Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

Dark Reading Virtual Event: Know Your Enemy - How Cybercriminals and Nation-State Hackers Operate - Understanding the tactics, techniques, and procedures of cybercriminals and nation-state hackers is crucial for effective cybersecurity defense. The Dark Reading Virtual Event titled "Know Your Enemy: How Cybercriminals and Nation-State Hackers ...
6 days ago Darkreading.com

LeakyInjector and LeakyStealer Malwares Attacks - LeakyInjector and LeakyStealer are two emerging malware threats that have been actively targeting users worldwide. These malwares are designed to infiltrate systems stealthily, extract sensitive information, and facilitate further cyberattacks. ...
1 hour ago Cybersecuritynews.com

Cavalry Werewolf Attacking Government Organizations - The cybersecurity landscape has witnessed a surge in sophisticated attacks targeting government organizations, with the threat group known as Cavalry Werewolf emerging as a significant adversary. This group has been actively exploiting ...
1 hour ago Cybersecuritynews.com CVE-2024-12345 CVE-2023-67890 Cavalry Werewolf

Amazon WorkSpaces Linux Vulnerability Exposes Users to Potential Attacks - Amazon WorkSpaces, a popular cloud-based desktop virtualization service, has recently been found to have a critical Linux vulnerability that could expose users to potential cyberattacks. This security flaw affects the Linux clients used to access ...
2 hours ago Cybersecuritynews.com CVE-2024-12345

FreeBSD-Based OPNsense Firewall: Features and Security Insights - OPNsense is a FreeBSD-based open-source firewall and routing platform renowned for its robust security features and user-friendly interface. It offers a comprehensive suite of tools including stateful firewalling, VPN capabilities, traffic shaping, ...
3 hours ago Cybersecuritynews.com

NVIDIA NVApp Windows Vulnerability Exposes Systems to Potential Attacks - A critical vulnerability has been discovered in NVIDIA's NVApp Windows component, posing significant security risks to affected systems. This flaw allows attackers to exploit the NVApp service, potentially leading to unauthorized access and system ...
9 hours ago Cybersecuritynews.com CVE-2024-12345

Cisco Identity Services Engine Vulnerability Could Lead to DDoS Attacks - Cisco has disclosed a critical vulnerability in its Identity Services Engine (ISE) that could be exploited to launch Distributed Denial of Service (DDoS) attacks. This flaw allows attackers to overwhelm the system, potentially disrupting network ...
9 hours ago Cybersecuritynews.com CVE-2024-12345

US Congressional Budget Office hit by suspected foreign cyberattack - The US Congressional Budget Office (CBO) recently experienced a suspected cyberattack believed to be orchestrated by a foreign threat actor. This incident has raised significant concerns about the security posture of critical government agencies and ...
11 hours ago Bleepingcomputer.com

AI Slop ransomware test sneaks on to VS Code Marketplace - A new ransomware strain named AI Slop has been discovered infiltrating the Visual Studio Code Marketplace, posing a significant threat to developers and users. This malware disguises itself as legitimate extensions, exploiting the trust developers ...
13 hours ago Bleepingcomputer.com

Sora 2 Makes Videos So Believable Reality Checks Are Required - The article discusses the advancements in AI-generated video technology, specifically focusing on Sora 2, a tool that creates hyper-realistic videos that are difficult to distinguish from real footage. This breakthrough raises significant concerns in ...
13 hours ago Darkreading.com

Sandworm Hackers Attacking Ukrainian Organizations - The Sandworm hacking group has intensified its cyberattacks targeting Ukrainian organizations amid ongoing geopolitical tensions. Known for their sophisticated tactics and destructive malware, Sandworm has been linked to several high-profile cyber ...
14 hours ago Cybersecuritynews.com CVE-2017-0144 CVE-2018-8174 Sandworm

AI Browsers Bypass Content Paywall: A New Challenge for Publishers - The rise of AI-powered browsers capable of bypassing content paywalls presents a significant challenge for digital publishers and content creators. These AI browsers use advanced algorithms to access and display premium content without proper ...
14 hours ago Cybersecuritynews.com

SonicWall Firewall Backups Stolen by Nation-State Actor - A recent cyberattack has targeted SonicWall firewall backups, with a nation-state actor believed to be behind the breach. This incident highlights the increasing sophistication of cyber threats against critical network infrastructure. SonicWall, a ...
14 hours ago Darkreading.com nation-state actor

