thecyberexpress

Kearney Public Schools Hit by Cyberattack, Network and Phones Down Ahead of Monday Classes

Kearney Public Schools (KPS) is fighting with a cybersecurity incident that has disrupted its entire technology network, affecting phones, computers, and other digital systems across the district. The ...
thecyberexpress

F5 Reveals Nation-State Breach as CISA Orders Agencies to Secure F5 Environments

Security and application delivery vendor F5 revealed today in an SEC filing that a nation-state threat actor had “long-term, persistent access” to some of the company’s most critical environments. The ...
thecyberexpress

Oracle Patches New E-Business Suite Flaw as CL0P Claims Harvard as Victim

Oracle rushed out a patch over the weekend for a new E-Business Suite vulnerability that can be exploited remotely without authentication. The vulnerability – CVE-2025-61884 – carries a 7.5 ...
thecyberexpress

Asahi Group Cyberattack Forces Delay in Financial Reporting

Japanese beverage and food giant Asahi Group Holdings has confirmed that a ransomware attack has disrupted its operations and may have led to a leak of personal and financial data. The Asahi Group ...
thecyberexpress

Qantas Airways Cyberattack Update: Customer Data Released, Security Measures Enhanced

Qantas Airways has confirmed that data stolen during a major cyber incident in July has been released by cybercriminals, marking another blow to the Australian consumers as the country continues ...
thecyberexpress

22 Vulnerabilities Under Attack – And Another That Could Be

Cyble has detailed 22 vulnerabilities under attack by threat actors and ransomware groups, and today brought news of another risky vulnerability.
thecyberexpress

New VMware Vulnerability CVE-2025-41244 Actively Exploited Since October 2024

A newly listed VMware zero-day vulnerability has been actively exploited by Chinese state-sponsored threat actors for almost a year, according to security researchers. The 7.8-rated local privilege ...
thecyberexpress

CISA Says Failure to Patch, Untested IRP, Silent EDR Alerts, Led to a Federal Agency Breach

CISA this week offered a rare window into a real-world breach at a U.S. federal civilian agency. Delays in patching, unexercised incident response plans, and inadequate monitoring of EDR alerts were ...
thecyberexpress

Secret Service Dismantles Telecom Threat That Could Have Crippled UN General Assembly

The U.S. Secret Service said it has dismantled a massive telecommunications threat in the New York tri-state area that could have shut down cellular networks and disrupted critical communications ...
thecyberexpress

Auto Giant Stellantis Confirms Data Breach, Says Minimal Data Accessed

Stellantis, one of the world’s largest automakers, confirmed that it was hit by a data breach, but the company says the breach was limited to customer contact information. The Stellantis announcement ...
thecyberexpress

EDR Bypass Technique Uses Windows Functions to Put Antivirus Tools to Sleep

Endpoint detection and response (EDR) bypass and evasion tools and techniques are commonly used by threat and ransomware groups to evade security defenses to carry out their attacks. One common ...
thecyberexpress

Hackers Claim Breach of Red Hat Customer Data

Hackers may have stolen sensitive customer data from a Red Hat GitLab instance. The Red Hat breach claims were made in Telegram posts by a group calling itself “Crimson Collective,” which said it ...