Tag: cyber
-
EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins
A newly uncovered cyber campaign dubbed “EtherRAT” is raising concerns across enterprise environments, as attackers combine SEO poisoning, GitHub abuse, and blockchain-based infrastructure to target high-privilege IT professionals. Instead of broadly targeting users, the attackers deliberately impersonate trusted administrative tools, increasing the likelihood that victims already have elevated system access. The attack chain begins with…
-
20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
Tags: cyberOn this day in 2006, Dark Reading went live. We have a celebration planned that spans our two decades of covering the industry, and you, dear readers, are invited. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/20-years-cyber-dark-reading-milestone-special-coverage
-
New Android Spyware Platform Enables Rebranding and Resale
A newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell surveillance malware as their own product. Buyers can subscribe to the service, customize branding, and launch their own spyware operation with minimal effort. KidsProtect presents itself as a parental monitoring app,…
-
Cyber experts take an optimistic view of AI-powered hacking
During the annual CETaS showcase in London, experts discussed the potential cyber risk of tools such as Claude Mythos First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642508/Cyber-experts-take-an-optimistic-view-of-AI-powered-hacking
-
CAPTCHA and ClickFix Abuse Fuels Credential Theft Surge
Attackers are increasingly combining QR codes, fake CAPTCHA gates, and ClickFix-style tricks to steal credentials at scale, even as major phishing-as-a-service (PhaaS) platforms face disruption. These tactics shift risk from traditional malware attachments to highly convincing, hosted phishing flows that are harder for both users and email filters to spot. Across this volume, 78% of…
-
Just 34% of cyber pros plan to stick with their current employer
Skills development: Richard Demeny, founder and CTO at Canary Wharfian, an online finance career platform, says that graduates and early professionals know they are calling the shots because even at the entry level talent is scarce.”[New entrants] are prioritizing opportunity and learnings, as pay is pretty much standard across the board, except for maybe high-finance…
-
Multiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS Data
The developers of the Exim mail server have officially rolled out version 4.99.2 to address four newly discovered security vulnerabilities. This critical update patches multiple software flaws that could allow attackers to crash server connections, corrupt memory heaps, or potentially leak sensitive system data. Mail server administrators are strongly advised to apply these fixes immediately…
-
DDoS Malware Targets Jenkins to Hit Valve Game Servers
A new DDoS botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like Counter”‘Strike and Team Fortress 2. The campaign shows how a single misconfigured CI server can be turned into a multi”‘platform attack node capable of UDP, TCP, and application”‘layer floods against online…
-
The Cyber Express Weekly Roundup: Data Breaches, AI Risks, and Phishing Campaigns Dominate Cybersecurity Landscape
In this week’s First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-cybersecurity/
-
Multiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed Packets
The Wireshark Foundation has released version 4.6.5 of its widely used network protocol analyzer, addressing a massive wave of security vulnerabilities. This urgent update patches over 40 distinct security flaws, driven by a recent surge in AI-assisted vulnerability reports. The most critical bugs in this release allow for possible arbitrary code execution, elevating the risk…
-
AI-Powered Ransomware Surge Hits 7,831 Victims Worldwide
Ransomware attacks surged dramatically in 2025, with global victims reaching 7,831. The sharp rise highlights how cybercrime has evolved into a highly organized, AI-driven ecosystem in which attackers operate at speed, with automation and scale. This surge is largely fueled by the widespread availability of AI-powered cybercrime tools such as WormGPT, FraudGPT, and BruteForceAI, which…
-
Deep#Door Stealer Targets Passwords, Tokens, SSH Keys, and Wi-Fi Credentials
Deep#Door is a stealthy Python-based Remote Access Trojan (RAT) that uses an obfuscated batch loader to deploy a persistent surveillance and credential-stealing implant on Windows systems. It aggressively turns off security controls, hides its traffic behind the bore.]pub tunneling service, and focuses on stealing browser passwords, cloud tokens, SSH keys, and Wi”‘Fi credentials. When executed,…
-
FBI Warns Logistics Sector of Fake Business Identity Cargo Scams
The FBI issued a public service announcement warning the transportation and logistics sectors about a massive increase in cyber-enabled strategic cargo theft. Threat actors are increasingly using sophisticated tactics to impersonate legitimate businesses, hijack freight, and steal high-value shipments. The financial impact of these attacks is severe. In 2025 alone, estimated cargo theft losses in…
-
China-Aligned Hackers Deploy ShadowPad in Multi-Stage Espionage Campaign
Tags: china, cyber, espionage, exploit, government, group, hacker, infrastructure, microsoft, threat, vulnerabilityChina-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian governments, critical infrastructure, and one NATO member state. The group primarily targets government entities and critical infrastructure in South, East, and Southeast Asia, with additional activity against at least one…
-
Ruby Gems and Go Modules Used in Campaign Targeting GitHub Actions
