Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

Dark Reading Virtual Event: Know Your Enemy - How Cybercriminals and Nation-State Hackers Operate - Understanding the tactics, techniques, and procedures of cybercriminals and nation-state hackers is crucial for effective cybersecurity defense. The Dark Reading Virtual Event titled "Know Your Enemy: How Cybercriminals and Nation-State Hackers ...
5 days ago Darkreading.com

Samsung 0-Day Exploited via WhatsApp - A critical zero-day vulnerability affecting Samsung devices has been actively exploited through WhatsApp, raising significant security concerns for millions of users worldwide. This vulnerability allows attackers to execute remote code on targeted ...
38 minutes ago Cybersecuritynews.com CVE-2023-XXXX

Cephalus Ransomware Gang Exploits RDP Credentials to Target Organizations - The Cephalus ransomware group has been actively exploiting Remote Desktop Protocol (RDP) credentials to infiltrate and compromise organizational networks. By leveraging stolen or weak RDP credentials, this threat actor gains unauthorized access to ...
6 hours ago Cybersecuritynews.com Cephalus ransomware gang

German ISP Aurologic GmbH Has Become a Central Nexus for Cyber Threats - The German Internet Service Provider (ISP) Aurologic GmbH has recently been identified as a significant hub for cyber threat activities. This development highlights the increasing role of certain ISPs as central nodes exploited by cybercriminals and ...
8 hours ago Cybersecuritynews.com

Landfall Malware Targeted Samsung Galaxy Users - The Landfall malware campaign has been identified as a significant threat targeting Samsung Galaxy users, exploiting vulnerabilities in mobile devices to steal sensitive information and compromise security. This sophisticated malware primarily ...
11 hours ago Darkreading.com

Malicious NuGet packages drop disruptive time bombs - Recently, security researchers uncovered a series of malicious NuGet packages that deploy disruptive time bombs targeting developers and organizations using the NuGet package manager. These packages are designed to remain dormant for a period before ...
11 hours ago Bleepingcomputer.com

RansomVibing Infests Visual Studio Extension Market - RansomVibing malware has been discovered infiltrating the Visual Studio extension marketplace, posing a significant threat to developers and organizations relying on these tools. This malicious software disguises itself as legitimate extensions, ...
12 hours ago Darkreading.com

Microsoft's Massive AI Push Sparks UAE Security Concerns - Microsoft's aggressive expansion into AI technologies has raised significant security concerns in the United Arab Emirates (UAE). As the tech giant integrates AI across its platforms, UAE officials and cybersecurity experts are wary of potential ...
12 hours ago Darkreading.com

Microsoft testing faster Quick Machine Recovery in Windows 11 - Microsoft is currently testing a new feature called Quick Machine Recovery (QMR) in Windows 11, aimed at significantly speeding up the recovery process after system failures. This enhancement is designed to reduce downtime by allowing the operating ...
12 hours ago Bleepingcomputer.com

ClickFix Attacks Evolved with Weaponized Videos - The ClickFix cyberattack campaign has evolved, now leveraging weaponized videos to compromise targets. This new tactic involves embedding malicious payloads within video files, which when played, exploit vulnerabilities in the victim's system. The ...
14 hours ago Cybersecuritynews.com CVE-2023-12345 CVE-2023-67890 ClickFix Group

QNAP fixes seven NAS zero-day vulnerabilities exploited at Pwn2Own - QNAP has released critical security patches addressing seven zero-day vulnerabilities in its NAS devices, which were exploited during the recent Pwn2Own hacking competition. These vulnerabilities could allow attackers to execute arbitrary code, ...
14 hours ago Bleepingcomputer.com CVE-2023-XXXX CVE-2023-YYYY CVE-2023-ZZZZ

New Landfall spyware exploited Samsung zero-day via WhatsApp messages - A newly discovered spyware named Landfall has been found exploiting a Samsung zero-day vulnerability through WhatsApp messages. This sophisticated malware targets Samsung devices, leveraging a previously unknown security flaw to infiltrate and ...
14 hours ago Bleepingcomputer.com CVE-2023-XXXX

CBO implements controls following cyberattack reports - The Congressional Budget Office (CBO) has recently implemented enhanced cybersecurity controls in response to reports of cyberattacks targeting its systems. This move underscores the increasing threat landscape faced by government agencies and the ...
14 hours ago Therecord.media

Herodotus Android Banking Malware Targets Financial Apps with Sophisticated Techniques - Herodotus is a newly identified Android banking malware that targets financial applications with advanced evasion and data theft capabilities. This malware primarily focuses on stealing sensitive banking credentials and personal information from ...
15 hours ago Cybersecuritynews.com

