The China-linked advanced persistent threat (APT) group Silk Typhoon has shown a rare ability to compromise trusted relationships in the cloud. That’s one of the key takeaways from new research by CrowdStrike, which calls the Silk Typhoon group “Murky Panda.” Another is the APT group’s ability to rapidly show more ...
An INTERPOL-coordinated operation, dubbed Operation Serengeti 2.0, delivered a telling blow to cybercrime across the African continent. The operation that ran between June and August, this year, saw 1,209 arrests made across 18 African nations and the UK, while 11,432 malicious online infrastructures, including show more ...
A critical security vulnerability, officially tracked as CVE-2025-8592, has been identified in the popular Inspiro WordPress theme. The flaw, affecting over 70,000 active installations, enables unauthenticated attackers to exploit a Cross-Site Request Forgery (CSRF) vulnerability that could allow arbitrary plugin show more ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released four new Industrial Control Systems (ICS) advisories. These advisories expose multiple vulnerabilities in widely used ICS equipment from Siemens, Tigo Energy, and EG4 Electronics. ICSA-25-231-01 and ICSA-25-231-02 focus on Siemens’ show more ...
Constant access to the internet and a cell service is taken as much for granted these days as electricity, and its sometimes hard to imagine how we ever lived without them before. But what if you find yourself in a situation with no mobile internet or cell signal, but you need to stay in touch with friends nearby? For show more ...
Music tastes, location information, even encrypted messages — Apple's servers are gathering a "surprising" amount of personal data through Apple Intelligence, Lumia Security's Yoav Magid warns in his new analysis.
A bug in the control board that connects peripheral devices in commonly used Dell laptops allowed malicious access all the way down to the firmware running on the device chip, new research finds.
While the furor from CISO prosecutions has died down, worries continue over a lack of liability protections and potential targeting by cybercriminals and hackers for their privileged roles.
CVE-2025-43300 is the latest zero-day bug used in cyberattacks against "targeted individuals," which could signify spyware or nation-state hacking.
A Chinese APT is going where most APTs don't: deep into the cloud, compromising supply chains and deploying uncommon malware.
Some insurers look to limit payouts to companies that don't remediate serious vulnerabilities in a timely manner. Unsurprisingly, most companies don't like those restrictions.
The operation disrupted countless scams, and authorities seized a significant amount of evidence and recovered nearly $100 million in lost funds.
_Kiattisak_Lamchan_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
The growing ecosystem of agents, chatbots, and machine credentials that outnumber human users by an order of magnitude is creating a poorly understood but potentially major security issue.
AI-assisted security reviews from Anthropic and others could help level up enterprise application security in the era of vibe coding.
The tech manufacturer Data I/O reported a ransomware attack to federal regulators, writing that the incident has taken down critical operational systems.
The Cybersecurity and Infrastructure Security Agency (CISA) gave civilian federal agencies until September 11 to implement a fix for CVE-2025-43300 — a vulnerability affecting popular brands of Apple phones, iPads and Macbooks.
U.S. tech companies were warned they could face action from the Federal Trade Commission (FTC) for complying with the European Union and United Kingdom’s regulations about the content shared on their platforms.
Authorities across Africa have dismantled large-scale cybercrime and fraud networks, arresting over three months more than 1,200 people suspected of carrying out ransomware attacks, online scams, and business email compromise schemes, Interpol said.
A Houston resident was sentenced to four years in prison for intentionally installing malicious code on his employer's computer systems, which he activated when his role was terminated.
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a technical write-up. "The payload isn't hidden inside the file content or a macro, it's encoded directly
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks. "The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn't kept pace. Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,
INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. "The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation," the agency said. The effort is the second phase of an ongoing law
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer's network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers in March 2025. He was arrested and
Some cybersecurity news outlets were duped a few days ago by a claim that Europol was offering a $50,000 bounty for information about two members of the Qilin ransomware group. Turns out it was all a hoax. Read more details about what happened in my article on the Hot for Security blog
Critical infrastructure organisations are once again being warned of the threat posed by malicious cybercriminals, following a ransomware attack against a state-owned energy company in Pakistan. Read more in my article on the Exponential-e blog.
Source: thehackernews.com – Author: . Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows – CVE-2025-57788 (CVSS score: 6. show more ...
Source: thehackernews.com – Author: . Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme show more ...
Source: thehackernews.com – Author: . Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024. Some of show more ...
Source: www.infosecurity-magazine.com – Author: A seven-year-old vulnerability affecting end-of-life Cisco network devices is being exploited by a Russian state-sponsored cyber espionage group. Cisco Talos stated that the group, known as Static Tundra, has been observed compromising Cisco devices for several show more ...
Source: www.infosecurity-magazine.com – Author: Colt Technology Services has confirmed that cybercriminals could leak customer data. This is despite previously claiming the recent cyber incident targeted an internal system separate from its customers’ infrastructure. On August 14, the British show more ...
Source: www.infosecurity-magazine.com – Author: A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire botnet, which was allegedly used to launch multi-terabit attacks across 80+ countries. Rapper Bot is alleged to administer large-scale DDoS-for-hire attacks averaging two to show more ...
Source: www.csoonline.com – Author: Enterprises and MSPs urged to patch on-premises deployments of N-able’s remote monitoring and management solution, with hundreds of servers still exposed to potential attacks on two critical vulnerabilities. Users of remote monitoring and management (RMM) solution N-able show more ...
