BRASILIA, July 2 (Reuters) - Brazil's central bank said on Wednesday that technology services provider C&M Software, which serves financial institutions lacking connectivity infrastructure, had reported a cyberattack on its systems.
The bank did not provide further details of the attack, but said in a statement that it ordered C&M to shut down financial institutions' access to the infrastructure it operates.
C&M Software commercial director Kamal Zogheib said the company was a direct victim of the cyberattack, which involved the fraudulent use of client credentials in an attempt to access its systems and services.
C&M said critical systems remain intact and fully operational, adding that all security protocol measures had been implemented. The company is cooperating with the central bank and the Sao Paulo state police in the ongoing investigation, added Zogheib.
Brazilian financial institution BMP told Reuters that it and five other institutions experienced unauthorized access to their reserve accounts during the attack, which took place on Monday.
BMP said the affected accounts are held directly at the central bank and used exclusively for interbank settlement, with no impact on client accounts or internal balances.
On May 29, 2025, SentinelOne experienced a global service disruption affecting multiple customer-facing services. During this period, customer endpoints remained protected, but security teams were unable to access the management console and related services, which significantly impacted their ability to manage their security operations and access important data. We apologize for the disruption caused by this service interruption.
The root cause of the disruption was a software flaw in an infrastructure control system that removed critical network routes, causing widespread loss of network connectivity within the SentinelOne platform. It was not a security-related event. The majority of SentinelOne services experienced full or partial downtime due to this sudden loss of network connectivity to critical components in all regions.
We’d like to assure our commercial customers that their endpoints were protected throughout the duration of the service disruption and that no SentinelOne security data was lost during the event. Protected endpoint systems themselves did not experience downtime due to this incident. A core design principle of the SentinelOne architecture is to ensure protection and prevention capabilities continue uninterrupted without constant cloud connectivity or human dependency for detection and response – even in the case of service interruptions, of any kind, including events like this one.
Researchers have discovered several vulnerabilities in popular WordPress plugins that allow attackers to create rogue admin accounts.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro.
Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
Our team is tracking in-the-wild exploitation of zero-day vulnerabilities against PaperCut MF/NG which allow for unauthenticated remote code execution due to an authentication bypass.
UPDATE: A new statement(Opens in a new window) from MSI says users should avoid downloading firmware and BIOS updates from third-party sources, and instead only obtain such software from the company's official website.
The statement suggests MSI is worried hackers could circulate malicious versions of the company's BIOS software when the ransomware gang, Money Message, claims it stole the PC maker's source code.