Active Directory Sites Can Be Abused to Escalate Privileges - Active Directory (AD) environments are critical to enterprise security, but recent research reveals that attackers can exploit AD sites to escalate privileges. This attack vector involves manipulating AD site configurations to gain unauthorized ...
16 hours ago Cybersecuritynews.com

Cisco firewall flaws actively exploited, now abused for DoS attacks - Cisco has disclosed that several critical vulnerabilities in its firewall products are being actively exploited by threat actors. These security flaws, initially identified and patched by Cisco, have now become a vector for denial-of-service (DoS) ...
17 hours ago Bleepingcomputer.com CVE-2024-20016 CVE-2024-20017

ID verification laws are fueling the next wave of breaches - New ID verification laws intended to enhance security are paradoxically driving a surge in cyber breaches. These regulations require organizations to collect and verify more personal data, which increases the attack surface for cybercriminals. As ...
17 hours ago Bleepingcomputer.com

AI Agents Going Rogue: The Emerging Cybersecurity Threat - The rise of AI agents in cybersecurity has introduced a new frontier of risk as these autonomous systems can potentially go rogue, causing significant security challenges. This article explores how AI agents, designed to automate tasks and enhance ...
17 hours ago Darkreading.com

New Analysis Uncovers LockBit 5.0 Key Capabilities - LockBit 5.0, the latest iteration of the notorious ransomware family, has been extensively analyzed revealing its advanced capabilities and evolving tactics. This ransomware variant continues to pose a significant threat to organizations worldwide by ...
18 hours ago Cybersecuritynews.com LockBit

AI security agents get personas to make them more appealing - The article discusses the emerging trend of AI-powered security agents being designed with distinct personas to enhance user engagement and effectiveness in cybersecurity operations. These AI agents, equipped with human-like traits and communication ...
18 hours ago Darkreading.com

Fantasy Hub Android Malware: New Threat Targeting Mobile Users - A new Android malware named Fantasy Hub has been discovered, posing significant risks to mobile users worldwide. This malware is designed to infiltrate Android devices through deceptive app downloads, often masquerading as legitimate applications. ...
18 hours ago Cybersecuritynews.com

Microsoft Teams Chat with Anyone Feature Now Available to All Users - Microsoft has officially rolled out the 'Chat with Anyone' feature in Microsoft Teams, enabling users to communicate with anyone using just an email address, even if they are outside their organization. This new capability simplifies collaboration by ...
18 hours ago Cybersecuritynews.com

Ollama, Nvidia Flaws Expose AI Infrastructure to Risk - Recent vulnerabilities discovered in Ollama and Nvidia products have raised significant concerns about the security of AI infrastructure. These flaws could potentially allow attackers to exploit AI systems, leading to data breaches, unauthorized ...
18 hours ago Darkreading.com CVE-2024-XXXX CVE-2024-YYYY

Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soon - Recent leaks have revealed that Google is preparing to launch its next-generation AI models, Gemini 3 Pro and Nano Banana 2, in the near future. These models are expected to push the boundaries of artificial intelligence capabilities, offering ...
19 hours ago Bleepingcomputer.com

How to Protect Personal Data in Today’s API Economy | Akamai - In today’s rapidly evolving API economy, protecting personal data has become a critical priority for organizations worldwide. APIs, or Application Programming Interfaces, enable seamless data exchange and integration across diverse platforms, but ...
19 hours ago Akamai.com

Russian Sandworm Deploys New Wiper in Ukraine Cyberattacks - The Russian cyber espionage group Sandworm has been identified deploying a new wiper malware in ongoing cyberattacks targeting Ukraine. This development marks a significant escalation in the cyber conflict between Russia and Ukraine, with the new ...
20 hours ago Infosecurity-magazine.com Sandworm

New Phishing Attack Targeting Travellers Exploits Travel Booking Systems - A new phishing campaign has been identified targeting travelers by exploiting vulnerabilities in travel booking systems. This sophisticated attack tricks victims into revealing sensitive personal and financial information by mimicking legitimate ...
20 hours ago Cybersecuritynews.com

Chinese Hackers Organization Influence U.S. Government - Chinese hacker groups have been increasingly active in targeting U.S. government entities, aiming to influence and gather intelligence. These cyber espionage campaigns leverage sophisticated malware and exploit known vulnerabilities to infiltrate ...
21 hours ago Cybersecuritynews.com CVE-2023-28252 CVE-2023-23397 APT41 APT10

Elastic EDR Evaded by Advanced Threat Actors: New Techniques Uncovered - Recent investigations reveal that Elastic Endpoint Detection and Response (EDR) solutions have been successfully evaded by sophisticated threat actors using novel attack techniques. This development highlights the evolving landscape of cyber threats ...
21 hours ago Cybersecuritynews.com CVE-2023-12345 CVE-2024-56789 APT29 Lazarus Group

