Lucene search
+L

20915 matches found

thn
thn
added 2025/08/05 4:26 p.m.9 views

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs. "Like a real-world virus variant, this new 'ClickFix ' strain...

7.2AI score
Exploits0
thn
thn
added 2025/08/05 1:59 p.m.8 views

Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 CVSS score: 8.6 and CVE-2025-27038 CVSS score: 7.5, both of which were disclose...

8.6CVSS10AI score0.00831EPSS
Exploits4
thn
thn
added 2025/08/05 1:1 p.m.6 views

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence AI-powered code editor Cursor that could result in remote code execution. The vulnerability, tracked as CVE-2025-54136 CVSS score: 7.2, has been codenamed MCPoison by Check Point Research, owing ...

7.2CVSS8AI score0.07598EPSS
Exploits2
thn
thn
added 2025/08/05 11:25 a.m.8 views

Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks

In SaaS security conversations, "misconfiguration" and "vulnerability" are often used interchangeably. But they're not the same thing. And misunderstanding that distinction can quietly create real exposure. This confusion isn't just semantics. It reflects a deeper misunderstanding of the shared...

6.9AI score
Exploits0
thn
thn
added 2025/08/05 10:0 a.m.8 views

How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents

Why do SOC teams still drown in alerts even after spending big on security tools? False positives pile up, stealthy threats slip through, and critical incidents get buried in the noise. Top CISOs have realized the solution isn't adding more and more tools to SOC workflows but giving analysts the...

7.4AI score
Exploits0
thn
thn
added 2025/08/05 7:27 a.m.9 views

15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign

Cybersecurity researchers have lifted the veil on a widespread malicious campaign that's targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps. "Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that...

7AI score
Exploits0
thn
thn
added 2025/08/05 5:18 a.m.7 views

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025. "Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents...

7.8AI score
Exploits0
thn
thn
added 2025/08/04 4:6 p.m.7 views

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence AI models at scale, could be exploited to take over susceptible servers. "When chained together, these flaws can potentially allow a remot...

8.2AI score0.02555EPSS
Exploits0
thn
thn
added 2025/08/04 1:58 p.m.12 views

Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally

Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based...

7AI score
Exploits0
thn
thn
added 2025/08/04 11:55 a.m.26 views

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

Malware isn't just trying to hide anymore—it's trying to belong. We're seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build...

9.8CVSS8.1AI score0.56063EPSS
Exploits13
thn
thn
added 2025/08/04 11:0 a.m.11 views

Man-in-the-Middle Attack Prevention Guide

Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle MITM attacks, where criminals exploit weaknesses in...

7AI score
Exploits0
thn
thn
added 2025/08/04 10:51 a.m.25 views

New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. "The implant is built as a malicious PAM Pluggable Authentication Module, enabling attackers to silently bypass system authentication and gain persistent S...

7.8AI score
Exploits0
thn
thn
added 2025/08/04 9:30 a.m.7 views

The Wild West of Shadow IT

Everyone's an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don't need to clear it with your team first. It's great for productivity, but it's a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT...

6.9AI score
Exploits0
thn
thn
added 2025/08/04 6:19 a.m.5 views

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

Cybersecurity researchers have discovered a nascent Android remote access trojan RAT called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. "The botnet's rapid growth, which now exceeds 2,000 new infections per week, ...

7.5AI score
Exploits0
thn
thn
added 2025/08/02 4:30 p.m.20 views

CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign

Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical...

7.8CVSS8.3AI score0.99295EPSS
Exploits310
thn
thn
added 2025/08/02 6:56 a.m.14 views

Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices

SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. "In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall...

7.7AI score
Exploits0
thn
thn
added 2025/08/01 3:31 p.m.17 views

Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection

Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence AI code editor, that could result in remote code execution RCE. The vulnerability, tracked as CVE-2025-54135 CVSS score: 8.6, has been addressed in version 1.3 released...

