• Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
    Wednesday, July 16, 2025 from THN : The Hacker News
    Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. Matanbuchus is the name given to a malware-as-a-service...
  • Co-op chief ‘incredibly sorry’ for theft of 6.5m members’ data
    Wednesday, July 16, 2025 from ComputerWeekly: IT security
    Co-op chief executive Shirine Khoury-Haq has revealed that all the personal data of all 6.5 million of its members was compromised in the April 2025 cyber attack on its systems.
  • UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
    Wednesday, July 16, 2025 from THN : The Hacker News
    A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating...
  • Scattered Spider playbook evolving fast, says Microsoft
    Wednesday, July 16, 2025 from ComputerWeekly: IT security
    Microsoft warns users over notable evolutions in Scattered Spider's attack playbook, and beefs up some of the defensive capabilities it offers to customers in response.
  • Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access
    Wednesday, July 16, 2025 from THN : The Hacker News
    Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. "The flaw can result in high-impact attacks, enabling cross-domain...
  • AI Agents Act Like Employees With Root Access—Here's How to Regain Control
    Wednesday, July 16, 2025 from THN : The Hacker News
    The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app, but it behaves more like a junior employee with root access and no manager. From Hype...
  • Forrester urges IT leaders to dump technical debt
    Wednesday, July 16, 2025 from ComputerWeekly: IT security
    IT needs to invest in innovative technologies and outsource legacy IT management to tackle volatile global markets, says Forrester
  • New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
    Wednesday, July 16, 2025 from THN : The Hacker News
    Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach essentially involves a scenario...
  • Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time
    Wednesday, July 16, 2025 from THN : The Hacker News
    Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized. It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and...
  • Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
    Wednesday, July 16, 2025 from THN : The Hacker News
    Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has...
  • Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
    Wednesday, July 16, 2025 from THN : The Hacker News
    Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The...
  • Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors
    Tuesday, July 15, 2025 from THN : The Hacker News
    Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. "Overall, in Q2 2025,...
  • Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
    Tuesday, July 15, 2025 from THN : The Hacker News
    Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early...
  • Current approaches to patching unsustainable, report says
    Tuesday, July 15, 2025 from ComputerWeekly: IT security
    Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report
  • MoD cyber breach put thousands of Afghan lives at risk
    Tuesday, July 15, 2025 from ComputerWeekly: IT security
    More than 18,000 Afghan citizens eligible to relocate to the UK under a government programme to protect them from the Taliban were put at risk in a heretofore unreportable data breach
  • State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments
    Tuesday, July 15, 2025 from THN : The Hacker News
    Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto...
  • Securing Agentic AI: How to Protect the Invisible Identity Access
    Tuesday, July 15, 2025 from THN : The Hacker News
    AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service...
  • AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
    Tuesday, July 15, 2025 from THN : The Hacker News
    Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT...
  • NCSC sets up Vulnerability Research Initiative
    Tuesday, July 15, 2025 from ComputerWeekly: IT security
    The NCSC is expanding its vulnerability research project to draw in external expertise
  • What is cybersecurity?
    Tuesday, July 15, 2025 from ComputerWeekly: IT security
    Cybersecurity is the practice of protecting systems, networks and data from digital threats.
  • What is supply chain risk management (SCRM)?
    Tuesday, July 15, 2025 from ComputerWeekly: IT security
    Supply chain risk management (SCRM) is the coordinated efforts of an organization to help identify, monitor, detect and mitigate threats to supply chain continuity and profitability.
  • North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
    Tuesday, July 15, 2025 from THN : The Hacker News
    The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via...
  • The Unusual Suspect: Git Repos
    Monday, July 14, 2025 from THN : The Hacker News
    While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the...
  • New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries
    Monday, July 14, 2025 from THN : The Hacker News
    Threat actors behind the Interlock ransomware group have unleashed a new PHP variant of its bespoke remote access trojan (RAT) as part of a widespread campaign using a variant of ClickFix called FileFix. "Since May 2025, activity related...
  • ⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
    Monday, July 14, 2025 from THN : The Hacker News
    In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind...
  • Brits clinging to Windows 10 face heightened risk, says NCSC
    Monday, July 14, 2025 from ComputerWeekly: IT security
    Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC
  • Luxury retailer LVMH says UK customer data was stolen in cyber attack
    Monday, July 14, 2025 from ComputerWeekly: IT security
    French luxury goods retailer LVMH has disclosed multiple cyber attacks in 2025 so far, and their impact is now spreading to the UK as a new incident affecting Louis Vuitton comes to light
  • Technology fuels successful FCA fight against unauthorised financial services
    Monday, July 14, 2025 from ComputerWeekly: IT security
    The UK finance regulator is using data and technology to identify websites and apps that could cause financial harm
  • CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
    Monday, July 14, 2025 from THN : The Hacker News
    India's Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out "sophisticated" tech support scams targeting citizens of Australia...
  • eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
    Monday, July 14, 2025 from THN : The Hacker News
    Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish...
  • Assessing the risk of AI in enterprise IT
    Monday, July 14, 2025 from ComputerWeekly: IT security
    We speak to security experts about how IT departments and security leaders can ensure they run artificial intelligence systems safely and securely
  • GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
    Saturday, July 12, 2025 from THN : The Hacker News
    NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). "Risk of successful exploitation from...
  • Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
    Saturday, July 12, 2025 from THN : The Hacker News
    Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. "Laravel's APP_KEY, essential for encrypting...
  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
    Friday, July 11, 2025 from THN : The Hacker News
    Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a...
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
    Friday, July 11, 2025 from THN : The Hacker News
    Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy's BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors....
  • MoD supply chain cyber scheme gets up and running
    Friday, July 11, 2025 from ComputerWeekly: IT security
    The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance.
  • Securing Data in the AI Era
    Friday, July 11, 2025 from THN : The Hacker News
    The 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools. Adopting a unified, AI-driven approach to data security can help. As businesses increasingly rely on cloud-driven platforms and...
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
    Friday, July 11, 2025 from THN : The Hacker News
    A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of...
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
    Friday, July 11, 2025 from THN : The Hacker News
    An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts to cybercriminals who launch attacks against Israel and the U.S. The...
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
    Friday, July 11, 2025 from THN : The Hacker News
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the...
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
    Thursday, July 10, 2025 from THN : The Hacker News
    Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands. The vulnerability, tracked as CVE-2025-6514, carries...
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
    Thursday, July 10, 2025 from THN : The Hacker News
    Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems. "These malicious...
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
    Thursday, July 10, 2025 from THN : The Hacker News
    The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men...
  • Government funding to help SMEs protect their IP
    Thursday, July 10, 2025 from ComputerWeekly: IT security
    Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property
  • What Security Leaders Need to Know About AI Governance for SaaS
    Thursday, July 10, 2025 from THN : The Hacker News
    Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors are scrambling to integrate AI copilots and assistants into...
  • New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
    Thursday, July 10, 2025 from THN : The Hacker News
    Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared with The Hacker...
  • AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
    Thursday, July 10, 2025 from THN : The Hacker News
    Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks (TSA), manifest in the form of...
  • UK and France forge closer cyber, tech research ties
    Thursday, July 10, 2025 from ComputerWeekly: IT security
    The navigation and timing systems used by power suppliers and emergency services to run their operations will fall in scope of an Anglo-French research pact that will also foster development in AI and supercomputing
  • Four arrested in M&S cyber attack investigation
    Thursday, July 10, 2025 from ComputerWeekly: IT security
    Police have made four arrests in connection with a trio of cyber attacks on UK retailers Marks & Spencer, Co-op and Harrods
  • ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
    Thursday, July 10, 2025 from THN : The Hacker News
    A high-severity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described...
  • Powered by Feed Informer