A sophisticated software supply chain attack originating from the GitHub account BufferZoneCorp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated legitimate developer tools, which were later weaponized to steal secrets and poison build pipelines. On the Ruby ecosystem, threat actors…
-
Claude Security Enters Public Beta for Enterprise Customers
Anthropic has officially launched the public beta of Claude Security, an advanced vulnerability detection and remediation tool now available to Claude Enterprise customers. Powered by the highly capable Claude Opus 4.7 model, this platform shifts application security testing from basic pattern matching to deep, contextual analysis. As AI accelerates the timeline between discovering and exploiting…
-
Microsoft Windows 11 April 2026 Security Update Disrupts Third-Party Backup Tools
The April 2026 security update for Windows 11, designated as KB5083769, is causing severe disruptions for users relying on third-party backup solutions. Deployed for Windows 11 versions 24H2 and 25H2, this patch introduces a critical flaw that breaks the Microsoft Volume Shadow Copy Service (VSS). Because VSS is a fundamental component for taking safe, point-in-time…
-
Fake CAPTCHA Scam Uses SMS Pumping to Inflate Phone Bills
A newly uncovered cyber fraud campaign is abusing fake CAPTCHA pages to trick mobile users into sending large volumes of international SMS messages, resulting in unexpected phone bills and illicit profits for attackers. Unlike traditional malware campaigns, this operation does not require installing malicious software. Instead, it exploits telecom billing systems and affiliate revenue models…
-
Bank regulator sounds warning over cybersecurity threat posed by AI models
Tags: access, ai, api, attack, banking, cloud, cyber, cyberattack, cybersecurity, defense, finance, flaw, germany, government, penetration-testing, service, supply-chain, technology, threat, vulnerabilityAccessing Mythos: It’s barely three weeks since Anthropic made Claude Mythos public on April 7 and it’s hard to recall a development that’s caused as much cybersecurity alarm in such a short space of time.Earlier this week, Michael Theurer, the chief supervisor of Bundesbank, Germany’s financial regulator, echoed APRA’s concern, telling Reuters that European banks…
-
Breach Roundup: US Cyber Command Flags Election Threats
Also, HexDex Arrest, Black Axe Crackdown, LeRobot RCE Flaw. This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation targets Tibet. Exploited ScreenConnect and Windows flaws raise alarms. Minecraft gamers hit with stealer malware. A critical AI framework bug enables remote code execution. First seen on govinfosecurity.com Jump to article:…
-
State CISOs Are Losing Confidence as AI Threats Surge
Tightening Budgets and AI-Enabled Attacks Stretch State Cyber Defenses. State CISO confidence has collapsed, with just 22% saying their data is protected from cyberthreats. The 2026 NASCIO-Deloitte study points to AI-enabled attacks, third-party vendor risk and the worst budget picture in years as states rethink how they defend public data. First seen on govinfosecurity.com Jump…
-
State CISOs Are Losing Confidence as AI Threats Surge
Tightening Budgets and AI-Enabled Attacks Stretch State Cyber Defenses. State CISO confidence has collapsed, with just 22% saying their data is protected from cyberthreats. The 2026 NASCIO-Deloitte study points to AI-enabled attacks, third-party vendor risk and the worst budget picture in years as states rethink how they defend public data. First seen on govinfosecurity.com Jump…
-
DHS Shutdown Ends as CISA Faces Long Recovery
Bipartisan Deal Funds DHS Components After Record 75-Day Shutdown. The House passed a bipartisan bill funding the Department of Homeland Security, ending a 75-day shutdown that forced the Cybersecurity and Infrastructure Security Agency into a reactive posture and disrupted preventive cyber operations, even as workforce losses and proposed cuts threaten long-term resilience. First seen on…
-
Hackers earning millions from hijacked cargo, FBI says
In an advisory this week, FBI officials said cyber actors have spent the last two years breaking into the systems of brokers and carriers, allowing them to pose as victim companies and post fraudulent listings on freight delivery message boards. First seen on therecord.media Jump to article: therecord.media/hackers-earning-millions-from-hijacked-cargo-fbi
-
Anthropic’s Mythos Has Landed: Here’s What Comes Next for Cyber
In this latest installment of the Reporters’ Notebook video series, we discuss how the new AI model threatens to completely upend cybersecurity, and what industry leaders are telling the press. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/anthropic-mythos-cyber-what-comes-next
-
Patch management goes from hard, to ludicrous in the agentic AI era
The release of agentic AI is compressing the nature of patch management and how defenders must prepare for the future of cyber attacks. This is increasing pressure on patch velocity, compensating controls, and dependency visibility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/patch-management-goes-from-hard-to-ludicrous-in-the-agentic-ai-era/
-
Patch management goes from hard, to ludicrous in the agentic AI era
The release of agentic AI is compressing the nature of patch management and how defenders must prepare for the future of cyber attacks. This is increasing pressure on patch velocity, compensating controls, and dependency visibility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/patch-management-goes-from-hard-to-ludicrous-in-the-agentic-ai-era/
-
After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
OpenAI will begin rolling out it cybersecurity testing tool, GPT-5.5 Cyber only “to critical cyber defenders” at first. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/30/after-dissing-anthropic-for-limiting-mythos-openai-restricts-access-to-cyber-too/