news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Middle East
- Handala
- Business Services
- Data Encrypted For Impact
- Israel
- Jobinfo
- Asia
- Shelter Locations In Israel
- Retail
- Saudi Games
- Saudi Arabia
- Cyber Fattah Team
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Government
- Kibbutz Almog
- Manufacturing
- Saban Brands Israel
- Mprest
- Digitalghost
- Evil_Byte
- The Knesset
- Gonjeshke Darande
- Nobitex
- Chemicals And Allied Products
- South-Eastern Asia
- Kimia Farma
- Indonesia
- Sentap
- exclusive
- Northern Europe
- Europe
- Sweden
- Transportation
- Scania
- Hensi
- Tbn Israel
- Media
- Weizmann Institute Of Science
- Education
- Israeli Air Force
- Resistancetrench
- Israel Antiquities Authority
- Dienet
- Wazuh
- Cve-2025-24016
- CVE-2025-24016
- United States
- Mirai
- North America
- Epsilor Electric Fuel
- Clayoxtymus1337
- Technology
- Advanced Weapons And Equipment India
- India
- Southern Asia
- Fin6
- More_Eggs
- Alex Lab
- Cryptocurrency
- Zoldyck
- Edf Energy
- Critical Infrastructures
- United Kingdom
- Ingress Tool Transfer
- Spectrum
- Unix Shell
- Amos
- Sudo And Sudo Caching
- Credentials In Files
- Disable Or Modify Tools
- Telecommunications
- Match Legitimate Name Or Location
- Spearphishing Link
- Israel Defense Forces
- Coca-Cola Europacific Partners
- Ghna
- Food And Kindred Products
- Automotive
- Locauto
- Southern Europe
- Italy
- Spain
- Whitecoat
- Mercadona
- Healthcare
- Ups
- Wow Health Solutions
- Cyprus Airways
- Rip_Real_World
- Netsupport Rat
- Tel Aviv University
- Illeak
- Desec0X
- Lucky_Gh0$T
- Yashma
- Numero
- Cyberlock
- Chaos
- Unc6032
- Deloitte
- 303
- Gucci
- Screen Capture
- Credentials From Password Stores
- Password Managers
- System Information Discovery
- Phishing
- Exfiltration Over C2 Channel
- Credentials From Web Browsers
- Data From Local System
- Windows Credential Manager
- Input Capture
- File And Directory Discovery
- Drive-By Compromise
- Virtualization/Sandbox Evasion
- Command And Scripting Interpreter
- Obfuscated Files Or Information
- User Execution
- Eddiestealer
- Australia
- Superloop
- Australia And New Zealand
- W_Tchdogs
- Lateral Tool Transfer
- Escape To Host
- Exploitation For Client Execution
- Resource Hijacking
- Smb/Windows Admin Shares
- External Remote Services
- Network Service Discovery
- Exploit Public-Facing Application
- Deploy Container
- Remote System Discovery
- Web Protocols
- Change Default File Association
- Docker
- Cameleon
- Romania
- Eastern Europe
- Venom Rat
- Financial Theft
- Bitdefender
- CVE-2023-20118
- Vicioustrap
- Eastern Asia
- Cve-2023-20118
- Macao Special Administrative Region
- Cisco
- Tetraloader
- CVE-2025-0944
- Trimble
- Cve-2025-0944
- Uat-6382
- Powershell
- Silver Fox
- Rundll32
- Masquerade Task Or Service
- Scheduled Task
- Dynamic-Link Library Injection
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- Regsvr32
- Process Discovery
- File Deletion
- China
- Valleyrat
- Malicious File
- Reflective Code Loading
- Warmcookie
- Qakbot
- Danabot
- Bumblebee
- Trickbot
- Cetus
- Purehvnc
- Bytebreaker
- Telcel
- Latin America And The Caribbean
- Mexico
- Viralgod
- Peter Green Chilled
- Cellcom
-
Jun 10, 2025
Threat Actor Claims Breach of UK-based EDF Energy
In June 2025, a threat actor named Zoldyck claimed to have breached EDF Energy Company and to have gained access to its database. According to the threat actor, over 12 million lines of data belonging to EDF's customers were taken, including sensitive information such as customer IDs, full names, dates of birth, national IDs, addresses, email addresses, phone numbers, and payment details.
-
May 26, 2025
Chinese Threat Actor UAT-6382 Exploits Vulnerability in Trimble Cityworks
A Chinese-speaking threat actor known as UAT-6382 has been linked to the exploitation of a recently patched remote-code-execution vulnerability (CVE-2025-0944) in Trimble Cityworks. This group successfully targeted enterprise networks of local governing bodies in the United States, deploying various web shells and custom malware, including Cobalt Strike and a Rust-based loader called Tetraloader, to maintain long-term access to compromised systems. The attacks began in January 2025, and the vulnerability was added to the U.S. Cybersecurity and Infrastructure Security Agency's known exploited vulnerabilities catalog in February 2025.