Collecting Cyber-News from over 60 sources

Tag: computer

Flaw in Gemini CLI AI coding assistant allowed stealthy code execution

Jul 28, 2025 10:27 PM

Tags: ai, computer, data, flaw, google, malicious, vulnerability

A vulnerability in Google’s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers’ computers using allowlisted programs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/flaw-in-gemini-cli-ai-coding-assistant-allowed-stealthy-code-execution/
Malware Campaign Uses YouTube and Discord to Harvest Credentials from Computers

Jul 25, 2025 11:27 AM

Tags: computer, credentials, cyber, malware, social-engineering, tactics, threat

The Acronis Threat Research Unit (TRU) has uncovered a sophisticated malware campaign deploying infostealers like Leet Stealer, its modified variant RMC Stealer, and Sniffer Stealer, leveraging social engineering tactics centered on gaming hype. These threats masquerade as indie game installers, such as Baruda Quest, Warstorm Fire, and Dire Talon, promoted via fraudulent websites and fake…
Hackers Inject Destructive Commands into Amazon’s AI Coding Agent

Jul 25, 2025 8:27 AM

Tags: ai, attack, breach, computer, cyber, data-breach, hacker, infrastructure, intelligence, malicious, threat, tool, vulnerability

A significant security breach has exposed critical vulnerabilities in Amazon’s artificial intelligence infrastructure, with hackers successfully injecting malicious computer-wiping commands into the tech giant’s popular AI coding assistant. The incident represents a concerning escalation in cyber threats targeting AI-powered development tools and highlights the growing sophistication of attacks against machine learning systems. Security Breach Details…
Verfassungsbeschwerde gegen Palantir-Einsatz in Bayern eingelegt

Jul 24, 2025 5:05 AM

Tags: computer, software

Die Gesellschaft für Freiheitsrechte (GFF) hat am 23. Juli 2025 mit Unterstützung vom Chaos Computer Club (CCC) Verfassungsbeschwerde gegen den Palantir-Einsatz in Bayern eingelegt. Worum geht es? Palantir Technologies Inc. ist ein US-amerikanischer Anbieter von Software und Dienstleistungen, der auf … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/24/verfassungsbeschwerde-gegen-palantir-einsatz-in-bayern-eingelegt/
UK government to ban public bodies from paying ransoms to hackers

Jul 22, 2025 11:42 AM

Tags: attack, computer, cyber, cybercrime, government, hacker, healthcare, international, office, ransom, ransomware, russia

Measure intended to send message to international cybercriminals ‘that the UK is united in fight against ransomware’The UK government is planning to ban public bodies from paying ransoms to computer hackers, and private companies will be required to inform authorities if they plan to cave into cash demands.The stance, announced on Tuesday by the Home…
Demo-Plattform eines US-Computer-Herstellers gehackt

Jul 22, 2025 8:40 AM

Tags: breach, computer, extortion, group, leak

Dell confirms breach of test lab platform by World Leaks extortion group First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/
Jonathan Zanger Named CTO at Check Point to Boost AI Cybersecurity

Jul 22, 2025 12:40 AM

Tags: ai, computer, cybersecurity, software, technology

Check Point Software has appointed Jonathan Zanger as its new Chief Technology Officer, tasking the former Trigo executive with driving the company’s global cybersecurity and AI strategy. Zanger brings over 15 years of experience building and scaling AI-powered cybersecurity platforms. At Trigo, he served as CTO, leading the development of advanced AI and computer vision…
US signals intention to rethink job H-1B lottery

Jul 21, 2025 2:41 PM

Tags: computer, group, jobs

Foreign worker program represents betrayal of US computer science students, advocacy group argues First seen on theregister.com Jump to article: www.theregister.com/2025/07/20/h_1b_job_lottery/
Klöckner warnt vor Cyberangriffen auf Bundestag

Jul 21, 2025 11:40 AM

Tags: access, computer, cyberattack, governance, government, hacker, mail, resilience, risk, verfassungsschutz