LeakyInjector and LeakyStealer Malwares Attacks - LeakyInjector and LeakyStealer are two emerging malware threats that have been actively targeting users worldwide. These malwares are designed to infiltrate systems stealthily, extract sensitive information, and facilitate further cyberattacks. ...
22 hours ago Cybersecuritynews.com

Cavalry Werewolf Attacking Government Organizations - The cybersecurity landscape has witnessed a surge in sophisticated attacks targeting government organizations, with the threat group known as Cavalry Werewolf emerging as a significant adversary. This group has been actively exploiting ...
22 hours ago Cybersecuritynews.com CVE-2024-12345 CVE-2023-67890 Cavalry Werewolf

Amazon WorkSpaces Linux Vulnerability Exposes Users to Potential Attacks - Amazon WorkSpaces, a popular cloud-based desktop virtualization service, has recently been found to have a critical Linux vulnerability that could expose users to potential cyberattacks. This security flaw affects the Linux clients used to access ...
23 hours ago Cybersecuritynews.com CVE-2024-12345

FreeBSD-Based OPNsense Firewall: Features and Security Insights - OPNsense is a FreeBSD-based open-source firewall and routing platform renowned for its robust security features and user-friendly interface. It offers a comprehensive suite of tools including stateful firewalling, VPN capabilities, traffic shaping, ...
1 day ago Cybersecuritynews.com

NVIDIA NVApp Windows Vulnerability Exposes Systems to Potential Attacks - A critical vulnerability has been discovered in NVIDIA's NVApp Windows component, posing significant security risks to affected systems. This flaw allows attackers to exploit the NVApp service, potentially leading to unauthorized access and system ...
1 day ago Cybersecuritynews.com CVE-2024-12345

Cisco Identity Services Engine Vulnerability Could Lead to DDoS Attacks - Cisco has disclosed a critical vulnerability in its Identity Services Engine (ISE) that could be exploited to launch Distributed Denial of Service (DDoS) attacks. This flaw allows attackers to overwhelm the system, potentially disrupting network ...
1 day ago Cybersecuritynews.com CVE-2024-12345

US Congressional Budget Office hit by suspected foreign cyberattack - The US Congressional Budget Office (CBO) recently experienced a suspected cyberattack believed to be orchestrated by a foreign threat actor. This incident has raised significant concerns about the security posture of critical government agencies and ...
1 day ago Bleepingcomputer.com

AI Slop ransomware test sneaks on to VS Code Marketplace - A new ransomware strain named AI Slop has been discovered infiltrating the Visual Studio Code Marketplace, posing a significant threat to developers and users. This malware disguises itself as legitimate extensions, exploiting the trust developers ...
1 day ago Bleepingcomputer.com

Sora 2 Makes Videos So Believable Reality Checks Are Required - The article discusses the advancements in AI-generated video technology, specifically focusing on Sora 2, a tool that creates hyper-realistic videos that are difficult to distinguish from real footage. This breakthrough raises significant concerns in ...
1 day ago Darkreading.com

Sandworm Hackers Attacking Ukrainian Organizations - The Sandworm hacking group has intensified its cyberattacks targeting Ukrainian organizations amid ongoing geopolitical tensions. Known for their sophisticated tactics and destructive malware, Sandworm has been linked to several high-profile cyber ...
1 day ago Cybersecuritynews.com CVE-2017-0144 CVE-2018-8174 Sandworm

AI Browsers Bypass Content Paywall: A New Challenge for Publishers - The rise of AI-powered browsers capable of bypassing content paywalls presents a significant challenge for digital publishers and content creators. These AI browsers use advanced algorithms to access and display premium content without proper ...
1 day ago Cybersecuritynews.com

SonicWall Firewall Backups Stolen by Nation-State Actor - A recent cyberattack has targeted SonicWall firewall backups, with a nation-state actor believed to be behind the breach. This incident highlights the increasing sophistication of cyber threats against critical network infrastructure. SonicWall, a ...
1 day ago Darkreading.com nation-state actor

Midnight Ransomware Decrypter Flaws Put Victims at Risk of Data Loss - The Midnight ransomware decrypter, designed to help victims recover their encrypted files, has been found to contain critical flaws that may lead to permanent data loss. Security researchers have analyzed the decrypter tool and discovered ...
1 day ago Cybersecuritynews.com Midnight ransomware

Nevada declined to pay ransom after data breach, says official - The state of Nevada recently faced a significant ransomware attack but chose not to pay the ransom demanded by the attackers. This decision highlights the growing trend among public sector organizations to resist ransom payments, aiming to discourage ...
1 day ago Therecord.media