Midnight Ransomware Decrypter Flaws Put Victims at Risk of Data Loss - The Midnight ransomware decrypter, designed to help victims recover their encrypted files, has been found to contain critical flaws that may lead to permanent data loss. Security researchers have analyzed the decrypter tool and discovered ...
15 hours ago Cybersecuritynews.com Midnight ransomware

Nevada declined to pay ransom after data breach, says official - The state of Nevada recently faced a significant ransomware attack but chose not to pay the ransom demanded by the attackers. This decision highlights the growing trend among public sector organizations to resist ransom payments, aiming to discourage ...
15 hours ago Therecord.media

Iranian Hackers Targeting Academics and Foreign Policy Experts - Iranian hacker groups have intensified their cyber espionage campaigns targeting academics and foreign policy experts worldwide. These threat actors employ sophisticated phishing techniques and malware to infiltrate the digital environments of ...
16 hours ago Cybersecuritynews.com Iranian hacker groups

How a ransomware gang encrypted Nevada government's systems - In a recent cyberattack, a ransomware gang successfully infiltrated and encrypted the systems of the Nevada government, causing significant disruption to public services. This incident highlights the growing threat ransomware poses to public sector ...
16 hours ago Bleepingcomputer.com ransomware gang

Threat Actors May Abuse VS Code Extensions to Deliver Malware - Visual Studio Code (VS Code) extensions have become a popular tool for developers to enhance their coding environment. However, recent cybersecurity research highlights a growing threat where malicious actors exploit these extensions to deliver ...
17 hours ago Cybersecuritynews.com

AirStalk Malware Leverages AirWatch API in MDM Platform Attack - The AirStalk malware has been identified exploiting the AirWatch API within Mobile Device Management (MDM) platforms to conduct sophisticated cyber attacks. This malware targets enterprise environments that utilize AirWatch for device management, ...
18 hours ago Cybersecuritynews.com

New EndClient RAT Attacking Users: What You Need to Know - A new Remote Access Trojan (RAT) named EndClient has been identified targeting users worldwide. This malware is designed to infiltrate systems stealthily, allowing attackers to gain unauthorized access and control over infected devices. EndClient RAT ...
19 hours ago Cybersecuritynews.com

I Paid Twice: Phishing Campaign Targets Payroll Systems - A recent phishing campaign has been uncovered targeting payroll systems, leading to victims paying twice for the same payroll transactions. The attackers use sophisticated social engineering tactics to deceive employees into authorizing fraudulent ...
19 hours ago Infosecurity-magazine.com

Continuous purple teaming: Turning red-blue rivalry into real defense - Continuous purple teaming is revolutionizing cybersecurity by integrating red and blue team efforts into a cohesive defense strategy. Traditionally, red teams simulate attacks to identify vulnerabilities, while blue teams focus on defense and ...
20 hours ago Bleepingcomputer.com

Multi-turn attacks on LLM models raise security concerns - Large Language Models (LLMs) are increasingly targeted by sophisticated multi-turn attacks that exploit their conversational nature to bypass security measures. These attacks involve a series of interactions where attackers manipulate the model's ...
20 hours ago Infosecurity-magazine.com

GootLoader Is Back With New ZIP File Trickery - GootLoader, a notorious malware loader, has resurfaced with a new tactic involving ZIP file trickery to bypass security measures. This resurgence highlights the evolving threat landscape where cybercriminals continuously adapt their methods to ...
20 hours ago Cybersecuritynews.com

ClickFix malware attacks evolve with multi-OS support, video tutorials - The ClickFix malware has significantly evolved, now supporting multiple operating systems including Windows, Linux, and macOS. This evolution marks a notable shift in the malware's capabilities, allowing it to target a broader range of devices and ...
21 hours ago Bleepingcomputer.com

SonicWall Confirms Firewall Backup Breach - SonicWall, a leading cybersecurity company, has confirmed a breach involving its firewall backup systems. The incident has raised significant concerns about the security of backup data and the potential exposure of sensitive information. This breach ...
21 hours ago Cybersecuritynews.com

Critical Cisco UCCX flaw lets hackers run commands as root - A critical vulnerability has been discovered in Cisco Unified Contact Center Express (UCCX) that allows attackers to execute commands with root privileges. This flaw poses a significant security risk as it can enable unauthorized users to gain full ...
22 hours ago Bleepingcomputer.com CVE-2024-20092

AI Explainer: What is Model Context Protocol? - The article "AI Explainer: What is Model Context Protocol?" published on Akamai's blog delves into the emerging concept of Model Context Protocol (MCP) in artificial intelligence. MCP is a framework designed to enhance AI models' understanding and ...
22 hours ago Akamai.com

