Lucene search
+L

20910 matches found

thn
thn
added 2025/11/13 11:16 a.m.9 views

Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown

Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust. The activity, which took place between November 10 and 13, 2025, marks Please remove image compression the latest phase...

6.7AI score
Exploits0
thn
thn
added 2025/11/13 10:10 a.m.17 views

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They’re building faster defenses,...

6.2AI score
Exploits0
thn
thn
added 2025/11/13 7:23 a.m.10 views

CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-9242 CVSS score: 9.3, an...

9.8CVSS6.9AI score0.90532EPSS
Exploits9
thn
thn
added 2025/11/13 4:58 a.m.8 views

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. "The packages were systematically published over an extended period, flooding the npm...

7AI score
Exploits0
thn
thn
added 2025/11/12 3:48 p.m.9 views

Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York SDNY against China-based hackers who are behind a massive Phishing-as-a-Service PhaaS platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to...

6.1AI score
Exploits0
thn
thn
added 2025/11/12 2:0 p.m.13 views

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine ISE and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. "This discovery highlights t...

10CVSS8.9AI score0.9987EPSS
Exploits18
thn
thn
added 2025/11/12 11:55 a.m.3 views

[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR

Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you're always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News...

6.8AI score
Exploits0
thn
thn
added 2025/11/12 11:7 a.m.7 views

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making ...

7.2AI score
Exploits0
thn
thn
added 2025/11/12 10:21 a.m.13 views

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are relate...

9.8CVSS6.8AI score0.06073EPSS
Exploits6
thn
thn
added 2025/11/12 8:35 a.m.11 views

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence AI queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences,...

7AI score
Exploits0
thn
thn
added 2025/11/11 6:37 p.m.9 views

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and...

7.6AI score
Exploits0
thn
thn
added 2025/11/11 3:44 p.m.5 views

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard...

6.8AI score
Exploits0
thn
thn
added 2025/11/11 11:58 a.m.8 views

CISO's Expert Guide To AI Supply Chain Attacks

AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations. Download the full CISO’s expert guide to AI Supply chain attacks here. TL;DR AI-enabled supply chain attacks are exploding in scale and...

6.9AI score
Exploits0
thn
thn
added 2025/11/11 11:55 a.m.9 views

Npm Package Targeting GitHub-Owned Repositories Flagged as Red Team Exercise

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories. "We think the intent was to have this script execute during a build of a GitHub-owned...

7AI score
Exploits0
thn
thn
added 2025/11/11 11:44 a.m.12 views

Android Trojan 'Fantasy Hub' Malware Service Turns Telegram Into a Hub for Hackers

Cybersecurity researchers have disclosed details of a new Android remote access trojan RAT called Fantasy Hub that's sold on Russian-speaking Telegram channels under a Malware-as-a-Service MaaS model. According to its seller, the malware enables device control and espionage, allowing threat actor...

6.8AI score
Exploits0
thn
thn
added 2025/11/10 8:49 p.m.10 views

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 CVSS score: 9.1, allows an attacker to bypass authentication and...

9.8CVSS10AI score0.93842EPSS
Exploits9
thn
thn
added 2025/11/10 8:29 p.m.6 views

Konni Hackers Turn Google's Find Hub into a Remote Data-Wiping Weapon

The North Korea-affiliated threat actor known as Konni aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. "Attackers impersonated psychological counselors and North Korean...

6.8AI score
Exploits0
thn
thn
added 2025/11/10 12:51 p.m.18 views

⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

Cyber threats didn't slow down last week—and attackers are getting smarter. We're seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that's just the surface. From sleeper logic bombs to a fresh alliance...

9.9CVSS7.3AI score0.95151EPSS
Exploits43
thn
thn
added 2025/11/10 11:58 a.m.6 views

New Browser Security Report Reveals Emerging Threats for Enterprises

According to the new Browser Security Report 2025 , security leaders are discovering that most identity, SaaS, and AI-related risks converge in a single place, the user's browser. Yet traditional controls like DLP, EDR, and SSE still operate one layer too low. What's emerging isn't just a...

7AI score
Exploits0
thn
thn
added 2025/11/10 9:11 a.m.3 views

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying malware like PureRAT. "The attacker's modus operandi involved using a compromised email...

7.4AI score
Exploits0
thn
thn
added 2025/11/10 8:51 a.m.10 views

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code VS Code ecosystem. The extensions in question, which are still available for download, are listed...

6.7AI score
Exploits0
thn
thn
added 2025/11/08 2:29 p.m.19 views

Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic

Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This...

6.4AI score
Exploits0
thn
thn
added 2025/11/07 6:0 p.m.11 views

Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 CVSS score: 8.8, an out-of-bounds write flaw i...

9.8CVSS7.9AI score0.19972EPSS
Exploits13
thn
thn
added 2025/11/07 4:7 p.m.27 views

From Log4j to IIS, China's Hackers Turn Legacy Bugs into Global Espionage Tools

A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. entities that are linked to or involved in policy issues. The organization, according to a report...

10CVSS9AI score0.99999EPSS
Exploits500
thn
thn
added 2025/11/07 11:55 a.m.21 views

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation

A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems. According to software supply chain security company Socket, the packages were published in 2023 and 2024 by a user named...

7.7AI score
Exploits0
thn
thn
added 2025/11/07 10:30 a.m.6 views

Enterprise Credentials at Risk – Same Old, Same Old?

Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made a big mistake. Sarah just accidentally handed over...

6.9AI score
Exploits0
thn
thn
added 2025/11/07 9:15 a.m.5 views

Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts

Google on Thursday said it's rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to tackle a common...

6.6AI score
Exploits0
thn
thn
added 2025/11/07 6:48 a.m.9 views

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code VS Code extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the extension "susvsex,"...

