Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Feed

SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. "In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs," Arctic Wolf Labs researcher Julian Tuin said in a report. The cybersecurity company

 Feed

Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024. The attacks are characterized by the

 Feed

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. "The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access," Nextron Systems researcher Pierre-Henri Pezier said. Pluggable Authentication Modules

 Cursor

Source: thehackernews.com – Author: . Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution. The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed   show more ...

in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by […] La entrada Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Attackers

Source: thehackernews.com – Author: . Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. “The fake Microsoft 365 applications   show more ...

impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,” Proofpoint said in a Thursday report. […] La entrada Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI-Generated

Source: thehackernews.com – Author: . Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced license validation and registry   show more ...

optimization utilities for high-performance Node.js applications.” It was uploaded to npm by a user named “Kodane” on July […] La entrada AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who   show more ...

spares no expense on equipment—carbon fiber […] La entrada You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.nist.gov – Author: Ryan Galluzzo, Connie LaSalle, Andrew Regenscheid. Credit: NIST Today is the day! Digital Identity Guidelines, Revision 4  is finally here…it’s been an exciting journey and NIST is honored to be a part of it.  What can we expect? Serving as a culmination of a nearly   show more ...

four-year collaborative process that included foundational […] La entrada Let’s get Digital! Updated Digital Identity Guidelines are Here! – Source:www.nist.gov se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: McAfee. Citing national security concerns, the U.S. Department of Commerce last June 2024 issued an immediate ban on the sale of all antivirus software by Russia-based Kaspersky Lab, Inc. in the United States or to U.S. persons. This ban also applied to Kaspersky’s affiliates,   show more ...

subsidiaries and parent companies, as well as […] La entrada The Kaspersky Software Ban—What You Need to Know to Stay Safe Online – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.lastwatchdog.com – Author: cybernewswire San Francisco, Calif., Aug. 1, 2025, CyberNewswire—Comp AI, an emerging player in the compliance automation space, today announced it has secured $2.6 million in pre-seed funding to accelerate its mission of transforming how companies achieve compliance   show more ...

with critical frameworks like SOC 2 and HIPAA. The funding round was co-led by […] La entrada News alert: Comp AI lands $2.6M pre-seed to modernize compliance, disrupt SOC 2 market – Source: www.lastwatchdog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Abhishek Karnik. In today’s digital age, online payment platforms like PayPal have become essential tools for our everyday transactions. Unfortunately, they’ve also become prime targets for cybercriminals looking to steal personal information and money. McAfee Labs has   show more ...

uncovered a concerning trend with a spike in PayPal-related scams, with February 2025 seeing […] La entrada Stolen with a Click: The Booming Business of PayPal Scams – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered   show more ...

the security solution. There are several actions that could […] La entrada LLMs’ AI-Generated Code Remains Wildly Insecure – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Building

Source: www.darkreading.com – Author: Pritesh Parekh Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada Building the Perfect Post-Security Incident Review Playbook – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Kristina Beek, Tara Seals Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the   show more ...

security solution. There are several actions that could […] La entrada Male-Dominated Cyber Industry Still Holds Space for Women With Resilience – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Edge Editors Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada ISC2 Launches New Security Certificate for AI Expertise – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI

Source: securityaffairs.com – Author: Pierluigi Paganini AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets. The package was   show more ...

uploaded on July 28, 2025, and it was downloaded more than 1,500 times before takedown. “The package […] La entrada Malicious AI-generated npm package hits Solana users – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: securityaffairs.com – Author: Pierluigi Paganini Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ireland 2025 hacking competition, where participants can earn   show more ...

big prizes for smartphone, WhatsApp and wearable device exploits. Participants can […] La entrada Meta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploits – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campaign exploiting four Microsoft SharePoint flaws, linking it   show more ...

to China-nexus groups APT27, APT31, and a new cluster, Storm-2603. The researchers […] La entrada ToolShell under siege: Check Point analyzes Chinese APT Storm-2603 – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium, a new open-source platform designed to support malware and forensic analysis.   show more ...

