Lucene search
+L

20914 matches found

thn
thn
added 2025/09/25 1:14 p.m.4 views

North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers

The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor. Slovak cybersecurity firm ESET, which is tracking the activity under the name...

7.1AI score
Exploits0
thn
thn
added 2025/09/25 11:49 a.m.3 views

CTEM's Core: Prioritization and Validation

Despite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why? It's not because security teams can't see enough. Quite the contrary. Every security tool spits out thousands of findings. Patch this. Block...

6.7AI score
Exploits0
thn
thn
added 2025/09/25 11:30 a.m.5 views

Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with longer durations,...

6.6AI score
Exploits0
thn
thn
added 2025/09/25 7:59 a.m.5 views

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fastlog to steal Solana and Ethereum wallet keys from source code. The crates, named fasterlog and asyncprintln, were published by the threat actor under the alias rustguruman and...

7.2AI score
Exploits0
thn
thn
added 2025/09/25 6:30 a.m.13 views

Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software

Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service DoS condition under specific circumstances. The company said the vulnerability, CVE-2025-20352 CVSS score: 7.7, has bee...

7.7CVSS8AI score0.37613EPSS
Exploits1
thn
thn
added 2025/09/24 4:36 p.m.13 views

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking...

10CVSS9.3AI score0.99999EPSS
Exploits94
thn
thn
added 2025/09/24 2:33 p.m.7 views

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

Companies in the legal services, software-as-a-service SaaS providers, Business Process Outsourcers BPOs, and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity, attributed to UNC52...

9.1CVSS10AI score0.99999EPSS
Exploits23
thn
thn
added 2025/09/24 1:55 p.m.4 views

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence AI model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered by Trend Micro, ar...

9.4CVSS8AI score0.03736EPSS
Exploits0
thn
thn
added 2025/09/24 11:58 a.m.5 views

How One Bad Password Ended a 158-Year-Old Business

Most businesses don't make it past their fifth birthday - studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group formerly Knights of Old celebrated more than a century and a half of operations, it had mastered the art of survival. For 158...

7AI score
Exploits0
thn
thn
added 2025/09/24 11:28 a.m.2 views

New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus

Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share "significant" source code overlaps with IcedID and Latrodectus. "The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and Iced...

7.9AI score
Exploits0
thn
thn
added 2025/09/24 11:3 a.m.12 views

iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here...

6.8AI score
Exploits0
thn
thn
added 2025/09/24 7:15 a.m.8 views

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services AWS Instance Metadata Service IMDS. The vulnerability in question is CVE-2025-51591 CVSS score: 6.5,...

7.2CVSS7.1AI score0.90072EPSS
Exploits4
thn
thn
added 2025/09/24 6:24 a.m.3 views

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

Libraesva has released a security update to address a vulnerability in its Email Security Gateway ESG solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689 , carries a CVSS score of 6.1, indicating medium severity. "Libraesva ESG i...

6.1CVSS8AI score0.01929EPSS
Exploits0
thn
thn
added 2025/09/23 6:0 p.m.6 views

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller BMC firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity...

7.2CVSS7.7AI score0.00511EPSS
Exploits0
thn
thn
added 2025/09/23 5:13 p.m.5 views

Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries

Law enforcement authorities in Europe have arrested five suspects in connection with an "elaborate" online investment fraud scheme that stole more than €100 million $118 million from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated action saw searches ...

6.5AI score
Exploits0
thn
thn
added 2025/09/23 3:48 p.m.3 views

U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN

The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security. "This protective intelligence investigation led to the discovery ...

6.8AI score
Exploits0
thn
thn
added 2025/09/23 12:46 p.m.5 views

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 CVSS score: 9.8, has been described ...

9.8CVSS8.8AI score0.8833EPSS
Exploits1
thn
thn
added 2025/09/23 11:30 a.m.5 views

Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation

Big companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over five years, Bank of America has shed 88,000 employees since 2010, and Verizon's CEO recently boasted that headcount is "going down all the time." What was once a sign of...

7.1AI score
Exploits0
thn
thn
added 2025/09/23 11:26 a.m.4 views

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service DDoS attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web...

7AI score
Exploits0
thn
thn
added 2025/09/23 9:20 a.m.3 views

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub on Monday announced that it will be changing its authentication and publishing options "in the near future" in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack. This includes steps to address threats posed by token abuse and...

6.7AI score
Exploits0
thn
thn
added 2025/09/23 8:13 a.m.2 views

BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

Cybersecurity researchers are calling attention to a search engine optimization SEO poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed...

6.4AI score
Exploits0
thn
thn
added 2025/09/22 3:40 p.m.6 views

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade...

6.7AI score
Exploits0
thn
thn
added 2025/09/22 11:47 a.m.22 views

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

The security landscape now moves at a pace no patch cycle can match. Attackers aren't waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for...

10CVSS8.8AI score0.99614EPSS
Exploits24
thn
thn
added 2025/09/22 11:0 a.m.4 views

How to Gain Control of AI Agents and Non-Human Identities

We hear this a lot: "We've got hundreds of service accounts and AI agents running in the background. We didn't create most of them. We don't know who owns them. How are we supposed to secure them?" Every enterprise today runs on more than users. Behind the scenes, thousands of non-human identitie...

7.1AI score
Exploits0
thn
thn
added 2025/09/22 5:47 a.m.7 views

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

A critical token validation failure in Microsoft Entra ID previously Azure Active Directory could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241 , has been assigned the maximum CVSS score of 10.0. It...

