Date of Incident: October 23, 2023 Overview: The Freedom Mobile Data Breach occurred on October 23, 2023, impacting the telecommunications sector. Unauthorized access led to the theft of personal information, including names, addresses, dates of birth, phone numbers, and account numbers of a limited number of customers. While there is no evidence of data misuse… Read More »Freedom Mobile Data Breach
The cybersecurity landscape during July 21-27, 2025, was dominated by widespread exploitation of Microsoft SharePoint vulnerabilities collectively known as “ToolShell,” targeting critical infrastructure worldwide. Chinese state-sponsored actors initiated sophisticated campaigns affecting over 400 organizations, including U.S. nuclear agencies. Simultaneously, ransomware operations intensified with new variants like BQTLOCK and Interlock, while threat actors deployed advanced techniques… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches July 21-27, 2025
During the week under review, threat actors shifted from high-noise ransomware campaigns to quieter, precision intrusions abusing zero-day or recently patched vulnerabilities and abusing trusted cloud or software-supply-chain services. Fortinet’s FortiWeb, Citrix NetScaler ADC/Gateway and Wing FTP Server all saw in-the-wild exploits within 72 hours of public disclosure—highlighting the narrowing window between a patch release… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches: July 09-16, 2025
On July 9, 2025, the UK’s National Crime Agency (NCA) arrested four individuals, aged 17 to 20, in connection with coordinated cyberattacks targeting UK retailers M&S, Co-op, and Harrods. The attacks are attributed to the threat actor group known as Scattered Spider and involved advanced social engineering techniques, phishing emails, and infostealer malware. Customer data… Read More »M&S, Co-op, and Harrods Cyberattacks: Mitigating Social Engineering Risks
On July 10, 2025, CISA confirmed active exploitation of a critical vulnerability in Citrix NetScaler ADC and Gateway, identified as CVE-2025-5777. The flaw, dubbed Citrix Bleed 2, allows attackers to bypass authentication in configurations using Gateway or AAA virtual servers. Following confirmation, the vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) catalog, prompting… Read More »Citrix NetScaler ADC and Gateway Vulnerability (CVE-2025-5777): Securing Remote Access Gateways