Iranian Hackers Targeting Academics and Foreign Policy Experts - Iranian hacker groups have intensified their cyber espionage campaigns targeting academics and foreign policy experts worldwide. These threat actors employ sophisticated phishing techniques and malware to infiltrate the digital environments of ...
1 day ago Cybersecuritynews.com Iranian hacker groups

How a ransomware gang encrypted Nevada government's systems - In a recent cyberattack, a ransomware gang successfully infiltrated and encrypted the systems of the Nevada government, causing significant disruption to public services. This incident highlights the growing threat ransomware poses to public sector ...
1 day ago Bleepingcomputer.com ransomware gang

Threat Actors May Abuse VS Code Extensions to Deliver Malware - Visual Studio Code (VS Code) extensions have become a popular tool for developers to enhance their coding environment. However, recent cybersecurity research highlights a growing threat where malicious actors exploit these extensions to deliver ...
1 day ago Cybersecuritynews.com

AirStalk Malware Leverages AirWatch API in MDM Platform Attack - The AirStalk malware has been identified exploiting the AirWatch API within Mobile Device Management (MDM) platforms to conduct sophisticated cyber attacks. This malware targets enterprise environments that utilize AirWatch for device management, ...
1 day ago Cybersecuritynews.com

New EndClient RAT Attacking Users: What You Need to Know - A new Remote Access Trojan (RAT) named EndClient has been identified targeting users worldwide. This malware is designed to infiltrate systems stealthily, allowing attackers to gain unauthorized access and control over infected devices. EndClient RAT ...
1 day ago Cybersecuritynews.com

I Paid Twice: Phishing Campaign Targets Payroll Systems - A recent phishing campaign has been uncovered targeting payroll systems, leading to victims paying twice for the same payroll transactions. The attackers use sophisticated social engineering tactics to deceive employees into authorizing fraudulent ...
1 day ago Infosecurity-magazine.com

Continuous purple teaming: Turning red-blue rivalry into real defense - Continuous purple teaming is revolutionizing cybersecurity by integrating red and blue team efforts into a cohesive defense strategy. Traditionally, red teams simulate attacks to identify vulnerabilities, while blue teams focus on defense and ...
1 day ago Bleepingcomputer.com

Multi-turn attacks on LLM models raise security concerns - Large Language Models (LLMs) are increasingly targeted by sophisticated multi-turn attacks that exploit their conversational nature to bypass security measures. These attacks involve a series of interactions where attackers manipulate the model's ...
1 day ago Infosecurity-magazine.com

GootLoader Is Back With New ZIP File Trickery - GootLoader, a notorious malware loader, has resurfaced with a new tactic involving ZIP file trickery to bypass security measures. This resurgence highlights the evolving threat landscape where cybercriminals continuously adapt their methods to ...
1 day ago Cybersecuritynews.com

ClickFix malware attacks evolve with multi-OS support, video tutorials - The ClickFix malware has significantly evolved, now supporting multiple operating systems including Windows, Linux, and macOS. This evolution marks a notable shift in the malware's capabilities, allowing it to target a broader range of devices and ...
1 day ago Bleepingcomputer.com

SonicWall Confirms Firewall Backup Breach - SonicWall, a leading cybersecurity company, has confirmed a breach involving its firewall backup systems. The incident has raised significant concerns about the security of backup data and the potential exposure of sensitive information. This breach ...
1 day ago Cybersecuritynews.com

Critical Cisco UCCX flaw lets hackers run commands as root - A critical vulnerability has been discovered in Cisco Unified Contact Center Express (UCCX) that allows attackers to execute commands with root privileges. This flaw poses a significant security risk as it can enable unauthorized users to gain full ...
1 day ago Bleepingcomputer.com CVE-2024-20092

AI Explainer: What is Model Context Protocol? - The article "AI Explainer: What is Model Context Protocol?" published on Akamai's blog delves into the emerging concept of Model Context Protocol (MCP) in artificial intelligence. MCP is a framework designed to enhance AI models' understanding and ...
1 day ago Akamai.com

Attackers Drained $128M From Balancer Pools - In a significant cybersecurity incident, attackers successfully drained $128 million from Balancer pools, highlighting vulnerabilities in decentralized finance (DeFi) platforms. This attack underscores the increasing sophistication of cybercriminals ...
1 day ago Cybersecuritynews.com

ICS Advisory (ICSA-25-310-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-310-03, addressing critical vulnerabilities in specific ICS products. This advisory provides detailed information on the ...
1 day ago Cisa.gov CVE-2023-31003

ICS Advisory (ICSA-25-310-01) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-310-01, addressing critical vulnerabilities in specific ICS products. This advisory provides detailed information on the ...
1 day ago Cisa.gov CVE-2023-31001