Parlamentspräsidentin Julia Klöckner will den Bundestag besser vor Hackerangriffen schützen.Der Deutsche Bundestag muss sich nach Einschätzung seiner Präsidentin Julia Klöckner stärker gegen Cyberattacken aus anderen Staaten schützen. “Wir verzeichnen leider zahlreiche Hackerangriffe. Der Bundestag ist ein begehrtes Ziel”, sagte die CDU-Politikerin der Deutschen Presse-Agentur in Berlin. “Wir werden unsere Abwehrfähigkeit zum Schutz vor Cyberangriffen weiter…
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands

Jul 19, 2025 12:40 AM

Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows

.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

Jul 18, 2025 3:40 PM

Tags: computer, LLM, malware, phishing, ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to deliver a malware codenamed LAMEHUG.”An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description),” CERT-UA said in a Thursday advisory.The activity has been attributed…
Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer

Jul 18, 2025 12:42 PM

Tags: computer, cyber, exploit, hacker, malicious, malware, rat, social-engineering, tactics

Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into executing malicious commands under the guise of resolving common computer issues like performance glitches or verification prompts. By hijacking the clipboard through JavaScript…
Quantum code breaking? You’d get further with an 8-bit computer, an abacus, and a dog

Jul 17, 2025 1:40 PM

Tags: computer

Computer scientist Peter Gutmann tells The Reg why it’s ‘bollocks’ First seen on theregister.com Jump to article: www.theregister.com/2025/07/17/quantum_cryptanalysis_criticism/
Windows Secure Boot Certificate Expired in June, Microsoft Issues Warning

Jul 16, 2025 2:40 PM

Tags: business, computer, cyber, microsoft, windows

Microsoft has issued an urgent warning to Windows users about an impending security certificate expiration that could significantly impact device functionality. The tech giant announced that Secure Boot certificates used by most Windows devices are scheduled to expire starting in June 2026, potentially affecting the ability of personal and business computers to boot securely if…
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case

Jul 16, 2025 9:40 AM

Tags: breach, computer, cyber, cybercrime, data, extortion, hacking, military, network, ransom, service, theft

A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted telecommunications companies through hacking, data theft, and extortion schemes. Cameron John Wagenius, who was stationed in Texas during his military service, admitted to conspiring with others to breach protected computer networks and demand ransom payments from victim…
Drive-by-Angriffe: IAM gegen willkürliche, opportunistische Cyberbedrohungen

Jul 16, 2025 6:40 AM

Tags: computer, cyberattack, hacker, iam

Im klassischen Techno-Thriller WarGames aus dem Jahr 1983 programmiert ein junger Hacker seinen Computer so, dass dieser jede Telefonnummer der Reihe nach anwählt auf der Suche nach einem Modem, das antwortet. Aktuelle Angreifer tun im Wesentlichen nichts anderes. Nur benutzen sie dazu keine Telefonleitungen mehr, sondern fangen mit der IP-Adresse 0.0.0.0 an und arbeiten… First…
UKtech50 2025: The most influential people in UK technology

Jul 15, 2025 10:40 PM

Tags: computer, technology

Computer Weekly has announced the 15th annual UKtech50 our definitive list of the movers and shakers in the UK tech sector First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627653/UKtech50-2025-The-most-influential-people-in-UK-technology
Russian Basketball Star Daniil Kasatkin Arrested in Ransomware Probe

Jul 15, 2025 12:40 AM

Tags: computer, ransomware, russia

Daniil Kasatkin, a Russian pro basketball player, faces US ransomware charges after his Paris arrest. His lawyer claims he’s “useless with computers,” raising questions about his alleged negotiator role in cybercrime. First seen on hackread.com Jump to article: hackread.com/russian-basketball-daniil-kasatkin-arrest-ransomware/
8 tough trade-offs every CISO must navigate

Jul 14, 2025 11:40 AM

Tags: access, ai, attack, business, ciso, cloud, compliance, computer, cyber, cybersecurity, ddos, defense, detection, framework, group, healthcare, incident response, jobs, malicious, mfa, regulation, resilience, risk, service, technology, threat, tool, vulnerability

2. Weighing security investments when the budget forces choices: Closely related to the trade-off around risk is what CISOs must navigate when it comes to security investments.”For most CISOs, when they have to make tough choices, 99% of the time it’s due to budget constraints that force them to weight risks versus rewards,” says John…
ClickFix: The Emerging Technique Threat Actors Use to Dominate Targeted Organizations

