thecyberexpress

Mango Data Breach Exposes Limited Customer Details After Third-Party Cyberattack

Spanish fashion retailer Mango has confirmed a data breach after one of its external marketing service providers suffered unauthorized access to limited customer information. The company emphasized ...
thecyberexpress

Microsoft Disrupts Vanilla Tempest Campaign Using Fraudulent Code-Signing Certificates

Microsoft said it disrupted a high-volume campaign in October after discovering a coordinated effort by the ransomware group known as Vanilla Tempest to weaponize fraudulently signed installers that ...
thecyberexpress

Patch Tuesday October 2025: Three Zero-days Under Attack

Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional high-risk vulnerabilities. The three zero-days under attack were ...
thecyberexpress

Asahi Group Cyberattack Forces Delay in Financial Reporting

Japanese beverage and food giant Asahi Group Holdings has confirmed that a ransomware attack has disrupted its operations and may have led to a leak of personal and financial data. The Asahi Group ...
thecyberexpress

F5 Reveals Nation-State Breach as CISA Orders Agencies to Secure F5 Environments

Security and application delivery vendor F5 revealed today in an SEC filing that a nation-state threat actor had “long-term, persistent access” to some of the company’s most critical environments. The ...
thecyberexpress

Kearney Public Schools Hit by Cyberattack, Network and Phones Down Ahead of Monday Classes

Kearney Public Schools (KPS) is fighting with a cybersecurity incident that has disrupted its entire technology network, affecting phones, computers, and other digital systems across the district. The ...
thecyberexpress

Oracle Patches New E-Business Suite Flaw as CL0P Claims Harvard as Victim

Oracle rushed out a patch over the weekend for a new E-Business Suite vulnerability that can be exploited remotely without authentication. The vulnerability – CVE-2025-61884 – carries a 7.5 ...
thecyberexpress

New VMware Vulnerability CVE-2025-41244 Actively Exploited Since October 2024

A newly listed VMware zero-day vulnerability has been actively exploited by Chinese state-sponsored threat actors for almost a year, according to security researchers. The 7.8-rated local privilege ...
thecyberexpress

Teen Hacker Behind 2023 Las Vegas Casino Cyberattack Released Under Supervision

A teenager accused of helping orchestrate cyberattacks that cost Las Vegas casinos millions of dollars has been released to his parents under court-ordered supervision.
thecyberexpress

CISA Says Failure to Patch, Untested IRP, Silent EDR Alerts, Led to a Federal Agency Breach

CISA this week offered a rare window into a real-world breach at a U.S. federal civilian agency. Delays in patching, unexercised incident response plans, and inadequate monitoring of EDR alerts were ...
thecyberexpress

EDR Bypass Technique Uses Windows Functions to Put Antivirus Tools to Sleep

Endpoint detection and response (EDR) bypass and evasion tools and techniques are commonly used by threat and ransomware groups to evade security defenses to carry out their attacks. One common ...
thecyberexpress

China-linked RedNovember Campaign Shows Importance of Patching Edge Devices

A long-running threat campaign linked to a Chinese state-sponsored cyber-espionage group highlights the importance of patching and protecting edge devices and internet-facing assets. RedNovember – ...