CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks
CISA has added CVE-2025-13223, a zero day vulnerability in Google Chrome’s V8 engine, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. The flaw allows attackers to execute arbitrary code through crafted web content and has prompted an accelerated patch deadline for U.S. federal agencies. Google has released updates for Chrome, and other Chromium based browsers are also expected to ship fixes.
Critical SolarWinds Serv-U Flaws Enable Remote Admin-Level Code Execution
SolarWinds has disclosed and patched three critical remote code execution vulnerabilities in its Serv-U file transfer software, each rated CVSS 9.1. The issues can be exploited by an authenticated administrator to run arbitrary commands on the underlying server, raising concerns for environments where Serv-U is exposed to the internet or handles sensitive data. Organizations are being urged to upgrade to the latest version and review access to administrative interfaces.
US, Allies Sanction Russian Bulletproof Ransomware Host
The United States, United Kingdom, and Australia have jointly sanctioned Media Land, a Russian “bulletproof” hosting provider accused of supporting multiple ransomware and cybercrime operations. Authorities say the company knowingly rented infrastructure to criminal groups and ignored abuse complaints, enabling long running campaigns involving data theft, extortion, and fraud. The sanctions aim to disrupt that infrastructure and signal increased pressure on service providers that cater to cybercriminals.
Akira Ransomware Breach on American Trust Administrators
The Akira ransomware group claims to have compromised American Trust Administrators, a U.S. benefits administration firm, and says it has stolen roughly 143 GB of internal data. According to the group’s leak site, the haul includes corporate documents and HR related information, and the attackers are threatening to publish the data if a ransom is not paid. The company has not yet released detailed technical information about the intrusion or the exact scope of affected records.
Law firm Pillsbury faces class actions over April data breach
Pillsbury Winthrop Shaw Pittman is facing multiple class action lawsuits after an April cyber incident in which an attacker fooled a single employee into granting access to a trove of documents. The compromised files reportedly contained personal and financial information on thousands of individuals, including clients and third parties. Plaintiffs accuse the firm of failing to implement adequate safeguards and seek damages related to the exposure of their data.
Revisiting the Versatile Qilin Ransomware
AttackIQ has published an updated analysis of the Qilin ransomware operation, highlighting its evolution into a flexible ransomware as a service platform. The group’s tooling now includes a Rust based payload that supports multiple operating systems, techniques to disable security software, and extensive discovery and lateral movement capabilities. The report provides a detailed kill chain and mapping to common frameworks to help organizations understand Qilin’s behavior and test their defenses.