8.9AI score0.01708EPSS
Exploits0
thn
thn
added 2025/08/01 1:2 p.m.20 views

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. "The fake Microsoft 365 applications impersonate various companies,...

7.7AI score
Exploits0
thn
thn
added 2025/08/01 12:20 p.m.11 views

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence AI and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performan...

7.2AI score
Exploits0
thn
thn
added 2025/08/01 11:0 a.m.7 views

You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them

Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on...

7AI score
Exploits0
thn
thn
added 2025/08/01 8:44 a.m.19 views

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control C2 framework called AK47 C2 also spelled ak47c2 in its operations. The framework includes at least two different types of clients, HTTP-based...

8.8CVSS7.9AI score0.99907EPSS
Exploits9
thn
thn
added 2025/07/31 5:12 p.m.14 views

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle AitM attack at the Internet Service Provider ISP level and delivering a custom malware...

7AI score
Exploits0
thn
thn
added 2025/07/31 3:49 p.m.21 views

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. "Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs...

7.1AI score
Exploits0
thn
thn
added 2025/07/31 1:47 p.m.7 views

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. "Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering...

7.8AI score
Exploits0
thn
thn
added 2025/07/31 10:17 a.m.7 views

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine ATM infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack. The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry P...

6.8AI score
Exploits0
thn
thn
added 2025/07/31 10:0 a.m.6 views

Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs

Security Operations Centers SOCs are stretched to their limits. Log volumes are surging, threat landscapes are growing more complex, and security teams are chronically understaffed. Analysts face a daily battle with alert noise, fragmented tools, and incomplete data visibility. At the same time,...

7.6AI score
Exploits0
thn
thn
added 2025/07/31 6:53 a.m.12 views

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394 , carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and...

9.8CVSS8.3AI score0.47809EPSS
Exploits3
thn
thn
added 2025/07/30 4:21 p.m.22 views

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript JSC malware called JSCEAL that can capture data such as credentials and wallets. The activity leverages thousands of malicious advertisements...

7.4AI score
Exploits0
thn
thn
added 2025/07/30 4:11 p.m.6 views

FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant

Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. "Because the ransomware is now considered dead, we released the decryptor for public download," Gen Digital researcher Ladislav Zezula said. FunkSec,...

6.6AI score
Exploits0
thn
thn
added 2025/07/30 1:3 p.m.5 views

Product Walkthrough: A Look Inside Pillar's AI Security Platform

In this article, we will provide a brief overview of Pillar Security's platform to better understand how they are tackling AI security challenges. Pillar Security is building a platform to cover the entire software development and deployment lifecycle with the goal of providing trust in AI system...

7.3AI score
Exploits0
thn
thn
added 2025/07/30 1:2 p.m.13 views

Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome

Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google said was exploited as a zero-day in the Chrome web browser earlier this month. The vulnerability, tracked as CVE-2025-6558 CVSS score: 8.8, is an incorrect validation of...

8.8CVSS6.9AI score0.09185EPSS
Exploits0
thn
thn
added 2025/07/30 1:1 p.m.12 views

Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits

Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left unaddressed, could allow attackers to hijack control of susceptible devices. "The flaws, affecting the device's ONVIF protocol and file upload handlers, allow...

8.1CVSS8.7AI score0.00835EPSS
Exploits1
thn
thn
added 2025/07/30 11:39 a.m.11 views

Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools

Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon aka Hafnium have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber contracting ecosystem and its offensive capabilities. The patents cover forensics and intrusion tools...

7AI score
Exploits0
thn
thn
added 2025/07/30 9:21 a.m.3 views

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Google has announced that it's making a security feature called Device Bound Session Credentials DBSC in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a devic...

6.6AI score
Exploits0
thn
thn
added 2025/07/30 7:50 a.m.17 views

Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware

Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. "Over the course of three days, a threat actor gained access to the customer's network, attempted to downlo...

10CVSS8.2AI score0.99406EPSS
Exploits18
thn
thn
added 2025/07/30 6:15 a.m.6 views

Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure

Google Cloud's Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of the lull to shore up their defenses. "Since the recent arrests tied to the alleged Scattered Spider...

