Lucene search
+L

20913 matches found

thn
thn
added 2025/10/24 7:0 a.m.12 views

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code VS Code extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks. The sophisticated threat, codenamed...

7.3AI score
Exploits0
thn
thn
added 2025/10/23 3:29 p.m.8 views

North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets

Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job. "Some of these companies are heavily involved in the unmanned aerial vehicle UAV sector...

6.8AI score
Exploits0
thn
thn
added 2025/10/23 11:55 a.m.6 views

Secure AI at Scale and Speed — Learn the Framework in this Free Webinar

AI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you're in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you're left trying to manage a growing web of AI agents you didn't create,...

6.9AI score
Exploits0
thn
thn
added 2025/10/23 11:30 a.m.6 views

ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More

Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week’s ThreatsDay highlights show...

6.8CVSS8.9AI score0.00446EPSS
Exploits0
thn
thn
added 2025/10/23 11:0 a.m.7 views

Why Organizations Are Abandoning Static Secrets for Managed Identities

As machine identities explode across cloud environments, enterprises report dramatic productivity gains from eliminating static credentials. And only legacy systems remain the weak link. For decades, organizations have relied on static secrets, such as API keys, passwords, and tokens, as unique...

6.6AI score
Exploits0
thn
thn
added 2025/10/23 7:52 a.m.8 views

'Jingle Thief' Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. "Jingle Thief attackers use phishing and smishing to steal...

6.6AI score
Exploits0
thn
thn
added 2025/10/23 5:47 a.m.7 views

Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw

E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours. The vulnerability in...

9.8CVSS9.8AI score0.99994EPSS
Exploits35
thn
thn
added 2025/10/23 5:37 a.m.5 views

Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities KEV catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2025-61932 CVSS v4...

9.8CVSS9.3AI score0.02689EPSS
Exploits0
thn
thn
added 2025/10/22 5:21 p.m.9 views

Iran-Linked MuddyWater Targets 100+ Organizations in Global Espionage Campaign

The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa MENA region, including over 100 government entities. The...

7AI score
Exploits0
thn
thn
added 2025/10/22 4:55 p.m.7 views

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine's war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control C2. The activity, which took place o...

7.1AI score
Exploits0
thn
thn
added 2025/10/22 12:56 p.m.17 views

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025. Also targeted were government departments in an African country, as well as...

9.8CVSS9.7AI score0.99979EPSS
Exploits45
thn
thn
added 2025/10/22 11:55 a.m.12 views

Bridging the Remediation Gap: Introducing Pentera Resolve

From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels...

6.7AI score
Exploits0
thn
thn
added 2025/10/22 11:43 a.m.4 views

Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys

Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims' cryptocurrency wallet keys. The package, Netherеum.All, has been found to harbor...

6.6AI score
Exploits0
thn
thn
added 2025/10/22 9:26 a.m.13 views

Why You Should Swap Passwords for Passphrases

The advice didn't change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods. But more recent guidance shows our focus should be on password length, rather than complexity. Length is...

6.8AI score
Exploits0
thn
thn
added 2025/10/22 8:58 a.m.6 views

Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware

Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron , according to findings from Kaspersky. The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it...

8.3AI score
Exploits0
thn
thn
added 2025/10/22 7:5 a.m.5 views

TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution

Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 CVSS score: 8.1, has been...

8.1CVSS9AI score0.00688EPSS
Exploits1
thn
thn
added 2025/10/22 4:38 a.m.10 views

TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution

TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution. The vulnerabilities in question are listed below - CVE-2025-6541 CVSS score: 8.6 - An operating system command injection...

9.3CVSS8.4AI score0.02171EPSS
Exploits1
thn
thn
added 2025/10/21 3:3 p.m.8 views

Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams

Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from givin...

6.7AI score
Exploits0
thn
thn
added 2025/10/21 1:47 p.m.6 views

PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign

Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeting routers from Cisco, ASUS, QNAP, and Synology with the goal of corralling them into a network for ...

7.2CVSS6.5AI score0.54107EPSS
Exploits0
thn
thn
added 2025/10/21 11:0 a.m.10 views

Securing AI to Benefit from AI

Artificial intelligence AI holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can't match. But realizing that potential...

7.4AI score
Exploits0
thn
thn
added 2025/10/21 7:29 a.m.12 views

Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers

A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased "operations tempo" from the threat actor. The findings come from Google Threat Intelligence Group GTIG, which said the...

6.4AI score
Exploits0
thn
thn
added 2025/10/21 7:23 a.m.12 views

Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network

A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler...

7AI score
Exploits0
thn
thn
added 2025/10/20 7:0 p.m.19 views

Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws to its Known Exploited Vulnerabilities KEV Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite EBS has been weaponized in real-world attacks. The...

9.8CVSS10AI score0.99722EPSS
Exploits28
thn
thn
added 2025/10/20 12:27 p.m.60 views

⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More

It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn't just patching fast, but watching smarter and staying alert for what you don't...

10CVSS7.8AI score0.65838EPSS
Exploits15
thn
thn
added 2025/10/20 11:55 a.m.8 views

Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches

ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches. ClickFix attacks prompt the user to solve some kind of problem or challenge in the browser — most commonly a CAPTCHA, bu...

