Lucene search
+L

20914 matches found

thn
thn
added 2025/09/16 2:19 p.m.4 views

SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids

A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228 countries and territories. "These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashou...

6.8AI score
Exploits0
thn
thn
added 2025/09/16 12:33 p.m.5 views

New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site

Cybersecurity researchers have warned of a new campaign that's leveraging a variant of the FileFix social engineering tactic to deliver the StealC information stealer malware. "The observed campaign uses a highly convincing, multilingual phishing site e.g., fake Facebook Security page, with...

6.2AI score
Exploits0
thn
thn
added 2025/09/16 11:6 a.m.14 views

Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack

Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 CVSS score: 8.8, an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a...

10CVSS7.5AI score0.19972EPSS
Exploits18
thn
thn
added 2025/09/16 11:0 a.m.4 views

Securing the Agentic Era: Introducing Astrix's AI Agent Control Plane

AI agents are rapidly becoming a core part of the enterprise, being embedded across enterprise workflows, operating with autonomy, and making decisions about which systems to access and how to use them. But as agents grow in power and autonomy, so do the risks and threats. Recent studies show 80%...

7AI score
Exploits0
thn
thn
added 2025/09/16 7:27 a.m.8 views

Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds

A team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 DDR5 memory chips from South Korean semiconductor vendor SK Hynix. The RowHammer attack variant, codenamed Phoenix CVE-2025-6202, CVSS score: 7.1, is capable of bypassing...

7.1CVSS7.1AI score0.00291EPSS
Exploits1
thn
thn
added 2025/09/16 5:0 a.m.10 views

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers. "The compromised versions include a function NpmModule.updatePackage that downloads a package tarball, modifies...

6.5AI score
Exploits0
thn
thn
added 2025/09/15 6:45 p.m.4 views

Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs

The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk. "The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor," IBM X-Force...

7.4AI score
Exploits0
thn
thn
added 2025/09/15 11:55 a.m.11 views

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we'll explore what a "browser-based attack" is, and why they're proving to be so effective. What is a browser-based attack? First, it's important to establish what a browser-based...

7.2AI score
Exploits0
thn
thn
added 2025/09/15 11:22 a.m.27 views

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust and ensure business continuity. This week, we saw a clear pattern: adversaries are targeting the complex relationships that hold businesses together, from suppl...

10CVSS9AI score0.96742EPSS
Exploits15
thn
thn
added 2025/09/15 7:12 a.m.7 views

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns

A new artificial intelligence AI-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index PyPI repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes. Dubbed Villager, the framewor...

6.6AI score
Exploits0
thn
thn
added 2025/09/15 5:47 a.m.6 views

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are the target of a search engine optimization SEO poisoning campaign that uses fake software sites to distribute malware. "The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites," Fortinet...

7.6AI score
Exploits0
thn
thn
added 2025/09/13 9:4 a.m.14 views

FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks

The U.S. Federal Bureau of Investigation FBI has issued a flash alert to release indicators of compromise IoCs associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for orchestrating a string of data theft and extortion attacks. "Both groups have recently been observed targeting...

6.8AI score
Exploits0
thn
thn
added 2025/09/12 3:16 p.m.14 views

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks. The vulnerability, CVE-2025-21043 CVSS score: 8.8, concerns an out-of-bounds write that could result in arbitrary code execution...

8.8CVSS8.2AI score0.01435EPSS
Exploits12
thn
thn
added 2025/09/12 2:49 p.m.3 views

Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms

Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France CERT-FR. The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county...

8.8CVSS7.1AI score0.19972EPSS
Exploits9
thn
thn
added 2025/09/12 11:50 a.m.8 views

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface UEFI systems using a now-patched vulnerabilit...

8.2CVSS7.5AI score0.05979EPSS
Exploits2
thn
thn
added 2025/09/12 11:3 a.m.8 views

Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a critical security flaw impacting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management MOM software to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The...

9CVSS7.3AI score0.89706EPSS
Exploits1
thn
thn
added 2025/09/12 8:0 a.m.5 views

Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage

The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default for modern enterprises, accelerating delivery but also expanding the attack surface in ways traditional security models can't keep ...

7.1AI score
Exploits0
thn
thn
added 2025/09/12 4:49 a.m.16 views

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

A security weakness has been disclosed in the artificial intelligence AI-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an out-of-the-box security setting is disabled by default,...

