Tag: cybersecurity

A man sitting in front of three computer monitors
Security

After OFAC sanctioned 1VPNS and a cryptor supplier, enforcement shifts to VPNs and cryptors

OFAC recently designated the VPN provider 1VPNS and a cryptor supplier tied to ransomware infrastructure, signaling a tactical shift: U.S. enforcement is moving from chasing individual attackers to targeting the services that let them operate anonymously and evade detection. The specific designations and the legal reach OFAC named 1VPNS (marketed since 2014 on cybercriminal forums […]

admin 
a group of men sitting at a table with laptops
Security

GeForce NOW breach limited to Armenian partner GFN.am, not NVIDIA’s core systems

GeForce NOW breach limited to Armenian partner GFN.am, not NVIDIA’s core systems NVIDIA confirmed a data breach affecting only its Armenian GeForce NOW partner, GFN.am, and said the company’s core, globally managed systems were not compromised. The incident—dated March 20–26, 2026—exposed personal user records held by the regional operator but did not include passwords or […]

admin 
a room with computers and chairs
Security

Timeline: After the March 12 patch, Weaver E‑cology CVE‑2026‑22679 was exploited via an unauthenticated debug API — endpoint defenses stopped persistence

A critical unauthenticated RCE in Weaver E‑cology 10.0 (CVE‑2026‑22679) was actively exploited in mid‑ to late‑March 2026 after the vendor released a patch on March 12; endpoint defenses intervened and prevented persistent compromise, leaving timely patching as the primary remediation. How the March exploitation sequence unfolded The vendor released a patch on March 12, 2026; […]

admin 
a desk with several monitors
Security

April 2026: Magecart operators hide credit‑card skimmers inside 1×1 SVGs using Magento PolyShell — patches still pre-release

In early April 2026, a Magecart campaign used a tiny, deliberate evasion technique—embedding a base64 JavaScript skimmer in a 1×1 pixel SVG’s onload attribute—to harvest card data from nearly 100 Magento stores while exploiting the PolyShell vulnerability; official Adobe fixes remain in pre-release. What unfolded in early April and why the SVG matters Recommended Reading […]

admin 
Computer screen displaying lines of code
Security

March 19 patch closes CVE-2026-0740 after Feb. 10 partial fix left ~50,000 Ninja Forms File Upload installs exposed

The recent sequence of fixes for the Ninja Forms – File Upload extension matters because an incomplete February patch left thousands of WordPress sites exposed to unauthenticated remote code execution until a full remediation arrived on March 19, 2026. CVE-2026-0740 (CVSS 9.8) allows arbitrary file upload via the plugin’s handle_upload() AJAX endpoint; only version 3.3.27 […]

admin 
man in green crew neck shirt sitting on chair
AI

German authorities identify REvil and GandCrab ransomware bosses

German authorities have publicly identified Daniil Maksimovich Shchukin, a 31-year-old Russian national, as the elusive hacker known as “UNKN,” who led the GandCrab and REvil ransomware groups responsible for at least 130 attacks targeting German companies between 2019 and 2021. Alongside Shchukin, 43-year-old Anatoly Sergeevitsch Kravchuk was also named as a co-leader in these operations. […]

admin 
Team of hackers with Guy Fawkes masks coding in a dark room with computers.
Security

CVE-2025-53521: F5 BIG-IP APM reclassified as critical RCE — what distinguishes active exploitation from earlier DoS assessments

F5‘s BIG-IP Access Policy Manager vulnerability CVE-2025-53521—originally treated as a denial-of-service issue—was reclassified as an unauthenticated remote code execution (RCE) after March 2026 intelligence showed active exploitation. The change forced CISA into the Known Exploited Vulnerabilities (KEV) list and triggered federal patch mandates; organizations must treat this as an immediate compromise risk, not a mere […]

admin