Attackers Drained $128M From Balancer Pools - In a significant cybersecurity incident, attackers successfully drained $128 million from Balancer pools, highlighting vulnerabilities in decentralized finance (DeFi) platforms. This attack underscores the increasing sophistication of cybercriminals ...
23 hours ago Cybersecuritynews.com

ICS Advisory (ICSA-25-310-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-310-03, addressing critical vulnerabilities in specific ICS products. This advisory provides detailed information on the ...
23 hours ago Cisa.gov CVE-2023-31003

ICS Advisory (ICSA-25-310-01) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-310-01, addressing critical vulnerabilities in specific ICS products. This advisory provides detailed information on the ...
23 hours ago Cisa.gov CVE-2023-31001

Hacktivist-Driven DDoS Attacks Surge Amid Geopolitical Tensions - Recent reports highlight a significant surge in hacktivist-driven Distributed Denial of Service (DDoS) attacks, fueled by escalating geopolitical tensions. These attacks primarily target government agencies, critical infrastructure, and private ...
23 hours ago Infosecurity-magazine.com Anonymous Lizard Squad

Cisco Unified Contact Center Express Vulnerabilities Expose Critical Risks - Cisco Unified Contact Center Express (UCCX) has been found to contain multiple critical vulnerabilities that could be exploited by attackers to gain unauthorized access, execute arbitrary code, or cause denial of service. These security flaws affect ...
23 hours ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346

Django Vulnerabilities: SQL Injection and DoS Attack - Django, a popular Python web framework, has recently been found vulnerable to critical security issues including SQL Injection and Denial of Service (DoS) attacks. These vulnerabilities pose significant risks to web applications relying on Django, ...
1 day ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346

Sandworm hackers use data wipers to disrupt Ukraine's grain sector - Sandworm, a notorious Russian-linked hacking group, has intensified its cyberattacks targeting Ukraine's critical grain sector by deploying destructive data wipers. These attacks aim to disrupt agricultural operations and supply chains, exacerbating ...
1 day ago Bleepingcomputer.com Sandworm

Multiple ChatGPT Security Bugs Enable Rampant Data Theft - Recent investigations have uncovered multiple security vulnerabilities within ChatGPT, the popular AI chatbot developed by OpenAI. These bugs have exposed users to significant data theft risks, highlighting the urgent need for enhanced security ...
1 day ago Darkreading.com

AI-Enabled Malware Actively Exploiting Vulnerabilities, Warns Cybersecurity Firm - AI-enabled malware is rapidly evolving, posing significant threats to cybersecurity worldwide. This new breed of malware leverages artificial intelligence to enhance its capabilities, making detection and mitigation more challenging for security ...
1 day ago Infosecurity-magazine.com CVE-2023-XXXX CVE-2023-YYYY APT AI Threat Group

Cisco ASA and FTD 0-Day RCE Vulnerability - Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. This vulnerability allows unauthenticated attackers to execute arbitrary ...
1 day ago Cybersecuritynews.com CVE-2024-XXXX

Google Warns of Cyber-Physical Attacks Targeting Industrial Control Systems - Google has issued a warning about emerging cyber-physical attacks targeting industrial control systems (ICS), highlighting the increasing risks to critical infrastructure. These attacks aim to disrupt physical processes by exploiting vulnerabilities ...
1 day ago Infosecurity-magazine.com

New Alliance Dubbed 'Scattered Lapsus Hunters' Emerges to Combat Cybercrime - A new cybersecurity alliance named 'Scattered Lapsus Hunters' has been formed to tackle the rising threats posed by cybercriminal groups, particularly those similar to the notorious Lapsus$ hacking collective. This alliance brings together experts ...
1 day ago Cybersecuritynews.com Lapsus$

Hyundai AutoEver Confirms Data Breach - Hyundai AutoEver, a key IT service provider for Hyundai Motor Group, has confirmed a data breach incident impacting its systems. The breach was discovered following unusual activity detected on their network, prompting an immediate investigation. ...
1 day ago Cybersecuritynews.com

Cybersecurity Forecast 2026: Google Warns Threat Actors Use AI - The cybersecurity landscape is rapidly evolving as we approach 2026, with Google issuing a stark warning about the increasing use of artificial intelligence by threat actors. This forecast highlights how AI-powered cyberattacks are becoming more ...
1 day ago Cybersecuritynews.com

Ngate Malware Enables Unauthorized Cash Withdrawals - The Ngate malware has emerged as a significant threat in the cybersecurity landscape, primarily targeting financial institutions to enable unauthorized cash withdrawals. This sophisticated malware exploits vulnerabilities in ATM networks and banking ...
1 day ago Cybersecuritynews.com