7AI score
Exploits0
thn
thn
added 2025/11/06 3:31 p.m.7 views

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense , describing it as...

8.8CVSS7.4AI score0.80906EPSS
Exploits35
thn
thn
added 2025/11/06 2:58 p.m.11 views

Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362

Cisco on Wednesday disclosed that it became aware of a new attack variant that's designed to target devices running Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software releases that are susceptible to CVE-2025-20333 and...

9.9CVSS8.1AI score0.85543EPSS
Exploits1
thn
thn
added 2025/11/06 11:59 a.m.3 views

From Tabletop to Turnkey: Building Cyber Resilience in Financial Services

Introduction Financial institutions are facing a new reality: cyber-resilience has passed from being a best practice to an operational necessity to a prescriptive regulatory requirement. Crisis management or Tabletop exercises, for a long time relatively rare in the context of cybersecurity, have...

5.9AI score
Exploits0
thn
thn
added 2025/11/06 11:40 a.m.12 views

ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More

Cybercrime has stopped being a problem of just the internet — it's becoming a problem of the real world. Online scams now fund organized crime, hackers rent violence like a service, and even trusted apps or social platforms are turning into attack vectors. The result is a global system where ever...

9.8CVSS9.4AI score0.14294EPSS
Exploits0
thn
thn
added 2025/11/06 10:43 a.m.8 views

Bitdefender Named a Representative Vendor in the 2025 Gartner® Market Guide for Managed Detection and Response

Bitdefender has once again been recognized as a Representative Vendor in the Gartner® Market Guide for Managed Detection and Response MDR — marking the fourth consecutive year of inclusion. According to Gartner, more than 600 providers globally claim to deliver MDR services, yet only a select few...

6.9AI score
Exploits0
thn
thn
added 2025/11/06 7:22 a.m.15 views

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to depl...

7.6AI score
Exploits0
thn
thn
added 2025/11/06 5:40 a.m.7 views

SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach

SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files. "The malicious activity – carried out by a state-sponsored threat actor – was isolated to the unauthorized access o...

6.4AI score
Exploits0
thn
thn
added 2025/11/05 3:33 p.m.11 views

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script VB Script malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence AI model API to write its own source code for improved obfuscation and evasion. "PROMPTFLUX is writte...

8.3AI score
Exploits0
thn
thn
added 2025/11/05 2:4 p.m.6 views

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence AI chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge. The seven vulnerabilities and...

8.8CVSS6.4AI score0.00473EPSS
Exploits0
thn
thn
added 2025/11/05 11:55 a.m.7 views

Securing the Open Android Ecosystem with Samsung Knox

Raise your hand if you've heard the myth, "Android isn't secure." Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security—after all, work data is critical. However, outdated concerns can hold your business back from unlocking i...

6.7AI score
Exploits0
thn
thn
added 2025/11/05 11:20 a.m.4 views

Mysterious 'SmudgedSerpent' Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions

A never-before-seen threat activity cluster codenamed UNKSmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. "UNKSmudgedSerpent...

6.8AI score
Exploits0
thn
thn
added 2025/11/05 10:55 a.m.3 views

U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud

The U.S. Treasury Department on Tuesday imposed sanctions against eight individuals and two entities within North Korea's global financial network for laundering money for various illicit schemes, including cybercrime and information technology IT worker fraud. "North Korean state-sponsored hacke...

6.8AI score
Exploits0
thn
thn
added 2025/11/05 10:30 a.m.7 views

Why SOC Burnout Can Be Avoided: Practical Steps

Behind every alert is an analyst; tired eyes scanning dashboards, long nights spent on false positives, and the constant fear of missing something big. It's no surprise that many SOCs face burnout before they face their next breach. But this doesn't have to be the norm. The path out isn't through...

6.8AI score
Exploits0
thn
thn
added 2025/11/05 6:12 a.m.10 views

CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting Gladinet and Control Web Panel CWP to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below ...

9.8CVSS8.9AI score0.99589EPSS
Exploits8
thn
thn
added 2025/11/04 5:25 p.m.4 views

A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025. "Since its debut, the group's Telegram channels have been removed and recreated at least 16 times under varying...

7.1AI score
Exploits0
thn
thn
added 2025/11/04 3:57 p.m.8 views

European Authorities Dismantle €600 Million Crypto Fraud Network in Global Sweep

Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of €600 million $688 million. According to a statement released by Eurojust today, the action took place between October 27 and ...

6.6AI score
Exploits0
thn
thn
added 2025/11/04 2:24 p.m.10 views

Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks

Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system OS commands under certain conditions. "The vulnerability allows remote unauthenticated attackers to easily...

9.8CVSS8.2AI score0.62378EPSS
Exploits5
thn
thn
added 2025/11/04 2:0 p.m.6 views

Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed

Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities "allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications,"...

6.5CVSS6.7AI score0.16084EPSS
Exploits0
thn
thn
added 2025/11/04 11:6 a.m.15 views

Ransomware Defense Using the Wazuh Open Source Platform

Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide. A ransomwar...

7.5AI score
Exploits0
thn
thn
added 2025/11/04 10:49 a.m.5 views

Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors

Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus. According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised host...

7.5AI score
Exploits0
thn
thn
added 2025/11/04 8:10 a.m.6 views

Google's AI 'Big Sleep' Finds 5 New Vulnerabilities in Apple's Safari WebKit

Google's artificial intelligence AI-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory...

9.8CVSS7.6AI score0.73495EPSS
Exploits3
thn
thn
added 2025/11/04 7:45 a.m.5 views

U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat aka ALPHV ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator aka "Co-Conspirator 1" based ...

6.8AI score
Exploits0
Total number of security vulnerabilities20910