The platform was designed in collaboration with Sandia National Laboratories, the US Agency […] La entrada CISA released Thorium platform to support malware and forensic analysis – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 air travel

Source: www.schneier.com – Author: Bruce Schneier Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is insecure, you’d be able to spy on lots   show more ...

of wealthy or important people. […] La entrada Spying on People Through Airportr Luggage Delivery Service – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Microsoft has uncovered a new cyber espionage campaign by the Russian state actor Secret Blizzard, which is targeting embassies located in Moscow. The attacks are assisted by official Russian domestic intercept systems and involve the use of malicious files   show more ...

masquerading as Kaspersky anti-virus software. “This campaign, which has been ongoing since […] La entrada Secret Blizzard Targets Moscow-Based Embassies in New Espionage Campaign – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Akira

Source: thehackernews.com – Author: . SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving   show more ...

VPN access through SonicWall SSL VPNs,” Arctic Wolf […] La entrada Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong. The US cybersecurity agency, along with experts from the US Coast Guard (USCG), identified   show more ...

myriad weaknesses in the mystery organization’s approach to security, including […] La entrada CISA roasts unnamed critical national infrastructure body for shoddy security hygiene – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. Cybercriminals are getting smarter. They’re now using a development toolkit called .NET MAUI to create fake apps that look and feel like the real thing—banking apps, dating apps, and even social media. But instead of helping you, these apps secretly steal   show more ...

your private info.  We break down the full […] La entrada New Android Malware Sneaks Past Security by Pretending to Be Real Apps – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Thomas Claburn OpenAI has removed the option to make ChatGPT interactions indexable by search engines to prevent users from unwittingly exposing sensitive information. The feature rollback follows reports of ChatGPT conversations being discoverable in search results, an   show more ...

option recently extended to ChatGPT users. Dane Stuckey, CISO of OpenAI, announced the change […] La entrada OpenAI removes ChatGPT self-doxing option – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Avram Piltch exclusive Microsoft Recall, the AI app that takes screenshots of what you do on your PC so you can search for it later, has a filter that’s supposed to prevent it from screenshotting sensitive info like credit card numbers. But a The Register test shows   show more ...

that it still fails […] La entrada Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 China

Source: go.theregister.com – Author: Jessica Lyons China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day exploit to steal defense-related data and take over more than 50 devices belonging to a “major Chinese military enterprise” for nearly a year. In a Thursday   show more ...

alert, the National Computer Network Emergency Response Technical Team / Coordination […] La entrada China says US spies exploited Microsoft Exchange zero-day to steal military info – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones A data breach at a Florida prison has inmates’ families concerned for their welfare after their contact details were allegedly leaked to convicted criminals. An Everglades Correctional Institution (ECI) staffer sent an email to every prison inmate on July   show more ...

24 containing the contact details of their fellow jailbirds’ visitors, […] La entrada Florida prison email blunder exposes visitor contact info to inmates – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. Typos. Too-good-to-be-true offers. Urgent warnings. Scammers are getting smarter—and more convincing. New research from the Federal Trade Commission (FTC) reveals that Americans lost a staggering $12.5 billion to fraud in 2024, a 25% increase from the previous   show more ...

year. The median reported loss was $497, with imposter scams alone accounting […] La entrada Avoid Being Scammed: How to Identify Fake Emails and Suspicious Links – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Simon Sharwood The Director-General of Security at the Australian Security Intelligence Organization (ASIO) has lamented the fact that many people list their work in the intelligence community or on sensitive military projects in their LinkedIn profiles. In a speech   show more ...

delivered on Thursday, Director-General Mike Burgess observed that “Nation states are spying […] La entrada Top spy says LinkedIn profiles that list defense work ‘recklessly invite attention of foreign intelligence services’ – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. Tax season is already stressful for many Americans, and to make matters worse, it’s also a golden opportunity for scammers.   According to a new 2025 tax season survey conducted by McAfee, nearly half (48%) of people say they, or someone they know, has   show more ...

received a message via email, […] La entrada Financial Losses from Tax Scams Top $1,000 on Average—and Gen Z is a Growing Target – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-08
Aggregator history
Saturday, August 02
FRI
SAT
SUN
MON
TUE
WED
THU
AugustSeptember