Source: www.csoonline.com – Author: FBI and Cisco Talos warn of a sophisticated Russian FSB unit threatening enterprise network infrastructure and business continuity across critical sectors. Russian state-sponsored cyber actors linked to the Federal Security Service (FSB) conducted a decade-long espionage show more ...
Source: www.csoonline.com – Author: The extension can be tricked by invisible Unicode Tag Characters-special symbols unseen by humans but obeyed by AI. The Amazon Q Developer VS Code Extension is reportedly vulnerable to stealthy prompt injection attacks using invisible Unicode Tag characters. According to the show more ...
Source: www.csoonline.com – Author: The move may reassure Western customers but raises global security concerns. Microsoft has said that it has restricted certain Chinese firms from its cybersecurity vulnerability early warning program after concerns surfaced that information from the system may have been show more ...
Source: securityboulevard.com – Author: The CISO Perspective Learn how to implement Zero Trust Architecture in practice. We map NIST 800-207 concepts—like Policy Enforcement Points (PEPs) and Policy Decision Points (PDPs)—to real-world technologies such as firewalls, identity providers, and endpoint show more ...
Source: securityboulevard.com – Author: Lawrence Pingree The New Network Frontier: Edge Computing and the Crisis of Connectivity Editor’s note: This is the second post in a four-part series exploring the architectural gaps, strategic risks, and emerging models shaping the future of edge networking. In show more ...
Source: heimdalsecurity.com – Author: Livia Gyongyoși This week in cyber we’ve got a SaaS breach impacting Workday, a malicious ChatGPT app making the rounds, double trouble for telecom providers, and the takedown of a botnet-for-hire service. Cybersecurity Advisor Adam Pilton is here with useful insights on show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini Orange Belgium revealed that a July attack resulted in the exposure of the information of 850,000 customer accounts. Orange Belgium announced that 850,000 customer accounts were impacted by a July data breach. Threat actors had access to one of the IT show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini A 20-year-old Scattered Spider member gets 10 years in prison and $13M restitution for SIM-swapping crypto thefts. Scattered Spider hacker, Noah Michael Urban (20), was sentenced to 10 years in U.S. prison and ordered to pay $13M restitution for show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and show more ...
Source: securityaffairs.com – Author: Pierluigi Paganini CERT/CC disclosed serious data exposure vulnerabilities in Workhorse Software used by hundreds of U.S. cities and towns. CERT Coordination Center (CERT/CC) at Carnegie Mellon University disclosed two serious data exposure flaws in an accounting show more ...
Source: grahamcluley.com – Author: Graham Cluley Skip to content In episode 431 of the “Smashing Security” podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills. Meanwhile, we look at the growing threat of show more ...
Source: securelist.com – Author: Kaspersky ICS CERT Modern vehicles are transforming into full-fledged digital devices that offer a multitude of features, from common smartphone-like conveniences to complex intelligent systems and services designed to keep everyone on the road safe. However, this show more ...
Source: www.infosecurity-magazine.com – Author: Threat actors are abusing virtual private servers (VPS) to compromise software-as-a-service (SaaS) accounts, according to an investigation by Darktrace. The cybersecurity vendor identified coordinated SaaS account compromises across multiple customer environments, show more ...
Source: www.infosecurity-magazine.com – Author: In a series of updates for its iOS, iPadOS, and macOS operating systems, Apple released a patch for a previously unknown vulnerability that has likely been exploited in highly targeted attacks. The vulnerability, tracked as CVE-2025-43300, is an out-of-bounds show more ...
Source: www.infosecurity-magazine.com – Author: Written by Microsoft has announced plans to implement quantum-safe solutions in its products and services from 2029, with the tech giant aiming for a complete transition by 2033. This is two years ahead of the 2035 deadline set by a number of governments around show more ...
Source: thehackernews.com – Author: . Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace. Most organizations still rely on traditional reporting show more ...
Source: thehackernews.com – Author: . A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis show more ...
Source: www.schneier.com – Author: Bruce Schneier Well, this is interesting: The auction, which will include other items related to cryptology, will be held Nov. 20. RR Auction, the company arranging the sale, estimates a winning bid between $300,000 and $500,000. Along with the original handwritten plain text show more ...
Source: www.schneier.com – Author: Bruce Schneier In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts, to detect show more ...
Source: www.csoonline.com – Author: Davis Lu hid a ‘logic bomb’ inside his employer’s network that deleted the Active Directory profiles of other employees when his ID was revoked. A software developer who launched disruptive logic bombs inside his employer’s network as an act of revenge has been show more ...
Source: www.csoonline.com – Author: Der Industrieversicherungsmakler BüchnerBarella wurde von Hackern gezielt angegriffen. Die Systeme sind aktuell nur eingeschränkt verfügbar. Die Versicherungsbranche ist ein attraktives Ziel für Cyberkriminelle. Jetzt hat es den deutschen Versicherungsmakler show more ...
Source: www.csoonline.com – Author: FreeVPN.One silently takes screenshots of users’ activity and transmits them to a remote server, raising enterprise data loss concerns. Chrome extension, FreeVPN.One, has been found secretly capturing screenshots of users’ browsing sessions and transmitting them to a show more ...
Source: www.csoonline.com – Author: Oracle verabschiedet sich von seiner langjährigen und bisweilen umstrittenen Security-Entscheiderin. Die CSO von Oracle, Mary Ann Davidson, verlässt das Unternehmen. Tada Images – shutterstock.com Die langjährige CSO (Chief Security Officer) von Oracle, Mary Ann show more ...