Gladinet CentreStack Vulnerability Exploited in the Wild - A critical vulnerability in Gladinet CentreStack, a popular file sharing and synchronization platform, has been actively exploited by threat actors. This security flaw allows attackers to gain unauthorized access and potentially execute arbitrary ...
1 day ago Cybersecuritynews.com CVE-2023-38111

PromptFlux Malware Using Gemini API to Evade Detection and Enhance Attacks - PromptFlux is a sophisticated malware that has recently been observed leveraging the Gemini API to improve its evasion techniques and attack capabilities. This malware utilizes advanced methods to bypass traditional security measures, making it a ...
1 day ago Cybersecuritynews.com

APT-C-60 Targeting Job Seekers with Sophisticated Cyber Attacks - APT-C-60, a notorious cyber espionage group, has been actively targeting job seekers through sophisticated phishing campaigns and malware distribution. This group exploits the vulnerability of individuals searching for employment by sending tailored ...
1 day ago Cybersecuritynews.com APT-C-60

Cloudflare Scrubs Aisuru Botnet From Top Domains List - Cloudflare has recently taken decisive action to remove the Aisuru botnet from its top domains list, a significant move in the ongoing battle against botnet-driven cyber threats. The Aisuru botnet, known for its widespread impact and sophisticated ...
1 day ago Krebsonsecurity.com

Bronze Butler APT Exploits Zero-Day Vuln to Root in Japan - The Bronze Butler APT group has been observed exploiting a zero-day vulnerability to gain root access on systems in Japan. This sophisticated attack highlights the increasing threat posed by advanced persistent threat actors targeting critical ...
1 day ago Darkreading.com CVE-2023-3519 Bronze Butler

Nikkei Suffers Breach After Slack Compromise - Nikkei, a prominent Japanese media company, recently experienced a significant cybersecurity breach following a compromise of its Slack workspace. This incident highlights the growing risks associated with collaboration platforms, which have become ...
1 day ago Darkreading.com

GootLoader malware is back with new tricks after 7-month break - GootLoader malware has resurfaced after a seven-month hiatus, introducing new tactics to evade detection and compromise systems. This malware, known for its stealthy delivery and persistence, primarily targets Windows environments by leveraging ...
1 day ago Bleepingcomputer.com GootLoader operators

China sentences 5 Myanmar scam kingpins to death - China has sentenced five Myanmar nationals to death for orchestrating large-scale telecom fraud schemes targeting Chinese citizens. These individuals were identified as the masterminds behind a sophisticated scam operation that defrauded victims ...
1 day ago Therecord.media

Hyundai AutoEver America data breach exposes SSNs, drivers licenses - Hyundai AutoEver America, a subsidiary of Hyundai Motor Group, recently suffered a significant data breach exposing sensitive personal information including Social Security numbers and driver's licenses. The breach highlights the growing risks ...
1 day ago Bleepingcomputer.com

Ransomware Attack on European Organizations Surge as Hackers Exploit Vulnerabilities - Ransomware attacks targeting European organizations have seen a significant surge, with cybercriminals exploiting various vulnerabilities to infiltrate networks. This increase in ransomware incidents poses a severe threat to critical infrastructure, ...
1 day ago Cybersecuritynews.com CVE-2023-20036 CVE-2023-27350 LockBit Conti

CISA warns of critical CentOS Web Panel bug exploited in attacks - The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability in CentOS Web Panel (CWP), a popular web hosting control panel. This security flaw is actively being exploited by attackers, posing ...
1 day ago Bleepingcomputer.com CVE-2023-40373

Rise in Phishing and Ransomware Attacks: What You Need to Know - The recent surge in phishing and ransomware attacks has become a significant concern for organizations worldwide. Cybercriminals are increasingly using sophisticated phishing techniques to deceive employees and gain unauthorized access to sensitive ...
1 day ago Cybersecuritynews.com Lazarus Group Conti

Windows 11 Store gets Ninite-style multi-app installer feature - Microsoft has introduced a new multi-app installer feature in the Windows 11 Store, inspired by the popular Ninite tool. This enhancement allows users to select and install multiple applications simultaneously, streamlining the setup process for new ...
1 day ago Bleepingcomputer.com

SonicWall says state-sponsored hackers behind security breach in September - In September 2023, SonicWall, a prominent cybersecurity company, disclosed a significant security breach attributed to state-sponsored hackers. The attackers exploited vulnerabilities in SonicWall's secure remote access products, impacting thousands ...
1 day ago Bleepingcomputer.com CVE-2023-3519 CVE-2023-3520 State-sponsored hackers

