Lucene search
+L

20914 matches found

thn
thn
added 2025/10/06 6:1 a.m.10 views

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 CVSS score: 5.4, the vulnerability is a stored cross-site scripting XSS vulnerability in the Classic Web Client...

5.4CVSS7.1AI score0.04241EPSS
Exploits1
thn
thn
added 2025/10/04 2:37 p.m.7 views

CometJacking: One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief

Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky...

7AI score
Exploits0
thn
thn
added 2025/10/04 10:39 a.m.8 views

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Threat intelligence firm GreyNoise disclosed on Friday that it has observed a massive spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highes...

9.9CVSS9.1AI score0.85543EPSS
Exploits1
thn
thn
added 2025/10/03 6:11 p.m.3 views

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called...

8.1AI score
Exploits0
thn
thn
added 2025/10/03 3:58 p.m.5 views

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. "Rhadamanthys was...

6.7AI score
Exploits0
thn
thn
added 2025/10/03 12:2 p.m.7 views

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Brazilian users have emerged as the target of a new self-propagating malware dubbed SORVEPOTEL that spreads via the popular messaging app WhatsApp. The campaign, codenamed Water Saci by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems, adding the atta...

7.2AI score
Exploits0
thn
thn
added 2025/10/03 11:30 a.m.5 views

Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core mechanics. Passwork 7...

6.2AI score
Exploits0
thn
thn
added 2025/10/03 10:30 a.m.5 views

New "Cavalry Werewolf" Attack Hits Russian Agencies with FoalShell and StallionRAT

A threat actor that's known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It's also...

7.8AI score
Exploits0
thn
thn
added 2025/10/03 8:23 a.m.8 views

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, CVE-2025-4008 CVSS score: 8.7, is a case ...

10CVSS9.5AI score0.99679EPSS
Exploits80
thn
thn
added 2025/10/02 2:44 p.m.19 views

Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor. "Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and...

7.2AI score
Exploits0
thn
thn
added 2025/10/02 1:7 p.m.9 views

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Cybersecurity researchers have flagged a malicious package on the Python Package Index PyPI repository that claims to offer the ability to create a SOCKS5 proxy service, while also providing a stealthy backdoor-like functionality to drop additional payloads on Windows systems. The deceptive...

6.3AI score
Exploits0
thn
thn
added 2025/10/02 11:55 a.m.5 views

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Penetration testing is critical to uncovering real-world security weaknesses. With the shift into continuous testing and validation, it is time we automate the delivery of these results. The way results are delivered hasn't kept up with today's fast-moving threat landscape. Too often, findings ar...

7.2AI score
Exploits0
thn
thn
added 2025/10/02 11:30 a.m.19 views

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome's settings t...

10CVSS9.9AI score0.99999EPSS
Exploits61
thn
thn
added 2025/10/02 11:25 a.m.4 views

Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant and Google Threat Intelligence Group GTIG have disclosed that they are tracking a new cluster of activity possibly linked to a financially motivated threat actor known as Cl0p. The malicious activity involves sending extortion emails to executives at various organizations and...

6.7AI score
Exploits0
thn
thn
added 2025/10/02 11:0 a.m.4 views

How to Close Threat Detection Gaps: Your SOC's Action Plan

Running a SOC often feels like drowning in alerts. Every morning, dashboards light up with thousands of signals; some urgent, many irrelevant. The job is to find the real threats fast enough to keep cases from piling up, prevent analyst burnout, and maintain client or leadership confidence. The...

6.9AI score
Exploits0
thn
thn
added 2025/10/02 9:24 a.m.4 views

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Cybersecurity researchers have discovered two Android spyware campaigns dubbed ProSpy and ToSpy that impersonate apps like Signal and ToTok to target users in the United Arab Emirates U.A.E.. Slovak cybersecurity company ESET said the malicious apps are distributed via fake websites and social...

6AI score
Exploits0
thn
thn
added 2025/10/01 5:20 p.m.5 views

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

In yet another piece of research, academics from Georgia Institute of Technology and Purdue University have demonstrated that the security guarantees offered by Intel's Software Guard eXtensions SGX can be bypassed on DDR4 systems to passively decrypt sensitive data. SGX is designed as a hardware...

