June 2025

UK govt dept website that campaigns against encryption hijacked to advertise … payday loans

Company at center of findings blamed SEO on outsourcer A website developed for the UK Home Office's 2022 "flop" anti-encryption campaign has seemingly been hijacked to push a payday loan scheme.…

Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack

Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active…

Beware of fake SonicWall VPN app that steals users’ credentials

A good reminder not to download apps from non-vendor sites Unknown miscreants are distributing a fake SonicWall app to steal users' VPN credentials.…

The vulnerability management gap no one talks about

If an endpoint goes ping but isn't on the network, does anyone hear it? Partner content  Recently, I've been diving deep into security control data across dozens of organizations, and what I've found has been both fascinating and alarming. Most security teams I work with can rattle off…

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Russian judge lets off accused with time served – but others who refused to plead guilty face years in penal colony Four convicted members of the once-supreme ransomware operation REvil are leaving captivity after completing most of their five-year sentences.…

‘Psylo’ browser tries to obscure digital fingerprints by giving every tab its own IP address

Gotta keep 'em separated so the marketers and snoops can't come out and play Psylo, which bills itself as a new kind of private web browser, debuted last Tuesday in Apple's App Store, one day ahead of a report warning about the widespread use of browser fingerprinting for…

Typhoon-like gang slinging TLS certificate ‘signed’ by the Los Angeles Police Department

Chinese crew built 1,000+ device network that runs on home devices then targets critical infrastructure A stealthy, ongoing campaign to gain long-term access to networks bears all the markings of intrusions conducted by China’s ‘Typhoon’ crews and has infected at least 1,000 devices, primarily in the US and…

Second attack on McLaren Health Care in a year affects 743k people

Criminals targeted the hospital and physician network’s Detroit cancer clinic this time McLaren Health Care is in the process of writing to 743,131 individuals now that it fully understands the impact of its July 2024 cyberattack.…

Experts count staggering costs incurred by UK retail amid cyberattack hell

Cyber Monitoring Centre issues first severity assessment since February launch Britain's Cyber Monitoring Centre (CMC) estimates the total cost of the cyberattacks that crippled major UK retail organizations recently could be in the region of £270-440 million ($362-591 million).…

Netflix, Apple, BofA websites hijacked with fake help-desk numbers

Don’t trust mystery digits popping up in your search bar Scammers are hijacking the search results of people needing 24/7 support from Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal in an attempt to trick victims into handing over personal or financial info, according to Malwarebytes…

Copyright © 2026 Lugapel