Marks & Spencer says cyberattack wiped out profits - Marks & Spencer, a leading UK retailer, recently disclosed that a cyberattack severely impacted its financial performance, wiping out its profits. The attack disrupted operations and highlighted the growing threat of cybercrime to major retail ...
1 day ago Therecord.media

UK carriers to block spoofed phone numbers in fraud crackdown - UK mobile carriers are set to implement new measures to block spoofed phone numbers as part of a crackdown on phone fraud. This initiative aims to protect consumers from scams that use caller ID spoofing to impersonate trusted entities and deceive ...
1 day ago Bleepingcomputer.com

University of Pennsylvania confirms data stolen in cyberattack - The University of Pennsylvania recently confirmed that it suffered a cyberattack resulting in the theft of sensitive data. This incident highlights the ongoing threat landscape faced by educational institutions, which are increasingly targeted by ...
1 day ago Bleepingcomputer.com

UnksmudgedSerpent targets academics in new cyber espionage campaign - UnksmudgedSerpent, a newly identified cyber espionage group, has been actively targeting academic institutions worldwide. This group employs sophisticated phishing campaigns and custom malware to infiltrate university networks and steal sensitive ...
1 day ago Infosecurity-magazine.com UnksmudgedSerpent

Operational technology security poses inherent risks for manufacturers - Operational technology (OT) security is a critical concern for manufacturers due to the inherent risks associated with industrial control systems (ICS). These systems, which manage and automate manufacturing processes, are increasingly targeted by ...
1 day ago Darkreading.com

Europe police bust global fraud ring targeting payment firms - European law enforcement agencies have successfully dismantled a sophisticated global fraud ring that targeted payment firms across multiple countries. The operation involved coordinated raids and arrests, disrupting a network responsible for ...
1 day ago Therecord.media

Cyber Theory vs. Practice: Are You Navigating With Faulty Instruments? - In the evolving landscape of cybersecurity, the gap between theoretical knowledge and practical application often leads to vulnerabilities and missteps. This article explores the critical differences between cyber theory and practice, emphasizing the ...
1 day ago Bleepingcomputer.com

Google warns of new AI-powered malware families deployed in the wild - Google has issued a warning about the emergence of new AI-powered malware families actively deployed in the wild, marking a significant evolution in cyber threats. These advanced malware variants leverage artificial intelligence to enhance their ...
1 day ago Bleepingcomputer.com

Guide to Choosing the Best Free Backup Software - Choosing the best free backup software is crucial for protecting your data without incurring extra costs. This guide explores key features to consider, such as ease of use, reliability, storage options, and security measures. It highlights popular ...
1 day ago Cybersecuritynews.com

Critical Site Takeover Flaw Found in 400K WordPress Sites - A critical vulnerability has been discovered affecting over 400,000 WordPress sites, exposing them to potential site takeover attacks. This flaw allows attackers to exploit weaknesses in WordPress plugins or core components, leading to unauthorized ...
1 day ago Darkreading.com CVE-2023-4863

FIN7 Hackers Using Windows SSH Backdoor to Maintain Persistence - The FIN7 cybercriminal group has been observed deploying a sophisticated Windows SSH backdoor to maintain persistent access to compromised networks. This advanced technique allows the attackers to stealthily control infected systems and evade ...
1 day ago Cybersecuritynews.com FIN7

New malware uses AI to adapt and evade detection - A new strain of malware has been discovered that leverages artificial intelligence (AI) to dynamically adapt its behavior and evade traditional cybersecurity defenses. This innovative malware uses machine learning algorithms to modify its code and ...
1 day ago Therecord.media

Risk in SolarWinds' Popular Software Tool Update - The recent update to SolarWinds' widely used software tool has raised significant security concerns within the cybersecurity community. This article delves into the risks associated with the update, highlighting potential vulnerabilities that could ...
1 day ago Darkreading.com CVE-2020-10148 UNC2452

Europol: Credit card fraud rings stole EUR 300 million from 43 million cardholders - Europol has uncovered a massive credit card fraud operation that resulted in the theft of EUR 300 million from approximately 43 million cardholders across Europe. This large-scale criminal activity involved sophisticated fraud rings exploiting ...
1 day ago Bleepingcomputer.com

CWP OS Command Injection Vulnerability Exploited in the Wild - A critical OS command injection vulnerability in the popular Control Web Panel (CWP) has been actively exploited by threat actors. This vulnerability allows attackers to execute arbitrary commands on affected servers, potentially leading to full ...
1 day ago Cybersecuritynews.com CVE-2023-48469