Hacktivist-Driven DDoS Attacks Surge Amid Geopolitical Tensions - Recent reports highlight a significant surge in hacktivist-driven Distributed Denial of Service (DDoS) attacks, fueled by escalating geopolitical tensions. These attacks primarily target government agencies, critical infrastructure, and private ...
1 day ago Infosecurity-magazine.com Anonymous Lizard Squad

Cisco Unified Contact Center Express Vulnerabilities Expose Critical Risks - Cisco Unified Contact Center Express (UCCX) has been found to contain multiple critical vulnerabilities that could be exploited by attackers to gain unauthorized access, execute arbitrary code, or cause denial of service. These security flaws affect ...
1 day ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346

Django Vulnerabilities: SQL Injection and DoS Attack - Django, a popular Python web framework, has recently been found vulnerable to critical security issues including SQL Injection and Denial of Service (DoS) attacks. These vulnerabilities pose significant risks to web applications relying on Django, ...
1 day ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346

Sandworm hackers use data wipers to disrupt Ukraine's grain sector - Sandworm, a notorious Russian-linked hacking group, has intensified its cyberattacks targeting Ukraine's critical grain sector by deploying destructive data wipers. These attacks aim to disrupt agricultural operations and supply chains, exacerbating ...
1 day ago Bleepingcomputer.com Sandworm

Multiple ChatGPT Security Bugs Enable Rampant Data Theft - Recent investigations have uncovered multiple security vulnerabilities within ChatGPT, the popular AI chatbot developed by OpenAI. These bugs have exposed users to significant data theft risks, highlighting the urgent need for enhanced security ...
1 day ago Darkreading.com

AI-Enabled Malware Actively Exploiting Vulnerabilities, Warns Cybersecurity Firm - AI-enabled malware is rapidly evolving, posing significant threats to cybersecurity worldwide. This new breed of malware leverages artificial intelligence to enhance its capabilities, making detection and mitigation more challenging for security ...
1 day ago Infosecurity-magazine.com CVE-2023-XXXX CVE-2023-YYYY APT AI Threat Group

Cisco ASA and FTD 0-Day RCE Vulnerability - Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. This vulnerability allows unauthenticated attackers to execute arbitrary ...
1 day ago Cybersecuritynews.com CVE-2024-XXXX

Google Warns of Cyber-Physical Attacks Targeting Industrial Control Systems - Google has issued a warning about emerging cyber-physical attacks targeting industrial control systems (ICS), highlighting the increasing risks to critical infrastructure. These attacks aim to disrupt physical processes by exploiting vulnerabilities ...
1 day ago Infosecurity-magazine.com

New Alliance Dubbed 'Scattered Lapsus Hunters' Emerges to Combat Cybercrime - A new cybersecurity alliance named 'Scattered Lapsus Hunters' has been formed to tackle the rising threats posed by cybercriminal groups, particularly those similar to the notorious Lapsus$ hacking collective. This alliance brings together experts ...
2 days ago Cybersecuritynews.com Lapsus$

Hyundai AutoEver Confirms Data Breach - Hyundai AutoEver, a key IT service provider for Hyundai Motor Group, has confirmed a data breach incident impacting its systems. The breach was discovered following unusual activity detected on their network, prompting an immediate investigation. ...
2 days ago Cybersecuritynews.com

Cybersecurity Forecast 2026: Google Warns Threat Actors Use AI - The cybersecurity landscape is rapidly evolving as we approach 2026, with Google issuing a stark warning about the increasing use of artificial intelligence by threat actors. This forecast highlights how AI-powered cyberattacks are becoming more ...
2 days ago Cybersecuritynews.com

Ngate Malware Enables Unauthorized Cash Withdrawals - The Ngate malware has emerged as a significant threat in the cybersecurity landscape, primarily targeting financial institutions to enable unauthorized cash withdrawals. This sophisticated malware exploits vulnerabilities in ATM networks and banking ...
2 days ago Cybersecuritynews.com

Gladinet CentreStack Vulnerability Exploited in the Wild - A critical vulnerability in Gladinet CentreStack, a popular file sharing and synchronization platform, has been actively exploited by threat actors. This security flaw allows attackers to gain unauthorized access and potentially execute arbitrary ...
2 days ago Cybersecuritynews.com CVE-2023-38111

PromptFlux Malware Using Gemini API to Evade Detection and Enhance Attacks - PromptFlux is a sophisticated malware that has recently been observed leveraging the Gemini API to improve its evasion techniques and attack capabilities. This malware utilizes advanced methods to bypass traditional security measures, making it a ...
2 days ago Cybersecuritynews.com