7.3AI score
Exploits0
thn
thn
added 2025/10/20 10:47 a.m.12 views

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign

Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to...

6.8AI score
Exploits0
thn
thn
added 2025/10/20 5:32 a.m.4 views

MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems

China on Sunday accused the U.S. National Security Agency NSA of carrying out a "premeditated" cyber attack targeting the National Time Service Center NTSC, as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State Security MSS, in a...

6.8AI score
Exploits0
thn
thn
added 2025/10/19 6:13 a.m.12 views

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service CaaS platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud. The coordinated law enforcement effort, dubbed Operation...

7AI score
Exploits0
thn
thn
added 2025/10/18 11:41 a.m.8 views

New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs

Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP...

6.9AI score
Exploits0
thn
thn
added 2025/10/18 6:51 a.m.9 views

Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT

The threat actors behind a malware family known as Winos 4.0 aka ValleyRAT have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan RAT tracked as HoldingHands RAT aka Gh0stBins. "The campaign relied on phishing emails with PDFs...

8AI score
Exploits0
thn
thn
added 2025/10/17 1:33 p.m.8 views

North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset. That's according to new findings from Cisco Talos, which said recent...

6.9AI score
Exploits0
thn
thn
added 2025/10/17 11:0 a.m.4 views

Identity Security: Your First and Last Line of Defense

The danger isn't that AI agents have bad days — it's that they never do. They execute faithfully, even when what they're executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe. This isn't some dystopian fantasy—it's Tuesday at the offi...

6.7AI score
Exploits0
thn
thn
added 2025/10/17 9:25 a.m.8 views

Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices

Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The vulnerability, tracked as CVE-2025-9242 CVSS score: 9.3, is described as an out-of-bounds write...

9.8CVSS9.9AI score0.8637EPSS
Exploits3
thn
thn
added 2025/10/17 6:3 a.m.6 views

Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign

Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were "used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy...

7.1AI score
Exploits0
thn
thn
added 2025/10/16 2:56 p.m.9 views

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

A threat actor with ties to the Democratic People's Republic of Korea aka North Korea has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been...

7.5AI score
Exploits0
thn
thn
added 2025/10/16 2:52 p.m.14 views

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic AMOS, Lumma, Rhadamanthys aka RADTHIEF, and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is...

6.9AI score
Exploits0
thn
thn
added 2025/10/16 2:28 p.m.15 views

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services AWS-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro , according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF extended Berkeley...

9.8CVSS9AI score0.99999EPSS
Exploits46
thn
thn
added 2025/10/16 11:55 a.m.5 views

Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform

Scaling the SOC with AI - Why now? Security Operations Centers SOCs are under unprecedented pressure. According to SACR's AI-SOC Market Landscape 2025 , the average organization now faces around 960 alerts per day , while large enterprises manage more than 3,000 alerts daily from an average of 28...

6.2AI score
Exploits0
thn
thn
added 2025/10/16 11:38 a.m.9 views

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks

Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems. The activity, codenamed Operation Zero Disco by Trend Micro, involves the...

10CVSS9.8AI score0.98975EPSS
Exploits13
thn
thn
added 2025/10/16 10:50 a.m.4 views

Beware the Hidden Costs of Pen Testing

Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results. The benefits of pen testing are clear. By...

6.7AI score
Exploits0
thn
thn
added 2025/10/16 9:14 a.m.6 views

ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it's become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don't always break systems anymore — they use...

7CVSS7.2AI score0.0462EPSS
Exploits0
thn
thn
added 2025/10/16 4:26 a.m.8 views

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 CVSS score:...

10CVSS9.7AI score0.87515EPSS
Exploits8
thn
thn
added 2025/10/15 5:28 p.m.10 views

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group's expansion to the country beyond Southeast Asia and South America. The activity, which took place from January to May 2025, has been attributed ...

6.8AI score
Exploits0
thn
thn
added 2025/10/15 4:6 p.m.7 views

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP's source code and information related to undisclosed vulnerabilities in the product. It attributed the activity to a "highly sophisticated...

6.7AI score
Exploits0
thn
thn
added 2025/10/15 2:16 p.m.16 views

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code VS Code extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk. "A leaked VS Code Marketplace or Open VSX PAT personal access token allow...

7.4AI score
Exploits0
thn
thn
added 2025/10/15 11:30 a.m.7 views

How Attackers Bypass Synced Passkeys

TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure...

5.9AI score
Exploits0
thn
thn
added 2025/10/15 9:23 a.m.30 views

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the...

9.9CVSS9.4AI score0.99962EPSS
Exploits32
thn
thn
added 2025/10/15 6:50 a.m.9 views

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixne t remote terminal unit RTU products that, if successfully exploited, could result in code execution with the highest privileges. The shortcomings, tracked as CVE-2023-40151 andCVE-2023-42770 , are both...

10CVSS9AI score0.01149EPSS
Exploits0
thn
thn
added 2025/10/15 6:16 a.m.6 views

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 CVSS score: 9.3, relates to improper input...

9.3CVSS8.8AI score0.05991EPSS
Exploits3
thn
thn
added 2025/10/15 5:36 a.m.8 views

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a...

10CVSS7.3AI score0.02882EPSS
Exploits1
Total number of security vulnerabilities20913