Security Bulletin

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attract businesses legitimate and shady.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Hackers targeting organizations's partners or contractors in hopes of obtaining credentials.

Thousands of social media ads promoted sites impersonating legitimate GenAI tools.

Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy's customer service help desk were impacted.

A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs.

The attack dirsupted MathWorks' systems and online applications, but it remains unclear which ransomware group targeted the software company and whether they stole any data.

Workflow automation is no longer a luxury—it’s a strategic imperative that empowers IT teams to scale efficiently, reduce errors, and focus on high-impact work through intuitive, AI-powered tools.

The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers focused on stealing sensitive data.