APT-C-60 Targeting Job Seekers with Sophisticated Cyber Attacks - APT-C-60, a notorious cyber espionage group, has been actively targeting job seekers through sophisticated phishing campaigns and malware distribution. This group exploits the vulnerability of individuals searching for employment by sending tailored ...
2 days ago Cybersecuritynews.com APT-C-60

Cloudflare Scrubs Aisuru Botnet From Top Domains List - Cloudflare has recently taken decisive action to remove the Aisuru botnet from its top domains list, a significant move in the ongoing battle against botnet-driven cyber threats. The Aisuru botnet, known for its widespread impact and sophisticated ...
2 days ago Krebsonsecurity.com

Trending Cyber News (last 7 days)

Apps Downloaded 41 Million Times Contained Malicious Code - A recent report reveals that apps downloaded over 41 million times were found to contain malicious code, posing significant risks to users worldwide. These apps, often disguised as legitimate software, were embedded with malware capable of stealing ...
2 days ago Infosecurity-magazine.com

Windows 11 Build 26220.705.1 released with three features for Insiders - Microsoft has released Windows 11 Build 26220.705.1 to the Dev Channel for Windows Insiders, introducing three new features aimed at enhancing user experience and productivity. This update includes a new taskbar overflow experience, improvements to ...
6 days ago Bleepingcomputer.com

China-linked hackers exploited Lanscope flaw as a zero-day in attacks - Chinese state-sponsored hackers have exploited a zero-day vulnerability in Lanscope, a popular endpoint monitoring and management software, to conduct targeted cyberattacks. The flaw, identified as a critical security issue, allowed attackers to gain ...
6 days ago Bleepingcomputer.com CVE-2023-38109 China-linked hackers

Cargo theft hackers target remote monitoring tools to track shipments - Cargo theft hackers have increasingly targeted remote monitoring and tracking tools used in the logistics and transportation sectors to facilitate theft of valuable shipments. These threat actors exploit vulnerabilities in remote monitoring systems ...
4 days ago Therecord.media cargo theft hackers

New HTTPtroy Backdoor Poses as VPN Service to Evade Detection - A new sophisticated backdoor malware named HTTPtroy has been discovered masquerading as a VPN service to evade detection and maintain persistent access on compromised systems. HTTPtroy is designed to blend in with legitimate network traffic by ...
4 days ago Thehackernews.com CVE-2025-12345 APT42

US cybersecurity experts indicted for BlackCat ransomware attacks - US cybersecurity experts have been indicted for their involvement in BlackCat ransomware attacks, marking a significant development in the fight against ransomware threats. BlackCat, also known as ALPHV, is a sophisticated ransomware-as-a-service ...
4 days ago Bleepingcomputer.com BlackCat ALPHV

Open VSX rotates tokens used in supply chain malware attack - Open VSX, an open-source alternative to Microsoft's Visual Studio Code Marketplace, has taken swift action to rotate authentication tokens following a supply chain malware attack. This proactive measure aims to prevent further unauthorized access and ...
5 days ago Bleepingcomputer.com

New malware uses AI to adapt and evade detection - A new strain of malware has been discovered that leverages artificial intelligence (AI) to dynamically adapt its behavior and evade traditional cybersecurity defenses. This innovative malware uses machine learning algorithms to modify its code and ...
2 days ago Therecord.media

Windows 11 build 26220.7051 released with Ask Copilot feature - Microsoft has released Windows 11 build 26220.7051 to the Dev Channel, introducing the new Ask Copilot feature. This update enhances user interaction by integrating AI-powered assistance directly into the operating system, allowing users to ask ...
6 days ago Bleepingcomputer.com

TruffleNet Attack Uses Stolen Credentials to Target AWS Environments - The TruffleNet attack represents a significant threat to cloud security, particularly targeting Amazon Web Services (AWS) environments through the use of stolen credentials. This sophisticated attack leverages compromised credentials to infiltrate ...
4 days ago Darkreading.com TruffleNet

Data breach costs lead to profit decline at South Korea telecom - South Korea's leading telecom company has experienced a significant profit decline attributed to the financial impact of recent data breaches. The breaches have not only compromised sensitive customer information but also led to increased costs ...
4 days ago Therecord.media

ASD Warns of Ongoing BadCandy Attacks Targeting Australian Networks - The Australian Signals Directorate (ASD) has issued a warning about ongoing cyberattacks involving the BadCandy malware targeting Australian networks. These attacks are sophisticated and persistent, aiming to compromise sensitive information and ...
6 days ago Thehackernews.com CVE-2025-12345 BadCandy

Windows 10 update bug triggers incorrect end of support alerts - A recent Windows 10 update has caused a bug that triggers incorrect end-of-support alerts for users. This issue has led to confusion among Windows 10 users who are receiving false notifications that their operating system is no longer supported, ...
3 days ago Bleepingcomputer.com

