CyberAlerts

Description: In this week’s newsletter, Thor inspects the LockBit leak, finding $10,000 “security tips,” ransom negotiations gone wrong and a rare glimpse into the human side of cybercrime.

Source: Cisco Talos Blog

May 15th, 2025 (about 1 month ago)

Pwn2Own Berlin 2025 Kicks Off with $260,000 Awarded and a Historic AI Category Debut

Description: The first day of the inaugural Pwn2Own Berlin wrapped with $260,000 awarded to security researchers for successful zero-day exploits across Linux, Windows, virtualization software, and — for the first time in Pwn2Own history — AI systems. STAR Labs has taken an early lead in the “Master of Pwn” leaderboard, but several competitors remain in close … The post Pwn2Own Berlin 2025 Kicks Off with $260,000 Awarded and a Historic AI Category Debut appeared first on CyberInsider.

Source: CyberInsider

May 15th, 2025 (about 1 month ago)

🏴‍☠️ Stormous has just published a new victim : www.jparkislandresort.com

Description: Full reservation databases Booking platform references (including HeyTripGo) Payment Data PDF files containing credit card numbers, expiration dates, and CVV codes Scans of physical card images used in transactions Names and billing addresses linked to cards Full reports of transaction history Partner comission data and invoice logs ID Documents Guest registration forms (with physical signatures) Internal Communication Booking confirmation exchanges with platforms (HeyTripGo, Agoda, etc.) It was clearly observed that HeyTripGo.com does not encrypt or anonymize customer booking details, allowing direct exposure of Raw redit card data Customer personal details Booking references traceable to their system

Source: Ransomware.live

May 15th, 2025 (about 1 month ago)

🏴‍☠️ Qilin has just published a new victim : ITinSell group

Description: The ITinSell group is made up of several companies working hand in hand with a common objective: to collect, structure, exploit and secure data! With ITinSell Software we offer a 100% Saas platform to improve the experience and performance ...

Source: Ransomware.live

May 15th, 2025 (about 1 month ago)

🏴‍☠️ Qilin has just published a new victim : MKA Accountants: Business Advisers, Moonee Ponds VIC

Description: For over two decades, MKA Accountants has been delivering high quality accounting services to clients across a wide range of industries. We understand that each client has unique needs and challenges, which is why we take a personalised appro ...

Source: Ransomware.live

May 15th, 2025 (about 1 month ago)

🏴‍☠️ Akira has just published a new victim : Vezina Lawrence & Piscitelli

Description: Vezina, Lawrence & Piscitelli, P.A. provides legal services on be half of contractors, concessionaires and other public-private par tnership parties, design firms, sureties, and owners. We are going to upload more than 80GB of corporate data. Numerous court records, confidential settlement agreements, employee pers onal documents, lots of documents with client data, financials, N DA, etc.

Source: Ransomware.live

May 15th, 2025 (about 1 month ago)

Ban sales of gear from China’s TP-Link, Republican lawmakers tell Trump administration

Description: Senate Intelligence Committee Chairman Tom Cotton and 16 other GOP lawmakers wrote this week to Commerce Secretary Howard Lutnick, saying his department should block future sales of TP-Link’s popular small office/home office (SOHO) internet routers.

Source: The Record

May 15th, 2025 (about 1 month ago)

FBI: US officials targeted in voice deepfake attacks since April

Description: The FBI warned that cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks that started in April. [...]

Source: BleepingComputer

May 15th, 2025 (about 1 month ago)

[org.apache.iotdb:iotdb-jdbc] Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files

Description: Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and 1.3.4, which fix the issue. References https://nvd.nist.gov/vuln/detail/CVE-2025-26795 https://lists.apache.org/thread/bj0ytxr5wg0c4jw8xm7rhfd8ogho0r91 http://www.openwall.com/lists/oss-security/2025/05/14/3 https://github.com/advisories/GHSA-gp98-hfvm-2r4x

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)

May 15th, 2025 (about 1 month ago)

FTC’s Ferguson tells lawmakers agency won’t regulate AI until after problems occur

Description: His remarks echo recent comments Commissioner Melissa Holyoak made in her personal capacity during a speech at a privacy conference, but are a more significant indicator of the agency’s new position on the issue given that he was speaking to lawmakers on behalf of the agency.

