U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to undisclosed vulnerabilities in the product. It attributed the activity to a “highly sophisticated nation-state threat actor,” adding the adversary maintained long-term, persistent access to its network. The … Read more
Month: March 2025
BreachForums seized, but hackers say they will still leak Salesforce data
Law enforcement agencies in the United States and France have seized control of domains linked to the notorious BreachForums hacking forum, commonly used for the leaking of stolen data, and the sale of hacked credentials. However, observers are warning the takedown – although worthy and laudable – may be more symbolic than final, as a … Read more
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
Oct 15, 2025Ravie LakshmananVulnerability / Critical Infrastructure Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges. The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system. “The vulnerabilities … Read more
Discord users’ data stolen by hackers in third-party data breach
Discord has confirmed that users who contacted its customer support service have had their data stolen by hackers, who have attempted to extort a ransom from the company. According to the hugely popular messaging platform which has more than 200 million monthly users, the hackers breached a third-party customer service provider rather than gaining access … Read more
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program. Of the 183 vulnerabilities, … Read more
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
Oct 15, 2025Ravie LakshmananVulnerability / Server Security Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution … Read more
How Ransomware-as-a-Service is Changing Cybercrime – loopz
Ransomware-as-a-Service (RaaS) is changing cybercrime by professionalizing and scaling the deployment of ransomware, transforming it from a niche, high-skill attack into a widespread criminal industry with a franchise-like business model. This has dramatically lowered the barrier to entry, allowing less-skilled criminals to launch devastating attacks. As of September 2, 2025, the RaaS model is the … Read more
The Role of Cyber Insurance in Modern Businesses – loopz
The role of cyber insurance is to act as a financial safety net that helps a business survive the catastrophic and often unpredictable costs of a major cyberattack. As of September 2, 2025, for businesses here in Rawalpindi and across Pakistan, cyber insurance has evolved from a niche product into an essential component of a … Read more
NCSC warns companies to prepare for a day when your screens go dark
The UK’s National Cyber Security Centre warns that the country now faces four nationally significant cyberattacks every week – a 129% jump in a year. Some headlines claim the NCSC is urging organisations to “go back to pen and paper,” but the full report tells a more practical story about resilience, preparedness, and surviving a … Read more