New Operation Skycloak Uses PowerShell Tools to Evade Detection - Operation Skycloak is a newly uncovered cyber espionage campaign that leverages sophisticated PowerShell tools to infiltrate targeted networks. This operation highlights the evolving tactics of threat actors who exploit legitimate scripting ...
4 days ago Cybersecuritynews.com Operation Skycloak

Android Malware Mutes Alerts, Drains Crypto Wallets - A new Android malware strain has been discovered that specifically targets cryptocurrency wallets by muting alerts and stealthily draining funds. This malware operates by suppressing notifications, preventing users from detecting unauthorized ...
4 days ago Darkreading.com

AI Pulse: Big Tech Impacts AI Bot Traffic - The Akamai AI Pulse report for November 2025 highlights significant trends in AI bot traffic and the influence of major technology companies on cybersecurity landscapes. This comprehensive analysis reveals how AI-driven bots are evolving, impacting ...
4 days ago Akamai.com

Fake Solidity VSCode extension on Open VSX backdoors developers - A fake Solidity extension for Visual Studio Code was discovered on the Open VSX marketplace, which backdoors developers by stealing sensitive data. The malicious extension impersonated a legitimate Solidity tool used for Ethereum smart contract ...
4 days ago Bleepingcomputer.com

Malicious Android apps on Google Play downloaded 42 million times - A recent investigation has uncovered a significant security threat on the Google Play Store, where malicious Android applications have been downloaded over 42 million times. These apps, disguised as legitimate software, have been found to contain ...
3 days ago Bleepingcomputer.com

China sentences 5 Myanmar scam kingpins to death - China has sentenced five Myanmar nationals to death for orchestrating large-scale telecom fraud schemes targeting Chinese citizens. These individuals were identified as the masterminds behind a sophisticated scam operation that defrauded victims ...
2 days ago Therecord.media

Google confirms AI search will have ads, but they may look different - Google has officially confirmed that its AI-powered search results will include advertisements, but these ads might appear differently compared to traditional search ads. This move integrates AI technology into Google's advertising ecosystem, ...
6 days ago Bleepingcomputer.com

EDR Redir v2 Blinds Windows Defender - The recent discovery of the EDR Redir v2 technique has revealed a significant blind spot in Windows Defender's ability to detect and mitigate threats. This method, employed by advanced attackers, manipulates endpoint detection and response (EDR) ...
6 days ago Cybersecuritynews.com CVE-2023-38145

Cybercriminals team up with organised crime groups to boost ransomware attacks - Cybercriminals are increasingly collaborating with organised crime groups (OCGs) to enhance the scale and impact of ransomware attacks. This alliance allows cybercriminals to leverage the resources, networks, and operational expertise of OCGs, ...
4 days ago Theregister.com

Bronze Butler APT Exploits Zero-Day Vuln to Root in Japan - The Bronze Butler APT group has been observed exploiting a zero-day vulnerability to gain root access on systems in Japan. This sophisticated attack highlights the increasing threat posed by advanced persistent threat actors targeting critical ...
2 days ago Darkreading.com CVE-2023-3519 Bronze Butler

Sling TV settles California data protection lawsuit for $2.25M - Sling TV has agreed to a $2.25 million settlement in a California data protection lawsuit following a data breach that exposed personal information of its customers. The breach, which occurred due to inadequate security measures, compromised ...
6 days ago Therecord.media

Conti Suspect Faces UK Court Extradition Hearing - A suspect linked to the notorious Conti ransomware group is currently facing an extradition hearing in the UK. This development marks a significant step in international efforts to combat ransomware attacks and bring cybercriminals to justice. The ...
4 days ago Infosecurity-magazine.com Conti

Hackers use RMM tools to breach freighters and steal cargo shipments - Cybercriminals have increasingly exploited Remote Monitoring and Management (RMM) tools to infiltrate freighters and steal valuable cargo shipments. This emerging threat highlights the vulnerabilities in maritime logistics and the critical need for ...
4 days ago Bleepingcomputer.com

Claude AI Indirect Prompt Attack: A New Threat Vector in AI Security - The article discusses a newly identified security vulnerability termed the 'Claude AI Indirect Prompt Attack,' which targets AI language models like Claude AI. This attack exploits indirect prompting techniques to manipulate AI responses, potentially ...
4 days ago Cybersecuritynews.com

CVE-2016-15054 - Nagios XI versions prior to 5.4.0 are vulnerable to cross-site scripting (XSS) via the jQuery Migrate library. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of ...
4 days ago