Jul 12, 2025 5:40 PM

Tags: computer, cyber, malicious, malware, social-engineering, threat

Threat actors have increasingly adopted ClickFix, a sophisticated social engineering technique that deceives users into executing malicious commands under the guise of resolving common computer issues like performance lags or pop-up errors. This method, often delivered via compromised websites, malvertising, YouTube tutorials, or fake tech support forums, relies on clipboard hijacking also known as pastejacking…
French cops cuff Russian pro basketball player on ransomware charges

Jul 11, 2025 8:40 AM

Tags: computer, ransomware, russia

‘He’s useless with computers and can’t even install an application’ says lawyer First seen on theregister.com Jump to article: www.theregister.com/2025/07/11/french_ransomware_arrest/
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods

Jul 10, 2025 3:40 PM

Tags: attack, computer, crime, cyber, offense

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods.The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West Midlands and London on suspicion…
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity

Jul 9, 2025 6:39 PM

Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windows

Network security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity

Jul 9, 2025 6:39 PM

Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windows

Network security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
Chinese national arrested in Milan after US issues arrest warrant for Hafnium attacks

Jul 8, 2025 9:34 PM

Tags: attack, china, computer

The Justice Department confirmed the arrest in a statement, unsealing a nine-count indictment on Tuesday accusing Xu and co-defendant Zhang Yu of being involved in “computer intrusions between February 2020 and June 2021, including the indiscriminate HAFNIUM computer intrusion campaign that compromised thousands of computers worldwide, including in the United States.” First seen on therecord.media…
New LogoKit Phishing Campaign Exploits Cloudflare Turnstile and Amazon S3 for Higher Success Rates

Jul 8, 2025 8:34 PM

Tags: banking, computer, cyber, exploit, intelligence, phishing

Cyble Research and Intelligence Labs (CRIL) recently discovered a very advanced phishing campaign that used the LogoKit phishing kit, which was initially discovered in 2021, to pose as reliable organizations such as Hungary’s Computer Emergency Response Team (HunCERT). This ongoing operation targets a diverse range of sectors, including banking and logistics, with a global reach…
MediaTek July”¯2025 Security Update Addresses Multiple Chipset Vulnerabilities

Jul 8, 2025 4:34 PM

Tags: attack, computer, cyber, remote-code-execution, update, vulnerability

MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets. The July 2025 security update reveals seven high-severity and nine medium-severity vulnerabilities that could potentially compromise device security through various attack vectors including remote code execution,…
Drei zentrale Cybersicherheitsrisiken von Quantencomputing

Jul 8, 2025 5:34 AM

Tags: blockchain, computer

Heute verschlüsselte Daten, die künftig entschlüsselt werden könnten. Manipulation der Blockchain. Quantenresistente Ransomware. Es ist eines der drängendsten technologischen Themen der kommenden Dekade: die zunehmende Relevanz von Quantencomputern und deren mögliche Auswirkungen auf die digitale Sicherheit. Als Cybersicherheitsrisiken gelten verschlüsselte Daten, die künftig entschlüsselt werden könnten, Manipulation der Blockchain und quantenresistente Ransomware. Klassische Computer stoßen……
Call of Duty takes PC game offline after multiple reports of RCE attacks on players

Jul 7, 2025 9:34 PM

Tags: attack, computer, rce, remote-code-execution

Gamemakers have only said they are investigating an unspecified “issue.” Players are posting videos of their computers being compromised. First seen on cyberscoop.com Jump to article: cyberscoop.com/call-of-duty-remote-code-execution-pc-game-offline/
Ransomware-Attacke auf Ingram Micro

Jul 7, 2025 12:34 PM

Tags: ai, computer, cyberattack, ransomware, usa, vpn

Die Webseiten von Ingram Micro sind aufgrund einer Cyberattacke aktuell nicht erreichbar. Screenshot by Foundry / Julia MutzbauerDie Internetseiten des globalen IT-Distributors Ingram Micro sind laut Aussagen von Kunden seit vergangenen Donnerstag (3. Juli 2025) nicht mehr erreichbar. Auch die deutsche Website ist betroffen. Dort heißt es, dass die Seite aufgrund von ‘Wartungsarbeiten” derzeit nicht…