9.3CVSS8.3AI score0.00735EPSS
Exploits3
thn
thn
added 2025/09/11 3:3 p.m.2 views

Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity

Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity C2PA standard out of the box to verify the origin and history of digital content. To that end, support for C2PA's Content Credentials has been added to Pixel Camera and...

6.2AI score
Exploits0
thn
thn
added 2025/09/11 2:51 p.m.3 views

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence

U.S. Senator Ron Wyden has called on the Federal Trade Commission FTC to probe Microsoft and hold it responsible for what he called "gross cybersecurity negligence" that enabled ransomware attacks on U.S. critical infrastructure, including against healthcare networks. "Without timely action,...

6.5AI score
Exploits0
thn
thn
added 2025/09/11 10:33 a.m.5 views

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers

Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access. Cybersecurity firm Rapid7 said it observed a spike in intrusions involving SonicWall appliances over the past month, particularly following reports about renewed Akira ransomwar...

9.8CVSS9.6AI score0.15593EPSS
Exploits0
thn
thn
added 2025/09/11 10:33 a.m.3 views

Cracking the Boardroom Code: Helping CISOs Speak the Language of Business

CISOs know their field. They understand the threat landscape. They understand how to build a strong and cost-effective security stack. They understand how to staff out their organization. They understand the intricacies of compliance. They understand what it takes to reduce risk. Yet one question...

6.8AI score
Exploits0
thn
thn
added 2025/09/11 9:5 a.m.7 views

Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts

Cybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions using malicious ads and fake websites to steal sensitive data. The malvertising campaign, per Bitdefender, is designed to push fake "Meta Verified" browser extensions named SocialMetrics Pro that...

6.9AI score
Exploits0
thn
thn
added 2025/09/11 6:2 a.m.7 views

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto

Cybersecurity researchers have disclosed details of a new campaign that leverages ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management RMM software, to deliver a fleshless loader that drops a remote access trojan RAT called AsyncRAT to steal sensitive data from compromised...

7.1AI score
Exploits0
thn
thn
added 2025/09/10 3:46 p.m.14 views

Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems

An advanced persistent threat APT group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme. "This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious...

7.3AI score
Exploits0
thn
thn
added 2025/09/10 1:4 p.m.20 views

CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan RAT named ZynorRAT that can target both Windows and Linux systems. According to an analysis from Jamf Threat Labs, ChillyHell is writt...

7.4AI score
Exploits0
thn
thn
added 2025/09/10 11:14 a.m.15 views

Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs

Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been...

10CVSS8.4AI score0.32908EPSS
Exploits7
thn
thn
added 2025/09/10 10:21 a.m.5 views

Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety

Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement MIE that's built into its newly introduced iPhone models, including iPhone 17 and iPhone Air. MIE, per the tech giant, offers "always-on memory safety protection" across critical attack surfaces such as the kerne...

7.2AI score
Exploits0
thn
thn
added 2025/09/10 9:25 a.m.5 views

The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services

Introduction Managed service providers MSPs and managed security service providers MSSPs are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance requirements. At the same time, clients want better protection without...

6.8AI score
Exploits0
thn
thn
added 2025/09/10 8:0 a.m.8 views

Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises

Phishing-as-a-Service PhaaS platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA , a phishing kit designed to bypass multiple two-factor authentication methods and slip past traditiona...

7.5AI score
Exploits0
thn
thn
added 2025/09/10 7:53 a.m.7 views

China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations

The House Select Committee on China has formally issued an advisory warning of an "ongoing" series of highly targeted cyber espionage campaigns linked to the People's Republic of China PRC amid contentious U.S.–China trade talks. "These campaigns seek to compromise organizations and individuals...

6.6AI score
Exploits0
thn
thn
added 2025/09/10 1:8 a.m.7 views

Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts

Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if successfully exploited, could allow attackers to take control of customer accounts. The vulnerability, tracked as CVE-2025-54236 aka SessionReaper, carries a CVSS score of 9.1 out of a maximum ...

