Category: SecurityNews
-
BlueDelta Hackers Target Users of Popular Ukrainian Webmail and News Service
Russian state-sponsored threat group BlueDelta has conducted a sustained credential-harvesting campaign targeting users of UKR.NET, one of Ukraine’s most popular webmail and news services, between June 2024 and April 2025. According to research by Recorded Future’s Insikt Group, the operation represents a significant escalation in the GRU-linked threat actor’s efforts to compromise Ukrainian user credentials…
-
Mapping the Emerging Alliance Between Qilin, DragonForce, and LockBit
In mid-September 2025, the ransomware landscape witnessed a significant development when DragonForce announced an alliance with Qilin and LockBit on a Russian underground forum. The announcement, posted on September 15, 2025, claimed the three groups were joining forces to navigate an increasingly challenging criminal ecosystem marked by intensified law enforcement pressure and operational fragmentation. A…
-
Cloud Atlas Exploits Office Vulnerabilities to Execute Malicious Code
The Cloud Atlas threat group, active since 2014, continues to pose a significant risk to organizations in Eastern Europe and Central Asia through sophisticated attacks leveraging legacy Microsoft Office vulnerabilities. Security researchers have documented the group’s expanded arsenal and evolving infection chains deployed throughout the first half of 2025, revealing previously undescribed implants and attack…
-
Hackers Leverage Gladinet Triofox 0-Day Vulnerability to Run Malicious Code
Tags: attack, cve, cyber, exploit, flaw, hacker, infrastructure, malicious, remote-code-execution, threat, vulnerability, zero-dayA critical remote code execution vulnerability in Gladinet Triofox is now under active exploitation by threat actors, and security researchers have demonstrated that weaponizing the flaw requires far more sophistication than initial analyses suggest. CVE-2025-12480, tracked by UNC6485, represents a complex attack chain that involves multiple infrastructure challenges and technical hurdles attackers must overcome to…
-
Apache Log4j Flaw Enables Interception of Sensitive Logging Data
The Apache Software Foundation has released a critical security update for its widely used Log4j logging library. A newly discovered vulnerability, tracked as CVE-2025-68161, allows attackers to intercept or redirect sensitive log data by exploiting a flaw in how the software establishes secure connections. The issue specifically affects the >>Socket Appender
-
Iranian APT Targeting Networks and Critical Infrastructure Organizations
Iranian state-sponsored threat actors, previously thought to have gone dormant, have resurfaced with sophisticated new malware campaigns targeting critical infrastructure organizations globally. A new research report released by SafeBreach Labs reveals that the >>Prince of Persia
-
NIS2 Compliance: Maintaining Credential Security
Strengthen NIS2 compliance by preventing weak and compromised passwords with Enzoic’s continuous credential protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/nis2-compliance-maintaining-credential-security/
-
New Kibana Vulnerabilities Allow Attackers to Embed Malicious Scripts
Elastic has released critical security updates to address a dangerous cross-site scripting (XSS) vulnerability affecting multiple versions of Kibana. The vulnerability, tracked as CVE-2025-68385, allows authenticated attackers to inject malicious scripts into web pages served to other users. Vulnerability Details The flaw stems from improper input neutralization during web page generation, specifically within Kibana’s Vega…
-
NDSS 2025 Interventional Root Cause Analysis Of Failures In Multi-Sensor Fusion Perception Systems
Session 6C: Sensor Attacks Authors, Creators & Presenters: Shuguang Wang (City University of Hong Kong), Qian Zhou (City University of Hong Kong), Kui Wu (University of Victoria), Jinghuai Deng (City University of Hong Kong), Dapeng Wu (City University of Hong Kong), Wei-Bin Lee (Information Security Center, Hon Hai Research Institute), Jianping Wang (City University of…
-
Scripted Sparrow Utilizes Automation to Generate and Dispatch Attack Messages
Tags: attack, automation, business, cyber, cybersecurity, email, group, infrastructure, intelligenceScripted Sparrow, a prolific Business Email Compromise (BEC) collective with members spanning three continents, has raised significant concerns among cybersecurity researchers due to the sophisticated automation infrastructure underlying their large-scale fraudulent operations. Recent analysis by Fortra’s Intelligence and Research Experts (FIRE) reveals that the group’s staggering operational scale estimated at 3 million highly targeted messages…
-
Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter
The recent discovery of a cryptomining campaign targeting Amazon compute resources highlights a critical gap in traditional cloud defense. Attackers are bypassing perimeter defenses by leveraging compromised credentials to execute legitimate but privileged API calls like ec2:CreateLaunchTemplate, ecs:RegisterTaskDefinition, ec2:ModifyInstanceAttribute, and lambda:CreateFunctionUrlConfig. While detection tools identify anomalies after they occur, they do not prevent execution, lateral……
-
Cisco VPNs, Email Services Hit in Separate Threat Campaigns
The company suffered one sophisticated five-alarm campaign and one messy spray-and-pray attack, mere days apart. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cisco-vpns-email-services-threat-campaigns
-
FBI says ‘ongoing’ deepfake impersonation of U.S. gov officials dates back to 2023
The update also includes new details around the specific tactics and talking points impersonators use to ensnare victims. First seen on cyberscoop.com Jump to article: cyberscoop.com/fbi-says-ongoing-deepfake-impersonation-of-us-officials-dates-back-to-2023/
-
Hundreds of Cisco customers are vulnerable to new Chinese hacking campaign, researchers say