7.6AI score
Exploits0
thn
thn
added 2025/07/29 3:38 p.m.18 views

Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44

Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44 that could allow unauthorized access to private applications built by its users. "The vulnerability we discovered was remarkably simple to exploit -- by providing only a...

8.1AI score
Exploits0
thn
thn
added 2025/07/29 2:27 p.m.12 views

PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain

The maintainers of the Python Package Index PyPI repository have issued a warning about an ongoing phishing attack that's targeting users in an attempt to redirect them to fake PyPI sites. The attack involves sending email messages bearing the subject line "PyPI Email verification" that are sent...

7.1AI score
Exploits0
thn
thn
added 2025/07/29 1:25 p.m.4 views

Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims

A newly emerged ransomware-as-a-service RaaS gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter's dark web infrastructure has been the subject of a law enforcement seizure. Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware...

6.9AI score
Exploits0
thn
thn
added 2025/07/29 11:25 a.m.13 views

How the Browser Became the Main Cyber Battleground

Until recently, the cyber attacker methodology behind the biggest breaches of the last decade or so has been pretty consistent: Compromise an endpoint via software exploit, or social engineering a user to run malware on their device; Find ways to move laterally inside the network and compromise...

7.5AI score
Exploits0
thn
thn
added 2025/07/29 11:10 a.m.7 views

Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia's Mobile Networks

Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that's targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car service apps to steal sensitive personal data. The cross-platform threat has been codenamed SarangTrap by...

7.5AI score
Exploits0
thn
thn
added 2025/07/29 10:0 a.m.3 views

Why React Didn't Kill XSS: The New JavaScript Injection Playbook

React conquered XSS? Think again. That's the reality facing JavaScript developers in 2025, where attackers have quietly evolved their injection techniques to exploit everything from prototype pollution to AI-generated code, bypassing the very frameworks designed to keep applications secure. Full...

7.1AI score
Exploits0
thn
thn
added 2025/07/29 4:51 a.m.10 views

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability, tracke...

8.8CVSS9.1AI score0.29246EPSS
Exploits1
thn
thn
added 2025/07/28 5:31 p.m.10 views

Toptal GitHub Breach Exposes 73 Repositories and Injects Malware into 10 npm Packages

In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry. The packages contained code to exfiltrate GitHub authentication tokens...

7.9AI score
Exploits0
thn
thn
added 2025/07/28 12:13 p.m.33 views

⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More

Some risks don't breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight. This week, the clearest threats weren't the loudest—they were the most legitimate-looking. In an environment where identity, trust, and tooling are all...

10CVSS9.5AI score0.99907EPSS
Exploits55
thn
thn
added 2025/07/28 11:25 a.m.11 views

Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach

Picture this: you've hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate mailbox—the front door for most attackers—is still guarded by what is effectively a 1990s-era filter. This isn't a balanced approach. Email remains a prima...

7AI score
Exploits0
thn
thn
added 2025/07/28 6:19 a.m.5 views

Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure

The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. "The group's core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven...

8AI score
Exploits0
thn
thn
added 2025/07/28 4:12 a.m.10 views

Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide

Cybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium's Niagara Framework that could allow an attacker on the same network to compromise the system under certain circumstances. "These vulnerabilities are fully exploitable if a Niagara system is...

9.8CVSS8.2AI score0.07416EPSS
Exploits0
thn
thn
added 2025/07/25 3:5 p.m.10 views

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm

The U.S. Department of the Treasury's Office of Foreign Assets Control OFAC sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology IT worker scheme designed to generate illicit revenues for Pyongyang. The...

7AI score
Exploits0
thn
thn
added 2025/07/25 2:15 p.m.4 views

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a five-stage execution chain delivered via malicious LNK files disguised as conference invitation...

7.3AI score
Exploits0
Total number of security vulnerabilities20915