Ahold Delhaize confirms data theft after INC ransomware claims attack

Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. “Based on our investigation to date, certain files were taken from some of our internal U.S. business systems,” a spokesperson confirmed to BleepingComputer. “Since the incident was detected, our teams have been working diligently to determine […]

Over 16,000 Fortinet devices compromised with symlink backdoor

Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. This exposure is being reported by threat monitoring platform The Shadowserver Foundation, which initially reported 14,000 devices were exposed. Today, Shadowserver’s Piotr Kijewski told BleepingComputer that the cybersecurity organization […]

Apple fixes two zero-days exploited in targeted iPhone attacks

Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an “extremely sophisticated attack” against specific targets’ iPhones. The two vulnerabilities are in CoreAudio (CVE-2025-31200) and RPAC (CVE-2025-31201), with both bugs impacting iOS, macOS, tvOS, iPadOS, and visionOS. “Apple is aware of a report that this issue may have been exploited in […]

Jira Down: Atlassian users experiencing degraded performance

Atlassian users are experiencing degraded performance amid an ‘active incident’ affecting multiple Jira products since morning hours today. Jira, Jira Service Management, Jira Work Management and Jira Product Discovery are among the impacted products. Jira is a popular project management and issue tracking software solution used by workplaces to plan, track and manage workflows, specifically among Agile software development teams. Hours-long outage, […]

Midnight Blizzard deploys new GrapeLoader malware in embassy phishing

Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. Midnight Blizzard, aka ‘Cozy Bear’ or ‘APT29,’ is a state-sponsored cyberespionage group linked to Russia’s Foreign Intelligence Service (SVR). According to Check Point Research, the new campaign introduces a previously unseen malware loader called ‘GrapeLoader,’ and a […]

Landmark Admin data breach impact now reaches 1.6 million people

Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory reporting, reinsurance support, and IT systems for major insurers nationwide like Liberty Bankers Life and American Benefit Life. […]