gmail to Discontinue POP3 Mail Fetching for External Email Accounts

Google has announced that Gmail will discontinue support for two key features regarding third-party email accounts. Starting in January 2026, the platform will drop support for “Gmailify” and the widely utilized “Check mail from other accounts” feature via POP3 fetching. For over a decade, power users have relied on Gmail not just as an email […]

Threat Actor Allegedly Claim Leak of NordVPN Salesforce Database with Source Codes

A threat actor operating under the identifier 1011 has publicly claimed to have obtained and leaked sensitive data from NordVPN’s development infrastructure on a dark web forum. The breach reportedly exposes over ten database source codes, along with critical authentication credentials that could pose significant risks to the VPN provider’s operational security. The attacker alleges […]

Infostealers Enable Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting

A dangerous cybercrime feedback loop has emerged where stolen credentials from infostealer malware enable attackers to hijack legitimate business websites and turn them into malware distribution platforms. Recent research by the Hudson Rock Threat Intelligence Team reveals this self-sustaining cycle transforms victims into unwitting accomplices. The ClickFix Attack Method Cybercriminals use a sophisticated social engineering […]

Finland Arrests Two Cargo Ship Crew Members Over Undersea Cable Damage

Finnish authorities have detained all 14 crew members of a cargo vessel suspected of deliberately damaging an undersea telecommunications cable connecting Helsinki to Estonia. The ship, named Fitburg, was sailing from St. Petersburg, Russia, to Haifa, Israel, under a St. Vincent and the Grenadines flag when the incident occurred. The crew, comprising Russian, Georgian, Kazakh, […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.