9.1CVSS8.3AI score0.96742EPSS
Exploits9
thn
thn
added 2025/09/10 1:3 a.m.15 views

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws

SAP on Tuesday released security updates to address multiple security flaws, including three critical vulnerabilities in SAP Netweaver that could result in code execution and the upload arbitrary files. The vulnerabilities are listed below - CVE-2025-42944 CVSS score: 10.0 - A deserialization...

10CVSS8.5AI score0.02882EPSS
Exploits1
thn
thn
added 2025/09/09 2:14 p.m.5 views

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241% from June to August 2025, dwarfin...

6.8AI score
Exploits0
thn
thn
added 2025/09/09 11:53 a.m.7 views

RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities

A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication NFC relay attacks to a sophisticated remote access trojan with Automated Transfer System ATS capabilities to conduct device fraud. "RatOn merges traditional overlay attacks with automat...

7AI score
Exploits0
thn
thn
added 2025/09/09 10:37 a.m.6 views

[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them

⚠️ One click is all it takes. An engineer spins up an "experimental" AI Agent to test a workflow. A business unit connects to automate reporting. A cloud platform quietly enables a new agent behind the scenes. Individually, they look harmless. But together, they form an invisible swarm of Shadow A...

6.8AI score
Exploits0
thn
thn
added 2025/09/09 10:27 a.m.6 views

From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks

Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT. The phishing attack incorporates a number of advanced evasion techniques to gain complete control over compromised systems, siphon...

6.8AI score
Exploits0
thn
thn
added 2025/09/09 10:26 a.m.4 views

How Leading CISOs are Getting Budget Approval

It's budget season. Once again, security is being questioned, scrutinized, or deprioritized. If you're a CISO or security leader, you've likely found yourself explaining why your program matters, why a given tool or headcount is essential, and how the next breach is one blind spot away. But these...

6.8AI score
Exploits0
thn
thn
added 2025/09/09 10:2 a.m.9 views

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs. Akamai, which discovered the latest activity last month, said it's designed to block other actors from accessing the Docker API...

7.4AI score
Exploits0
thn
thn
added 2025/09/09 6:13 a.m.9 views

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon aka Qix, who received an email message that mimicked npm "[email protected]", urging them to update their update...

7.2AI score
Exploits0
thn
thn
added 2025/09/09 12:27 a.m.5 views

45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage

Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. "The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming...

9.8CVSS9.7AI score0.86956EPSS
Exploits3
thn
thn
added 2025/09/08 3:26 p.m.6 views

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through...

6.6AI score
Exploits0
thn
thn
added 2025/09/08 3:2 p.m.2 views

GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms

Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the late...

6AI score
Exploits0
thn
thn
added 2025/09/08 10:2 a.m.34 views

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it's knowing which risks matter most right now. That's what this digest is here for: a clear, simple...

9.9CVSS9.5AI score0.99301EPSS
Exploits84
thn
thn
added 2025/09/08 9:20 a.m.4 views

You Didn't Get Phished — You Onboarded the Attacker

When Attackers Get Hired: Today's New Identity Crisis What if the star engineer you just hired isn't actually an employee, but an attacker in disguise? This isn't phishing; it's infiltration by onboarding. Meet "Jordan from Colorado," who has a strong resume, convincing references, a clean...

6.5AI score
Exploits0
thn
thn
added 2025/09/06 3:13 p.m.4 views

Noisy Bear Campaign Targeting Kazakhstan Energy Sector Outed as a Planned Phishing Test

A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April...

6.7AI score
Exploits0
thn
thn
added 2025/09/06 6:42 a.m.6 views

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating...

7.4AI score
Exploits0
thn
thn
added 2025/09/05 4:8 p.m.8 views

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Federal Civilian Executive Branch FCEB agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-53690 , carries a CVSS score of 9.0 ou...

9.8CVSS10AI score0.93842EPSS
Exploits9
thn
thn
added 2025/09/05 2:7 p.m.14 views

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

The threat actor behind the malware-as-a-service MaaS framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. "Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executin...

7.1AI score
Exploits0
thn
thn
added 2025/09/05 10:59 a.m.10 views

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning ERP software, has come under active exploitation in the wild. The command injection vulnerability, tracked as CVE-2025-42957 CVSS score: 9.9, was fixed by SAP as part of its monthly updates last month. "SAP...

9.9CVSS7.7AI score0.01553EPSS
Exploits0
Total number of security vulnerabilities20914