Source: The Record

May 15th, 2025 (about 1 month ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Xoxo to Prague Description: In this week’s newsletter, Thor inspects the LockBit leak, finding $10,000 “security tips,” ransom negotiations gone wrong and a rare glimpse into the human side of cybercrime. Source: Cisco Talos Blog May 15th, 2025 (about 1 month ago)
	Pwn2Own Berlin 2025 Kicks Off with $260,000 Awarded and a Historic AI Category Debut Description: The first day of the inaugural Pwn2Own Berlin wrapped with $260,000 awarded to security researchers for successful zero-day exploits across Linux, Windows, virtualization software, and — for the first time in Pwn2Own history — AI systems. STAR Labs has taken an early lead in the “Master of Pwn” leaderboard, but several competitors remain in close … The post Pwn2Own Berlin 2025 Kicks Off with $260,000 Awarded and a Historic AI Category Debut appeared first on CyberInsider. Source: CyberInsider May 15th, 2025 (about 1 month ago)
	🏴‍☠️ Stormous has just published a new victim : www.jparkislandresort.com Description: Full reservation databases Booking platform references (including HeyTripGo) Payment Data PDF files containing credit card numbers, expiration dates, and CVV codes Scans of physical card images used in transactions Names and billing addresses linked to cards Full reports of transaction history Partner comission data and invoice logs ID Documents Guest registration forms (with physical signatures) Internal Communication Booking confirmation exchanges with platforms (HeyTripGo, Agoda, etc.) It was clearly observed that HeyTripGo.com does not encrypt or anonymize customer booking details, allowing direct exposure of Raw redit card data Customer personal details Booking references traceable to their system Source: Ransomware.live May 15th, 2025 (about 1 month ago)
	🏴‍☠️ Qilin has just published a new victim : ITinSell group Description: The ITinSell group is made up of several companies working hand in hand with a common objective: to collect, structure, exploit and secure data! With ITinSell Software we offer a 100% Saas platform to improve the experience and performance ... Source: Ransomware.live May 15th, 2025 (about 1 month ago)
	🏴‍☠️ Qilin has just published a new victim : MKA Accountants: Business Advisers, Moonee Ponds VIC Description: For over two decades, MKA Accountants has been delivering high quality accounting services to clients across a wide range of industries. We understand that each client has unique needs and challenges, which is why we take a personalised appro ... Source: Ransomware.live May 15th, 2025 (about 1 month ago)
	🏴‍☠️ Akira has just published a new victim : Vezina Lawrence & Piscitelli Description: Vezina, Lawrence & Piscitelli, P.A. provides legal services on be half of contractors, concessionaires and other public-private par tnership parties, design firms, sureties, and owners. We are going to upload more than 80GB of corporate data. Numerous court records, confidential settlement agreements, employee pers onal documents, lots of documents with client data, financials, N DA, etc. Source: Ransomware.live May 15th, 2025 (about 1 month ago)
	Ban sales of gear from China’s TP-Link, Republican lawmakers tell Trump administration Description: Senate Intelligence Committee Chairman Tom Cotton and 16 other GOP lawmakers wrote this week to Commerce Secretary Howard Lutnick, saying his department should block future sales of TP-Link’s popular small office/home office (SOHO) internet routers. Source: The Record May 15th, 2025 (about 1 month ago)
	FBI: US officials targeted in voice deepfake attacks since April Description: The FBI warned that cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks that started in April. [...] Source: BleepingComputer May 15th, 2025 (about 1 month ago)
	[org.apache.iotdb:iotdb-jdbc] Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files Description: Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and 1.3.4, which fix the issue. References https://nvd.nist.gov/vuln/detail/CVE-2025-26795 https://lists.apache.org/thread/bj0ytxr5wg0c4jw8xm7rhfd8ogho0r91 http://www.openwall.com/lists/oss-security/2025/05/14/3 https://github.com/advisories/GHSA-gp98-hfvm-2r4x EPSS Score: 0.04% Source: Github Advisory Database (Maven) May 15th, 2025 (about 1 month ago)
	FTC’s Ferguson tells lawmakers agency won’t regulate AI until after problems occur Description: His remarks echo recent comments Commissioner Melissa Holyoak made in her personal capacity during a speech at a privacy conference, but are a more significant indicator of the agency’s new position on the issue given that he was speaking to lawmakers on behalf of the agency. Source: The Record May 15th, 2025 (about 1 month ago)