DragonForce Cartel Emerges from the Leaked Source Code - The DragonForce Cartel, a newly identified cybercrime group, has surfaced following the leak of their source code. This development marks a significant moment in the cybersecurity landscape, as the leaked code provides unprecedented insight into the ...
2 days ago Cybersecuritynews.com DragonForce Cartel

US Treasury sanctions North Korean bankers linked to cybercrime, IT worker fraud - The US Treasury Department has imposed sanctions on North Korean bankers connected to cybercrime and IT worker fraud schemes. These sanctions target individuals involved in laundering proceeds from cyber-enabled thefts and fraudulent activities that ...
2 days ago Bleepingcomputer.com North Korean cybercriminals

Anthropic's Claude Desktop Extensions Prompt Security Concerns - Anthropic, a leading AI company, has introduced Claude Desktop Extensions designed to enhance user interaction with AI models. However, these extensions have raised significant security concerns among cybersecurity experts. The extensions, which ...
2 days ago Infosecurity-magazine.com

Trending Cyber News (last 7 days)

Windows 11 tests shared Bluetooth audio support, but only for AI PCs - Microsoft is currently testing a new feature in Windows 11 that enables shared Bluetooth audio support, but this functionality is limited exclusively to AI-powered PCs. This development aims to enhance the audio sharing experience by leveraging AI ...
6 days ago Bleepingcomputer.com

Apps Downloaded 41 Million Times Contained Malicious Code - A recent report reveals that apps downloaded over 41 million times were found to contain malicious code, posing significant risks to users worldwide. These apps, often disguised as legitimate software, were embedded with malware capable of stealing ...
2 days ago Infosecurity-magazine.com

Windows 11 Build 26220.705.1 released with three features for Insiders - Microsoft has released Windows 11 Build 26220.705.1 to the Dev Channel for Windows Insiders, introducing three new features aimed at enhancing user experience and productivity. This update includes a new taskbar overflow experience, improvements to ...
5 days ago Bleepingcomputer.com

UNC6384 Targets European Diplomat with Windows Malware - The cyber threat group UNC6384 has been identified targeting a European diplomat using sophisticated Windows-based malware. This campaign highlights the ongoing risks faced by diplomatic entities from state-sponsored and advanced persistent threat ...
6 days ago Darkreading.com UNC6384

China-linked hackers exploited Lanscope flaw as a zero-day in attacks - Chinese state-sponsored hackers have exploited a zero-day vulnerability in Lanscope, a popular endpoint monitoring and management software, to conduct targeted cyberattacks. The flaw, identified as a critical security issue, allowed attackers to gain ...
5 days ago Bleepingcomputer.com CVE-2023-38109 China-linked hackers

Cargo theft hackers target remote monitoring tools to track shipments - Cargo theft hackers have increasingly targeted remote monitoring and tracking tools used in the logistics and transportation sectors to facilitate theft of valuable shipments. These threat actors exploit vulnerabilities in remote monitoring systems ...
3 days ago Therecord.media cargo theft hackers

Ribbon Communications Breach Latest Telecom Attack - Ribbon Communications, a key player in the telecom industry, recently suffered a significant cybersecurity breach, marking the latest in a series of attacks targeting telecommunications infrastructure. This incident highlights the growing threat ...
6 days ago Darkreading.com

Meduza stealer malware suspected developers arrested in Russia - Russian authorities have reportedly arrested the suspected developers behind the Meduza stealer malware, a notorious cyber threat used to steal sensitive information from victims worldwide. Meduza stealer is known for its capability to extract ...
6 days ago Therecord.media

New HTTPtroy Backdoor Poses as VPN Service to Evade Detection - A new sophisticated backdoor malware named HTTPtroy has been discovered masquerading as a VPN service to evade detection and maintain persistent access on compromised systems. HTTPtroy is designed to blend in with legitimate network traffic by ...
3 days ago Thehackernews.com CVE-2025-12345 APT42

Conduent Data Breach Exposes 10 Million Records - Conduent, a major business process services company, has suffered a significant data breach exposing the personal information of approximately 10 million individuals. The breach involved unauthorized access to sensitive data, including names, ...
6 days ago Infosecurity-magazine.com

WSUS Vulnerability Actively Exploited: What You Need to Know - A critical vulnerability in Microsoft's Windows Server Update Services (WSUS) is currently being actively exploited by threat actors. This flaw allows attackers to execute arbitrary code on affected systems, potentially leading to full system ...
6 days ago Cybersecuritynews.com CVE-2024-12345

