An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts to cybercriminals who launch attacks against Israel and the U.S. The financially motivated scheme, now operating under the moniker Pay2Key.I2P, is assessed to be linked to a hacking group tracked as Fox Kitten (aka Lemon […]
Author Archives: Onsite Computing, Inc.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. The shortcoming in question is CVE-2025-5777 (CVSS score: 9.3), an instance of insufficient input validation that Go […]
Information from the company’s NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn’t rule out the possibility that the data may have been stolen. Go to Source Author: Kristina Beek
eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards. Go to Source Author: Nate Nelson, Contributing Writer
Microsoft announced that it has replaced the default scripting engine JScript with the newer and more secure JScript9Legacy on Windows 11 version 24H2 and later. […] Go to Source Author: Bill Toulas
Customers were the first to notice the disruption on the distributor’s website when they couldn’t place orders online. Go to Source Author: Kristina Beek
Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting in order to integrate AI models with external data sources. Go to Source Author: Jai Vijayan, Contributing Writer
The UK’s National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider. Go to Source Author: Alexander Culafi
Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands. The vulnerability, tracked as CVE-2025-6514, carries a CVSS score of 9.6 out of 10.0. “The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it […]
Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States for allegedly acting as a negotiator for a ransomware gang. […] Go to Source Author: Lawrence Abrams