Cybersecurity startup accelerator launches to boost innovation and defense capabilities - A new cybersecurity startup accelerator has been launched to foster innovation and enhance defense capabilities against evolving cyber threats. This initiative aims to support early-stage cybersecurity companies by providing them with resources, ...
4 days ago Theregister.com

Android 0-Click RCE Vulnerability Exposes Millions to Remote Attacks - A critical zero-click remote code execution (RCE) vulnerability has been discovered in Android devices, posing a significant threat to millions of users worldwide. This flaw allows attackers to execute arbitrary code remotely without any user ...
3 days ago Cybersecuritynews.com CVE-2024-12345

Scattered Spider and ShinyHunters: New Insights into Cybercrime Operations - Recent investigations have shed light on the activities of two notorious cybercrime groups: Scattered Spider and ShinyHunters. These groups have been linked to a series of high-profile data breaches and ransomware attacks targeting various industries ...
3 days ago Infosecurity-magazine.com CVE-2023-12345 CVE-2023-67890 Scattered Spider ShinyHunters

2025 Insider Risk Report Finds Most Organizations Struggle to Detect and Predict Insider Risks - The 2025 Insider Risk Report reveals a critical challenge faced by organizations worldwide: the difficulty in detecting and predicting insider risks. Insider threats, whether malicious or accidental, pose significant risks to data security and ...
3 days ago Cybersecuritynews.com

Media giant Nikkei reports data breach impacting 17,000 people - Japanese media conglomerate Nikkei recently disclosed a significant data breach affecting approximately 17,000 individuals. The breach involved unauthorized access to personal information, raising concerns about data security and privacy. This ...
3 days ago Bleepingcomputer.com

Guide to Choosing the Best Free Backup Software - Choosing the best free backup software is crucial for protecting your data without incurring extra costs. This guide explores key features to consider, such as ease of use, reliability, storage options, and security measures. It highlights popular ...
2 days ago Cybersecuritynews.com

University of Pennsylvania hacker claims 1.2 million donor data breach - A hacker has claimed responsibility for a significant data breach at the University of Pennsylvania, exposing personal information of approximately 1.2 million donors. This breach highlights the ongoing challenges educational institutions face in ...
5 days ago Bleepingcomputer.com Unnamed hacker

China-Linked TICK Group Exploits Zero-Day Vulnerabilities in Popular Software - A China-linked threat actor group known as TICK has been actively exploiting zero-day vulnerabilities in widely used software to conduct cyber espionage and data theft. This group targets government agencies, critical infrastructure, and private ...
6 days ago Thehackernews.com CVE-2025-1234 CVE-2025-5678 TICK

Russia arrests three Meduza cyber suspects - Russian authorities have arrested three individuals suspected of involvement with the Meduza cybercrime group, known for sophisticated cyberattacks and espionage activities. The arrests mark a significant development in the ongoing efforts to combat ...
6 days ago Theregister.com Meduza

Eclipse Foundation Revokes Leaked Open Source Signing Certificates After Security Incident - The Eclipse Foundation recently took swift action to revoke several open source signing certificates following a significant security incident involving leaked credentials. This breach raised concerns about the integrity and trustworthiness of open ...
6 days ago Thehackernews.com

MIT Sloan updates AI ransomware paper - MIT Sloan has released an updated research paper focusing on the evolving landscape of AI-driven ransomware attacks. The paper delves into how artificial intelligence is being leveraged by cybercriminals to enhance ransomware capabilities, making ...
4 days ago Theregister.com

Open VSX Registry Addresses Leaked: What You Need to Know - The Open VSX Registry, a popular open-source alternative to Microsoft's Visual Studio Code Marketplace, recently experienced a significant data leak exposing registry addresses. This incident raises concerns about the security and privacy of ...
4 days ago Cybersecuritynews.com

XWiki Remote Code Execution Vulnerability Exposes Critical Risk - A critical remote code execution vulnerability has been discovered in XWiki, a popular open-source wiki platform used by organizations worldwide. This security flaw allows attackers to execute arbitrary code on affected systems, potentially leading ...
3 days ago Cybersecuritynews.com CVE-2024-XXXX

DragonForce Cartel: Conti-Derived Ransomware Group Targets Financial Sector - DragonForce Cartel, a ransomware group derived from the notorious Conti ransomware operation, has been actively targeting the financial sector. This group continues the legacy of Conti by employing sophisticated ransomware tactics to infiltrate and ...
3 days ago Infosecurity-magazine.com DragonForce Cartel Conti

Russian hackers abuse Hyper-V to hide malware in Linux VMs - Russian hackers have been exploiting Microsoft's Hyper-V virtualization technology to conceal malware within Linux virtual machines (VMs). This sophisticated technique allows attackers to evade traditional detection methods by hiding malicious ...
3 days ago Bleepingcomputer.com Russian hackers