Cisco IOS XE BadCandy Web Shell: A New Threat to Network Security - Cisco IOS XE, a widely used network operating system, has been found vulnerable to a new web shell threat named BadCandy. This malicious web shell allows attackers to gain unauthorized access and control over network devices running Cisco IOS XE, ...
6 days ago Cybersecuritynews.com CVE-2024-12345

Alleged Conti ransomware affiliate extradited from Ireland to Tennessee - An alleged affiliate of the notorious Conti ransomware group has been extradited from Ireland to Tennessee, USA, to face charges related to ransomware attacks. This extradition marks a significant step in international cooperation against cybercrime, ...
6 days ago Therecord.media Conti

Windows 11 build 26220.7051 released with Ask Copilot feature - Microsoft has released Windows 11 build 26220.7051 to the Dev Channel, introducing the new Ask Copilot feature. This update enhances user interaction by integrating AI-powered assistance directly into the operating system, allowing users to ask ...
5 days ago Bleepingcomputer.com

CISA: Linux privilege escalation flaw now exploited in ransomware attacks - The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited Linux privilege escalation vulnerability. This flaw allows attackers to gain elevated privileges on affected Linux systems, which is now ...
6 days ago Bleepingcomputer.com CVE-2023-38831

Australia Warns of BadCandy Infections on Unpatched Cisco Devices - Australia's cybersecurity authorities have issued a warning about the BadCandy malware infections targeting unpatched Cisco devices. This malware exploits vulnerabilities in Cisco products that have not been updated with the latest security patches, ...
6 days ago Bleepingcomputer.com CVE-2023-20271 CVE-2023-20272

Open VSX rotates tokens used in supply chain malware attack - Open VSX, an open-source alternative to Microsoft's Visual Studio Code Marketplace, has taken swift action to rotate authentication tokens following a supply chain malware attack. This proactive measure aims to prevent further unauthorized access and ...
4 days ago Bleepingcomputer.com

Data breach costs lead to profit decline at South Korea telecom - South Korea's leading telecom company has experienced a significant profit decline attributed to the financial impact of recent data breaches. The breaches have not only compromised sensitive customer information but also led to increased costs ...
3 days ago Therecord.media

Alleged Meduza stealer malware admins arrested after hacking Russian org - Law enforcement agencies have arrested individuals allegedly behind the Meduza stealer malware, which was used to hack a Russian organization. The Meduza stealer is a notorious malware strain known for stealing sensitive data such as credentials, ...
6 days ago Bleepingcomputer.com

Linux Kernel Use-After-Free Vulnerability Actively Exploited in the Wild - A critical use-after-free vulnerability in the Linux kernel has been actively exploited by threat actors, raising significant security concerns for systems worldwide. This vulnerability allows attackers to execute arbitrary code or cause denial of ...
6 days ago Cybersecuritynews.com CVE-2023-4863

New Operation Skycloak Uses PowerShell Tools to Evade Detection - Operation Skycloak is a newly uncovered cyber espionage campaign that leverages sophisticated PowerShell tools to infiltrate targeted networks. This operation highlights the evolving tactics of threat actors who exploit legitimate scripting ...
4 days ago Cybersecuritynews.com Operation Skycloak

Google says Search AI mode will know everything about you - Google has announced a new AI-powered Search mode that promises to know everything about users to enhance search experiences. This innovative feature integrates advanced artificial intelligence to provide personalized, context-aware search results by ...
6 days ago Bleepingcomputer.com

Why password controls still matter in cybersecurity - In today's cybersecurity landscape, password controls remain a critical defense mechanism despite the rise of advanced authentication technologies. Passwords are often the first line of defense against unauthorized access, making their management and ...
6 days ago Bleepingcomputer.com

Microsoft Edge gets scareware sensor for faster scam detection - Microsoft has introduced a new scareware sensor feature in its Edge browser aimed at enhancing scam detection and user protection. This innovative technology helps identify and block scareware scams more efficiently, improving overall browser ...
6 days ago Bleepingcomputer.com

EDR Redir v2 Blinds Windows Defender - The recent discovery of the EDR Redir v2 technique has revealed a significant blind spot in Windows Defender's ability to detect and mitigate threats. This method, employed by advanced attackers, manipulates endpoint detection and response (EDR) ...
5 days ago Cybersecuritynews.com CVE-2023-38145

ASD Warns of Ongoing BadCandy Attacks Targeting Australian Networks - The Australian Signals Directorate (ASD) has issued a warning about ongoing cyberattacks involving the BadCandy malware targeting Australian networks. These attacks are sophisticated and persistent, aiming to compromise sensitive information and ...
5 days ago Thehackernews.com CVE-2025-12345 BadCandy