10CVSS8.7AI score0.07448EPSS
Exploits0
thn
thn
added 2025/09/21 10:56 a.m.9 views

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams

Threat actors with ties to the Democratic People's Republic of Korea aka DPRK or North Korea have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in...

6.7AI score
Exploits0
thn
thn
added 2025/09/20 7:7 a.m.8 views

LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer

LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. "In the case of LastPass, the fraudulent repositories redirected potential victims to a...

6.9AI score
Exploits0
thn
thn
added 2025/09/20 5:48 a.m.9 views

Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model LLM capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 202...

9.3CVSS7.1AI score0.99374EPSS
Exploits62
thn
thn
added 2025/09/20 5:31 a.m.6 views

ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent

Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT's Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following...

6.1AI score
Exploits0
thn
thn
added 2025/09/19 4:6 p.m.6 views

UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is...

7AI score
Exploits0
thn
thn
added 2025/09/19 2:26 p.m.3 views

SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers

A proxy network known as REM Proxy is powered by malware known as SystemBC , offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. "REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a...

6.8AI score
Exploits0
thn
thn
added 2025/09/19 2:12 p.m.8 views

Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer MFT software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035 , carries a CVSS score of 10.0, indicating maximum severity. "A deserialization...

10CVSS7.5AI score0.99999EPSS
Exploits23
thn
thn
added 2025/09/19 2:2 p.m.4 views

17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge

The phishing-as-a-service PhaaS offerings known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service PhaaS deployments have risen significantly recently," Netcraft said in a new report. "The PhaaS operators...

6.4AI score
Exploits0
thn
thn
added 2025/09/19 11:0 a.m.4 views

How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform's Community Edition. The workflow we are highlighting...

7.1AI score
Exploits0
thn
thn
added 2025/09/19 8:24 a.m.3 views

Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine

Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla...

7.1AI score
Exploits0
thn
thn
added 2025/09/19 7:5 a.m.2 views

U.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber Attack

Law enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London TfL, the city's public transportation agency. Thalha Jubair aka EarthtoStar,...

7AI score
Exploits0
thn
thn
added 2025/09/19 4:10 a.m.13 views

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of two sets of malware that were discovered in an unnamed organization's network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile EPMM. "Each set contains loaders for maliciou...

8.8CVSS9AI score0.99899EPSS
Exploits10
thn
thn
added 2025/09/18 2:12 p.m.5 views

SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers

SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts. The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat...

9.8CVSS6.6AI score0.15593EPSS
Exploits0
thn
thn
added 2025/09/18 12:56 p.m.6 views

CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT. "CountLoader is being used either as par...

7.4AI score
Exploits0
thn
thn
added 2025/09/18 11:38 a.m.4 views

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index PyPI repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. "SilentSync is capable of remote command execution, file exfiltration, and screen capturing,"...

7.5AI score
Exploits0
thn
thn
added 2025/09/18 11:30 a.m.6 views

How CISOs Can Drive Effective AI Governance

AI's growing role in enterprise environments has heightened the urgency for Chief Information Security Officers CISOs to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations...

7AI score
Exploits0
thn
thn
added 2025/09/18 5:49 a.m.17 views

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day vulnerability in question is CVE-2025-10585 , which has been described as a type confusion issue in the V8 JavaScript a...

8.8CVSS7.1AI score0.09185EPSS
Exploits15
thn
thn
added 2025/09/17 6:30 p.m.7 views

TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks

The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans RATs like Venom RAT to breach hotels in Brazil and Spanish-speaking markets. Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluste...

9.3CVSS7.5AI score0.99933EPSS
Exploits29
thn
thn
added 2025/09/17 12:56 p.m.4 views

From Quantum Hacks to AI Defenses – Expert Guide to Building Unbreakable Cyber Resilience

Quantum computing and AI working together will bring incredible opportunities. Together, the technologies will help us extend innovation further and faster than ever before. But, imagine the flip side, waking up to news that hackers have used a quantum computer to crack your company's encryption...

6.7AI score
Exploits0
thn
thn
added 2025/09/17 12:56 p.m.6 views

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures. "In this activity, the group masqueraded as the current Chair of the Select Committee on...

7.5AI score
Exploits0
thn
thn
added 2025/09/17 11:3 a.m.2 views

Rethinking AI Data Security: A Buyer's Guide 

Generative AI has gone from a curiosity to a cornerstone of enterprise productivity in just a few short years. From copilots embedded in office suites to dedicated large language model LLM platforms, employees now rely on these tools to code, analyze, draft, and decide. But for CISOs and security...

6.8AI score
Exploits0
thn
thn
added 2025/09/17 8:49 a.m.5 views

Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims

Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going "dark." Threat intelligence firm ReliaQuest said it has observed indications that the threat actor ha...

9.8CVSS8.4AI score0.96284EPSS
Exploits5
thn
thn
added 2025/09/17 6:20 a.m.4 views

DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM

The U.S. Department of Justice DoJ on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material CSAM. Conor Brian Fitzpatrick aka Pompompurin, 22, of Peekskill, New...

6.8AI score
Exploits0
thn
thn
added 2025/09/17 4:31 a.m.8 views

RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains

Microsoft's Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365 , a financially motivated threat group that was behind a phishing-as-a-service Phaas toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries sin...

7AI score
Exploits0
thn
thn
added 2025/09/16 4:23 p.m.9 views

Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover

Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments. "Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the...

9.8CVSS8.7AI score0.03269EPSS
Exploits4
Total number of security vulnerabilities20914