The cybercrime group TeamPCP has added a destructive wiper component to their cloud-native attack infrastructure, specifically targeting systems in Iran based on timezone and language settings. From Data Theft to Destruction Security researcher Charlie Eriksen at Aikido discovered that TeamPCP deployed the wiper payload over the weekend, leveraging the same technical infrastructure used in their…
Microsoft Defender Experts have uncovered a sophisticated credential theft campaign orchestrated by the financially motivated threat actor Storm-2561. The campaign exploits search engine optimization (SEO) poisoning to redirect enterprise users searching for legitimate VPN software to malicious websites that distribute trojanized VPN clients. How the Attack Works Active since May 2025, Storm-2561 targets users searching…
Cybersecurity researchers at Noma Labs have disclosed details of a critical vulnerability in Ask Gordon, Docker’s AI assistant integrated into Docker Desktop and the Docker CLI. The flaw, codenamed DockerDash, could have been exploited to execute arbitrary code and exfiltrate sensitive data from compromised environments. Docker addressed the vulnerability in version 4.50.0, released in November…
Read Article NoName ransomware group has allegedly targeted multiple Ukrainian government websites. The latest victims of the alleged NoName ransomware attack on Ukraine include Accordbank, Zaporizhzhya Titanium-Magnesium Plant, State Tax Service, Central Interregional Tax Administration, Western Interregional Tax Administration, and the Main Directorate of the State Tax Service in Kyiv. The Cyber Express tried to…