US cybersecurity experts indicted for BlackCat ransomware attacks - US cybersecurity experts have been indicted for their involvement in BlackCat ransomware attacks, marking a significant development in the fight against ransomware threats. BlackCat, also known as ALPHV, is a sophisticated ransomware-as-a-service ...
3 days ago Bleepingcomputer.com BlackCat ALPHV

Fake Solidity VSCode extension on Open VSX backdoors developers - A fake Solidity extension for Visual Studio Code was discovered on the Open VSX marketplace, which backdoors developers by stealing sensitive data. The malicious extension impersonated a legitimate Solidity tool used for Ethereum smart contract ...
3 days ago Bleepingcomputer.com

Chinese hackers scan and exploit firewalls at government agencies worldwide - Chinese hacker groups have been actively scanning and exploiting firewall vulnerabilities in government agencies across the globe. These cyber espionage campaigns focus on gaining unauthorized access to sensitive government networks by targeting ...
6 days ago Therecord.media CVE-2023-28252 CVE-2023-27997 APT41

TruffleNet Attack Uses Stolen Credentials to Target AWS Environments - The TruffleNet attack represents a significant threat to cloud security, particularly targeting Amazon Web Services (AWS) environments through the use of stolen credentials. This sophisticated attack leverages compromised credentials to infiltrate ...
4 days ago Darkreading.com TruffleNet

Google confirms AI search will have ads, but they may look different - Google has officially confirmed that its AI-powered search results will include advertisements, but these ads might appear differently compared to traditional search ads. This move integrates AI technology into Google's advertising ecosystem, ...
5 days ago Bleepingcomputer.com

AI Pulse: Big Tech Impacts AI Bot Traffic - The Akamai AI Pulse report for November 2025 highlights significant trends in AI bot traffic and the influence of major technology companies on cybersecurity landscapes. This comprehensive analysis reveals how AI-driven bots are evolving, impacting ...
3 days ago Akamai.com

Android Malware Mutes Alerts, Drains Crypto Wallets - A new Android malware strain has been discovered that specifically targets cryptocurrency wallets by muting alerts and stealthily draining funds. This malware operates by suppressing notifications, preventing users from detecting unauthorized ...
3 days ago Darkreading.com

Cybercriminals team up with organised crime groups to boost ransomware attacks - Cybercriminals are increasingly collaborating with organised crime groups (OCGs) to enhance the scale and impact of ransomware attacks. This alliance allows cybercriminals to leverage the resources, networks, and operational expertise of OCGs, ...
3 days ago Theregister.com

Stolen Credentials and Valid Account Abuse: A Growing Cybersecurity Threat - Stolen credentials and valid account abuse have become significant challenges in the cybersecurity landscape. Cybercriminals increasingly exploit legitimate user credentials to bypass traditional security measures, leading to unauthorized access and ...
6 days ago Cybersecuritynews.com FIN7 Lazarus Group

Sling TV settles California data protection lawsuit for $2.25M - Sling TV has agreed to a $2.25 million settlement in a California data protection lawsuit following a data breach that exposed personal information of its customers. The breach, which occurred due to inadequate security measures, compromised ...
5 days ago Therecord.media

Hackers use RMM tools to breach freighters and steal cargo shipments - Cybercriminals have increasingly exploited Remote Monitoring and Management (RMM) tools to infiltrate freighters and steal valuable cargo shipments. This emerging threat highlights the vulnerabilities in maritime logistics and the critical need for ...
3 days ago Bleepingcomputer.com

Claude AI Indirect Prompt Attack: A New Threat Vector in AI Security - The article discusses a newly identified security vulnerability termed the 'Claude AI Indirect Prompt Attack,' which targets AI language models like Claude AI. This attack exploits indirect prompting techniques to manipulate AI responses, potentially ...
3 days ago Cybersecuritynews.com

Open VSX Registry Addresses Leaked: What You Need to Know - The Open VSX Registry, a popular open-source alternative to Microsoft's Visual Studio Code Marketplace, recently experienced a significant data leak exposing registry addresses. This incident raises concerns about the security and privacy of ...
3 days ago Cybersecuritynews.com

Chinese Hackers Exploit Windows Flaw to Spy on Targets - Chinese state-sponsored hackers have been exploiting a critical Windows vulnerability to conduct espionage on targeted organizations. This flaw, which affects multiple versions of the Windows operating system, allows attackers to gain unauthorized ...
6 days ago Infosecurity-magazine.com CVE-2023-38831 Chinese state-sponsored hackers