6.6AI score
Exploits0
thn
thn
added 2025/10/01 1:27 p.m.9 views

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management IAM solution that, if successfully exploited, could expose sensitive OpenID Connect OIDC application client secrets under certain circumstances. The vulnerability, tracked as CVE-2025-5936...

7.7CVSS6.2AI score0.00303EPSS
Exploits0
thn
thn
added 2025/10/01 12:45 p.m.5 views

How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

AI is changing automation—but not always for the better. That's why we're hosting a new webinar, "Workflow Clarity: Where AI Fits in Modern Automation," with Thomas Kinsella, Co-founder & Chief Customer Officer at Tines, to explore how leading teams are cutting through the hype and building...

6.5AI score
Exploits0
thn
thn
added 2025/10/01 12:36 p.m.5 views

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

A severe security flaw has been disclosed in the Red Hat OpenShift AI service that could allow attackers to escalate privileges and take control of the complete infrastructure under certain conditions. OpenShift AI is a platform for managing the lifecycle of predictive and generative artificial...

9.9CVSS6.3AI score0.00697EPSS
Exploits0
thn
thn
added 2025/10/01 11:7 a.m.3 views

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022. French cybersecurity company SEKOIA said the attackers are exploiting the cellular router's API to send...

7.5CVSS6.4AI score0.59342EPSS
Exploits5
thn
thn
added 2025/10/01 11:7 a.m.8 views

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

Bitdefender's 2025 Cybersecurity Assessment Report paints a sobering picture of today's cyber defense landscape: mounting pressure to remain silent after breaches, a gap between leadership and frontline teams, and a growing urgency to shrink the enterprise attack surface. The annual research...

6.5AI score
Exploits0
thn
thn
added 2025/10/01 9:25 a.m.11 views

New Android Banking Trojan "Klopatra" Uses Hidden VNC to Control Infected Smartphones

A previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections reported in Spain and Italy. Italian fraud prevention firm Cleafy, which discovered the sophisticated malware and remote access trojan RAT in late August 2025, sa...

7.4AI score
Exploits0
thn
thn
added 2025/10/01 7:11 a.m.3 views

Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

The Computer Emergency Response Team of Ukraine CERT-UA has warned of new targeted cyber attacks in the country using a backdoor called CABINETRAT. The activity, observed in September 2025, has been attributed to a threat cluster it tracks as UAC-0245. The agency said it spotted the attack...

6.3AI score
Exploits0
thn
thn
added 2025/09/30 6:42 p.m.15 views

New $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors. "We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during...

6.3AI score0.00331EPSS
Exploits0
thn
thn
added 2025/09/30 4:7 p.m.3 views

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of forei...

7.3AI score
Exploits0
thn
thn
added 2025/09/30 1:18 p.m.8 views

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence AI assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft. "They made Gemini vulnerable to search-injection...

6.7AI score
Exploits0
thn
thn
added 2025/09/30 1:0 p.m.5 views

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution SIEM as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it's also releasing a public preview of Sentinel Graph and...

7.3AI score
Exploits0
thn
thn
added 2025/09/30 11:30 a.m.3 views

Stop Alert Chaos: Context Is the Key to Effective Incident Response

The Problem: Legacy SOCs and Endless Alert Noise Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine, analysts scrambling to keep pace. The harder they try to scale people or buy new tools, the faster the chaos multiplies. The problem is n...

6.6AI score
Exploits0
thn
thn
added 2025/09/30 10:57 a.m.10 views

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 CVSS score: 7.8, a local privileg...

7.8CVSS7.7AI score0.0788EPSS
Exploits3
thn
thn
added 2025/09/30 9:20 a.m.6 views

New Android Trojan "Datzbro" Tricking Elderly with AI-Generated Facebook Travel Events

Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover DTO attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August...

6.3AI score
Exploits0
thn
thn
added 2025/09/30 8:33 a.m.8 views

Evolving Enterprise Defense to Secure the Modern AI Supply Chain

The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly into their platforms. Organizations are embracing AI-powered applications across every function, from marketing and...

6.5AI score
Exploits0
thn
thn
added 2025/09/30 8:23 a.m.7 views

U.K. Police Just Seized £5.5 Billion in Bitcoin — The World's Largest Crypto Bust

A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion about $7.39 billion during a raid of her home in London. The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the...

