The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. This warning was issued as a National Terrorism Advisory System bulletin on Sunday and cautions that the Iranian conflict is causing a “heightened threat environment” in the United States, with “low-level” cyberattacks targeting
Russian GRU targeting Western logistics entities and technology companies
Executive summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff
Army promises to deliver analysis on sweeping changes in 10 days
A U.S. Marine with 1st Battalion, 12th Marines, 3d Marine Division fires a joint light tactical vehicle mounted M240B machine gun while conducting a convoy movement during Spartan Fury 22.1. (Staff Sgt. Olivia G. Knapp/U.S. Marine Corps) U.S. Army Secretary Daniel Driscoll promised Congress today the service would show its homework in 10 days on
Saab taps Anduril to build rocket motors for ground-launched bomb
A Boeing-Saab ground-launched small diameter bomb is fired during a test at Andoya Test Center in Norway. (Photo courtesy of Boeing/Saab) Saab has picked emerging solid rocket motor producer Anduril Rocket Motor Systems to design and build solid rocket motors for its Ground-Launched Small Diameter Bomb, according to officials from both companies. The selection of
Malware on Google Play, Apple App Store stole your photos—and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected devices.
APT28 hackers use Signal chats to launch new malware attacks on Ukraine
The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. To be clear, this is not a security issue in Signal. Instead, threat actors are more commonly utilizing the messaging platform as part of their phishing attacks due to its
#StopRansomware: Play ransomware | Cyber.gov.au
Actions to take today to mitigate cyber threats from Play ransomware: Prioritize remediating known exploited vulnerabilities. Enable multifactor authentication (MFA) for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. Regularly patch and update software and applications to their latest versions and conduct regular vulnerability assessments. Summary Note:
Scammers impersonating the ASD’s ACSC
The ASD’s ACSC is aware of cybercriminals claiming to be us through emails and phone calls, as well as falsely claiming our endorsement of products or services. The content of the scam emails and phone calls vary, but typically ask you to give personal information (such as passwords or bank details), money or ask you
Critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products
Citrix have identified critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products (CVE-2025-5349 and CVE-2025-5777). ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Citrix Security Advisory This alert has been written primarily for; but is not limited to, business and government. This alert is intended