Founded in 1984, MathWorks is headquartered in Massachusetts and has more than 34 offices worldwide with more than 6,500 employees. MathWorks develops the MATLAB platform and the Simulink graphical simulation environment that are used by more than 100,000 organizations and 5 million customers.
“MathWorks experienced a ransomware attack. We have notified federal law enforcement of this matter. The attack affected our IT systems. Some of our online applications used by customers became unavailable, and certain internal systems used by staff became unavailable, beginning on Sunday, May 18,” — MathWorks.
Service interruptions caused by the attack still continue (e.g. the cloud center, file sharing, license center, and MathWorks store might be out of service), but the company has already restored some services and addressed third-party cybersecurity experts for assistance.
For several days, users were unable to access their accounts due to problems with signatures, but on May 21, MathWorks restored multifactor authentication and SSO (Single Sign On).
However, some customers are still experiencing problems preventing them from creating new accounts. Additionally, those who haven’t logged in since October 11, 2024, are unable to log in at all.
So far, MathWorks hasn’t released any additional information about the incident. The extortionists behind this attack are unknown; the question whether customer data were compromised remains open. No hacker group has claimed responsibility for the attack yet.
2025.02.06 — Let's Encrypt to stop sending expiration notification emails
The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision…
Full article →
2025.03.16 — Researchers force DeepSeek to write malware
According to Tenable, the AI chatbot DeepSeek R1 from China can be used to write malware (e.g. keyloggers and ransomware). DeepSeek was released in January 2025 and caused a stir…
Full article →
2025.02.01 — Critical RCE vulnerability fixed in Cacti
A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code. Vulnerability's ID is CVE-2025-22604; its…
Full article →
2025.02.25 — More than 100,000 users downloaded SpyLend malware from Google Play Store
According to Cyfirma, a malicious Android app called SpyLend was available on the official Google Play Store for some time and has been downloaded from there…
Full article →
2025.01.25 — 18,000 script kiddies have been infected with backdoor via XWorm RAT builder
According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies' systems become infected with a backdoor that steals data and subsequently…
Full article →
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…
Full article →
2025.02.14 — 12,000 Kerio Control firewalls remain vulnerable to RCE
Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed…
Full article →
2025.04.07 — Critical RCE vulnerability discovered in Apache Parquet
All versions of Apache Parquet up to and including 1.15.0 are affected by a critical remote code execution (RCE) vulnerability whose CVSS score is 10 out…
Full article →
2025.02.05 — Google patches Android zero-day vulnerability exploited by hackers
Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers. The zero-day's…
Full article →
2025.02.18 — Chrome Enhanced Protection mode is now powered by AI
The Enhanced Protection mode in Google Chrome has been updated. Now it uses AI to protect users from dangerous sites, downloads, and extensions in real time.…
Full article →