6.7AI score
Exploits0
thn
thn
added 2025/09/30 5:41 a.m.19 views

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

10CVSS8.8AI score0.99614EPSS
Exploits77
thn
thn
added 2025/09/29 4:36 p.m.10 views

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors have been observed using seemingly legitimate artificial intelligence AI tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various...

7.7AI score
Exploits0
thn
thn
added 2025/09/29 12:36 p.m.20 views

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week's roundup gives you the biggest security moves to know. Whether you're protecting key systems...

9.9CVSS7.2AI score0.85543EPSS
Exploits2
thn
thn
added 2025/09/29 11:30 a.m.4 views

The State of AI in the SOC 2025 - Insights from Recent Study 

Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A comprehensive survey of 282 security leaders at companies across industries reveals a stark reality facing modern Security Operations Centers: alert volumes...

6.7AI score
Exploits0
thn
thn
added 2025/09/29 8:52 a.m.6 views

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models LLMs to obfuscate payloads and evade security defenses. "Appearing to be aided by a large language model LLM, the activity...

6.9AI score
Exploits0
thn
thn
added 2025/09/29 8:36 a.m.5 views

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

Cybersecurity researchers have discovered what has been described as the first-ever instance of a malicious Model Context Protocol MCP server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an...

7AI score
Exploits0
thn
thn
added 2025/09/27 12:6 p.m.13 views

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugXaka Korplug or SOGU. "The new variant's features overlap with both the RainyDay and Turian backdoors,...

7.5AI score
Exploits0
thn
thn
added 2025/09/26 4:40 p.m.7 views

Researchers Expose Phishing Threats Distributing CountLoader and PureRAT

A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader , which is then used to drop Amatera Stealer and PureMiner. "The phishing emails contain malicious Scalable Vector Graphics SVG files designed to trick recipients into opening...

6.6AI score
Exploits0
thn
thn
added 2025/09/26 12:45 p.m.3 views

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

The Russian advanced persistent threat APT group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new "lightweight" malware families tracked as BAITSWITCH and SIMPLEFIX. Zscaler ThreatLabz, which detected the new multi-stage ClickFix campai...

7.3AI score
Exploits0
thn
thn
added 2025/09/26 11:22 a.m.5 views

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

Car makers don't trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions. Because design specs don't prove survival. Crash tests do. They separate theory from reality. Cybersecurity is no different. Dashboards overflow with "critical" exposure alerts...

7.1AI score
Exploits0
thn
thn
added 2025/09/26 9:22 a.m.13 views

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

Cybersecurity company watchTowr Labs has disclosed that it has "credible evidence" of active exploitation of the recently disclosed security flaw in Fortra GoAnywhere Managed File Transfer MFT software as early as September 10, 2025, a whole week before it was publicly disclosed. "This is not...

10CVSS9.1AI score0.99614EPSS
Exploits3
thn
thn
added 2025/09/26 9:9 a.m.3 views

New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks. "This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms," the Microsoft Threat...

6.3AI score
Exploits0
thn
thn
added 2025/09/26 5:51 a.m.36 views

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

The U.K. National Cyber Security Centre NCSC has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. "The RayInitiator and LINE...

9.9CVSS8.1AI score0.85543EPSS
Exploits1
thn
thn
added 2025/09/25 6:17 p.m.7 views

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software, which it said have been exploited in the wild. The zero-day vulnerabilities in question are...

9.9CVSS8.6AI score0.85543EPSS
Exploits1
thn
thn
added 2025/09/25 5:24 p.m.11 views

ThreatsDay Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More

Welcome to this week's Threatsday Bulletin —your Thursday check-in on the latest twists and turns in cybersecurity and hacking. The digital threat landscape never stands still. One week it's a critical zero-day, the next it's a wave of phishing lures or a state-backed disinformation push. Each...

9.8CVSS9.7AI score0.99813EPSS
Exploits26
thn
thn
added 2025/09/25 5:22 p.m.6 views

Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

The threat actor known as Vane Viper has been outed as a purveyor of malicious ad technology adtech, while relying on a tangled web of shell companies and opaque ownership structures to deliberately evade responsibility. "Vane Viper has provided core infrastructure in widespread malvertising, ad...

5.7AI score
Exploits0
thn
thn
added 2025/09/25 3:17 p.m.3 views

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence AI agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management CRM tool by means of an indirect promp...

7AI score
Exploits0
Total number of security vulnerabilities20914