thecyberexpress

Massive Cyberattack Hits Kenyan Ministries, Sites Replaced With Racist Messages

The Government of Kenya cyberattack on Monday morning left several ministry websites defaced with racist and white supremacist messages, disrupting access for hours and prompting an urgent response ...
thecyberexpress

IBM AIX Hit by Three Critical Vulnerabilities, One a Perfect 10. Patch Now!

Vulnerabilities in the IBM AIX operating system for Power servers could allow remote attackers to execute arbitrary commands, obtain Network Installation Manager (NIM) private keys, or traverse ...
thecyberexpress

Logitech Confirms Data Breach Following CL0P Victim Claims

Logitech International S.A. has confirmed that it was hit by a data breach, the company said in an SEC filing late last week. Logitech’s 8-K filing released on Nov. 14 was short on details, but the ...
thecyberexpress

Eurofiber France Confirms Data Exfiltration After System Breach

A cybersecurity incident at Eurofiber France was officially confirmed after the company identified unauthorized activity on November 13, 2025. The incident involved a software vulnerability that ...
thecyberexpress

Ransomware Attacks Soared 30% in October

Ransomware attacks soared 30% in October to the second-highest total on record, Cyble reported today. The 623 ransomware attacks recorded in October were second only to February 2025’s record attacks, ...
thecyberexpress

Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11

Apache warns of CVE-2025-55752 and CVE-2025-55754 in Tomcat 9–11, risking remote code execution and console attacks. Urgent updates are strongly advised.
thecyberexpress

New VMware Vulnerability CVE-2025-41244 Actively Exploited Since October 2024

A newly listed VMware zero-day vulnerability has been actively exploited by Chinese state-sponsored threat actors for almost a year, according to security researchers. The 7.8-rated local privilege ...
thecyberexpress

APT28’s Recent Campaign Combined Steganography, Cloud C2 into a Modular Infection Chain

APT28, the long-running actor tracked as Fancy Bear, Sofacy and Sednit, used a compact but technically sophisticated campaign that researchers documented as Phantom Net Voxel. The campaign is an ...
thecyberexpress

CrowdStrike Among Those Hit in NPM Attack Campaign

More than 20 CrowdStrike NPM packages were among nearly 200 NPM packages hit by a sophisticated supply chain attack. The compromised packages were quickly removed and CrowdStrike said its Falcon ...
thecyberexpress

Roblox Turns to AI-Based Age Estimation for All Communication-Ready Users

Roblox is rolling out a bold move to bolster child protection on its platform. In a Safety + Civility update, Chief Safety Officer Matt Kaufman announced that, by the end of 2025, every user accessing ...
thecyberexpress

Hacker Collective Threatens Google With Data Leak Ultimatum

A hacker collective demands Google fire two employees or face a data leak. No breach confirmed, but the threat raises serious cybersecurity concerns.
thecyberexpress

What Are Vulnerabilities: Types, Examples, Causes, and More!

This article talks about what are vulnerabilities, their types & causes, and details how to implement a winning vulnerability management strategy.