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/19/hundreds-of-cisco-customers-are-vulnerable-to-new-chinese-hacking-campaign-researchers-say/
-
ATM jackpotting gang accused of unleashing Ploutus malware across US
Tags: malwareLatest charges join the mountain of indictments facing alleged Tren de Aragua members First seen on theregister.com Jump to article: www.theregister.com/2025/12/19/tren_de_aragua_atm/
-
UK Foreign Office Targeted by Hackers
Chinese Hacking Group Reportedly Behind the Hack. A top-ranking U.K. government official said that hackers targeted the government’s foreign relations ministry but dismissed media reports that the attackers stole a large trove of data. We managed to close the hole, as it were, very quickly, said Trade Minister Chris Bryant. First seen on govinfosecurity.com Jump…
-
UK Foreign Office Targeted by Hackers
Chinese Hacking Group Reportedly Behind the Hack. A top-ranking U.K. government official said that hackers targeted the government’s foreign relations ministry but dismissed media reports that the attackers stole a large trove of data. We managed to close the hole, as it were, very quickly, said Trade Minister Chris Bryant. First seen on govinfosecurity.com Jump…
-
Analysis: Google Cloud Inks An Interesting Deal With Palo Alto Networks
The Google Cloud-Palo Alto Networks deal announced Friday comes as Google is in the final stages of acquiring one of Palo Alto Networks’ biggest rivals on cloud and AI security, Wiz. First seen on crn.com Jump to article: www.crn.com/news/security/2025/analysis-google-cloud-inks-an-interesting-deal-with-palo-alto-networks
-
DOJ charges gang for ATM hacks using Ploutus malware
Tags: malwareThe Justice Department unsealed two indictments charging 54 people for their alleged roles in a campaign to develop and deploy a variant of the Ploutus malware, allowing them to pilfer hundreds of thousands of dollars from ATMs across the U.S. First seen on therecord.media Jump to article: therecord.media/doj-charges-gang-malware-ploutus
-
Kirsten Davies Confirmed as Pentagon CIO
Former Unilever CISO to Lead Department of Defense IT. A former Unilever executive is officially the next U.S. Department of Defense CIO. The Pentagon CIO is the principal technology advisor to Pentagon leadership and manages the department’s information management and IT, and many other critical systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/kirsten-davies-confirmed-as-pentagon-cio-a-30353
-
AI-Generated Code Ships Faster, But Crashes Harder
Machine-Written Pull Requests Contain 70% More Bugs. CodeRabbit analyzed 470 GitHub pull requests and found AI-generated code introduces more defects than human-written code across logic, security, maintainability and performance categories, with severity spiking higher as well. The use of AI code generation has expanded across the industry. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-generated-code-ships-faster-but-crashes-harder-a-30352
-
HubSpot Phishing Campaign Bypasses Trusted Email Defenses
A phishing campaign targeting HubSpot users bypassed email defenses by abusing trusted platforms and authenticated infrastructure. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/hubspot-phishing-campaign-bypasses-trusted-email-defenses/
-
Microsoft confirms Teams is down and messages are delayed
Tags: microsoftMicrosoft Teams is experiencing issues, with thousands reporting problems sending messages, including delays. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-teams-is-down-and-messages-are-delayed/
-
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Tags: attack, authentication, credentials, email, government, group, hacker, microsoft, phishing, russiaA suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks.The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare.The attacks involve using compromised email addresses belonging to government First seen on thehackernews.com…
-
Nigeria arrests dev of Microsoft 365 ‘Raccoon0365’ phishing platform
The Nigerian police have arrested three individuals linked to targeted Microsoft 365 cyberattacks via Raccoon0365 phishing-as-a-service. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nigeria-arrests-dev-of-microsoft-365-raccoon0365-phishing-platform/
-
Randall Munroe’s XKCD ‘Fifteen Years’
Tags: datavia the insightful artistry and dry wit of Randall Munroe, creator of XKCD Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/12/randall-munroes-xkcd-fifteen-years/
-
Randall Munroe’s XKCD ‘Fifteen Years’
Tags: datavia the insightful artistry and dry wit of Randall Munroe, creator of XKCD Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/12/randall-munroes-xkcd-fifteen-years/
-
NDSS 2025 PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation
Session 6C: Sensor Attacks Authors, Creators & Presenters: Yan Jiang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Yancheng Jiang (Zhejiang University), Kai Wang (Zhejiang University), Chenren Xu (Peking University), Wenyuan Xu (Zhejiang University) PAPER NDSS 2025 – PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation Sensors are key components to enable various applications, e.g., home intrusion…
-
NDSS 2025 PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation
Session 6C: Sensor Attacks Authors, Creators & Presenters: Yan Jiang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Yancheng Jiang (Zhejiang University), Kai Wang (Zhejiang University), Chenren Xu (Peking University), Wenyuan Xu (Zhejiang University) PAPER NDSS 2025 – PowerRadio: Manipulate Sensor Measurement Via Power GND Radiation Sensors are key components to enable various applications, e.g., home intrusion…
-
10 Major Cyberattacks And Data Breaches In 2025
Among the major cyberattacks and data breaches in 2025 were nation-state infiltration by China and North Korea, as well as massive data theft and ransomware attacks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/10-major-cyberattacks-and-data-breaches-in-2025