Tag Archives: it security

Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit

Austrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist...

15
May
Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole...

15
May
Pen Testing for Compliance Only? It’s Time to Change Your Approach

Imagine this: Your organization completed its annual penetration test in January, earning high marks for...

15
May
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Google on Wednesday released updates to address four security issues in its Chrome web browser,...

15
May
5 BCDR Essentials for Effective Ransomware Defense

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling...

15
May
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers...

15
May
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as an operating...

15
May
Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server...

14
May
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

At least two different cybercrime groups BianLian and RansomExx are said to have exploited a...

14
May
Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering

A Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in...

14
May
CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

A new global phishing threat called “Meta Mirage” has been uncovered, targeting businesses using Meta’s...

14
May
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns

A cyber espionage group known as Earth Ammit has been linked to two related but...

14
May
Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and...

14
May
Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails

Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called...

14
May
Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its...

14
May
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems

Fortinet has patched a critical security flaw that it said has been exploited as a...

14
May
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM)...

14
May
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus...

13
May
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that...

13
May
Deepfake Defense in the Age of AI

The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now...

13
May
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing...

13
May
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a...

13
May
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers

A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform...

13
May
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully...

12
May
âš¡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams

What do a source code editor, a smart billboard, and a web server have in...

12
May
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half...

12
May
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to...

12
May
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection

Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle...

10
May
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data

Germany’s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and...

10
May
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation

A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal...

09
May