Tag: email
-
Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome
The China-aligned threat actor Mustang Panda, also known as Earth Preta, HIVE0154, RedDelta, and Bronze President, has been deploying the ToneShell backdoor against Windows users, primarily targeting government and military entities in the Asia-Pacific and Europe. Active since at least 2012, the group leverages spear-phishing emails with military-themed lures to deliver malicious archives, such as…
-
Hacker Accesses Millions of IMDataCenter Records from Exposed AWS Bucket
Florida firm IMDataCenter exposed 38GB of sensitive data including names, emails and ownership info. At least one hacker accessed and downloaded the files. First seen on hackread.com Jump to article: hackread.com/hacker-accesses-imdatacenter-records-exposed-aws-bucket/
-
UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware
UAC-0099 is a threat actor organization that has been targeting state officials, defense forces, and defense-industrial firms in a series of sophisticated cyberattacks that Ukraine’s CERT-UA has been investigating. The attacks typically initiate with phishing emails from UKR.NET addresses, featuring subjects like >>court summons
-
Dutch Caribbean islands respond to cyberattacks on courts, tax departments
A ransomware attack on Curaçao’s tax office and an email breach at Aruba’s parliament have put the Dutch Caribbean islands on high alert for cybersecurity issues. First seen on therecord.media Jump to article: therecord.media/aruba-curacao-governments-cyberattacks
-
Top cybersecurity M&A deals for 2025
Tags: 5G, access, ai, api, apple, application-security, attack, automation, awareness, banking, breach, business, ceo, cisco, cloud, compliance, control, crowdstrike, cyber, cybersecurity, data, ddos, defense, detection, edr, email, endpoint, finance, firewall, gitlab, government, group, ibm, identity, incident response, infrastructure, intelligence, leak, microsoft, mitigation, network, password, programming, risk, risk-management, saas, service, software, sophos, strategy, supply-chain, technology, threat, tool, training, vulnerability, waf, zero-trustPalo Alto Networks to buy CyberArk for $25B as identity security takes center stage July 30, 2025: Palo Alto Networks is making what could be its biggest bet yet by agreeing to buy Israeli identity security company CyberArk for around $25 billion. “We envision Identity Security becoming the next major pillar of our multi-platform strategy, complementing our leadership…
-
OWASP LLM Risk #5: Improper Output Handling FireTail Blog
Tags: ai, application-security, attack, awareness, cyber, detection, email, injection, LLM, mitigation, monitoring, phishing, remote-code-execution, risk, sql, strategy, threat, vulnerabilityAug 04, 2025 – Lina Romero – 2025 is seeing an unprecedented surge of cyber attacks and breaches. AI, in particular, has introduced a whole new set of risks to the landscape and researchers are struggling to keep up. The OWASP Top 10 Risks for LLMs goes into detail about the ten most prevalent risks…
-
Hackers Abuse Microsoft 365 Direct Send to Deliver Internal Phishing Emails
A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to… First seen on hackread.com Jump to article: hackread.com/hackers-microsoft-365-direct-send-internal-phishing-emails/
-
Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons
Devs told to exercise ‘extreme caution’ with emails disguised as account update prompts First seen on theregister.com Jump to article: www.theregister.com/2025/08/04/mozilla_add_on_phishing/
-
Mozilla Issues Warning on Phishing Campaign Targeting Add-on Developer Accounts
Mozilla has issued an urgent security warning to Firefox add-on developers following the detection of a sophisticated phishing campaign targeting accounts on the Add-ons Mozilla Organization (AMO) platform. The alert, published by Scott DeVaney from Mozilla’s Add-ons Community team on August 1, 2025, warns developers to exercise extreme caution when receiving emails purporting to be…
-
Pi-hole Data Breach Exposes Donor Emails Through WordPress Plugin Flaw
A trusted name in open-source privacy software is facing tough questions after a recent data breach exposed donor names and email addresses. Here’s what happened, why it matters, and what you need to know. What Happened? On July 28, 2025, members of the Pi-hole community reported suspicious emails sent to addresses used only for Pi-hole……
-
Lovense flaws expose emails and allow account takeover
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys, fixed two vulnerabilities that exposed users’ emails and allowed remote account takeovers. A researcher known as BobDaHacker recently disclosed the flaws after Lovense claimed it would take…
-
6 things keeping CISOs up at night
Tags: access, ai, attack, breach, business, cio, ciso, cloud, compliance, control, cyber, data-breach, deep-fake, email, exploit, infrastructure, jobs, metric, password, phishing, regulation, risk, service, technology, threat, tool, training, vulnerabilityAI’s potential to create a competency crisis: At mental health organization Headspace CISO Jameeka Aaron sees many potential applications for AI but she is balancing enablement with caution. However, Aaron is particularly concerned about the impact of generative AI on the hiring process.While strong developers can leverage AI to their advantage, weaker developers may appear…
-
Pi-hole Plugin Flaw Exposes Donor Names and Email Addresses in Data Breach
A Pi-hole donor has reported receiving spam email to an address created exclusively for their donation to the popular network-level ad blocker, raising concerns about a potential data breach affecting the project’s donor database. The incident, reported on Reddit’s Pi-hole community forum under investigation status, suggests that donor email addresses may have been compromised or…
-
Security Affairs newsletter Round 535 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New Linux backdoor Plague bypasses auth via malicious PAM module China Presses Nvidia Over Alleged Backdoors…
-
Black Hat 2025: Latest news and insights
Tags: access, ai, api, attack, ciso, cloud, conference, crowdstrike, cvss, cyber, cybersecurity, data, defense, email, exploit, finance, firmware, flaw, group, hacker, hacking, identity, Internet, LLM, malicious, malware, reverse-engineering, sap, service, threat, tool, training, update, usa, vulnerability, windowsBlack Hat USAAugust 2-7, 2025Las Vegas, NVBlack Hat USA 2025 returns to the Mandalay Bay Convention Center in Las Vegas on August 2-7. The annual event is a perennial magnet for cybersecurity professionals, researchers, vendors and othersThe week kicks off on August 2 with four days of cybersecurity training courses. The courses cover a range…
-
Pi-hole discloses data breach triggered by WordPress plugin flaw
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pi-hole-discloses-data-breach-via-givewp-wordpress-plugin-flaw/
-
Pi-hole discloses data breach via GiveWp WordPress plugin flaw
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pi-hole-discloses-data-breach-via-givewp-wordpress-plugin-flaw/
-
Sex toy maker Lovense threatens legal action after fixing security flaws that exposed users’ data
The internet-connected sex toy maker said it fixed the vulnerabilities that exposed users’ private email addresses and accounts to takeovers, but said it was also planning to take legal action following the disclosure. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/01/sex-toy-maker-lovense-threatens-legal-action-after-fixing-security-flaws-that-exposed-users-data/
-
Florida prison email blunder exposes visitor contact info to inmates
Victims fear leak at Everglades Correctional Institution could lead to violent extortion First seen on theregister.com Jump to article: www.theregister.com/2025/08/01/florida_prison_email_blunder/
-
Summer: Why cybersecurity must be strengthened as vacations abound
Tags: access, ai, attack, authentication, automation, awareness, backup, control, corporate, credentials, cybersecurity, data, detection, email, encryption, exploit, infrastructure, malicious, mfa, monitoring, network, office, password, resilience, risk, theft, threat, tool, training, update, usa, vpn, wifiGuillermo Fernandez, Sales Engineer for Southern Europe at WatchGuard Technologies. WatchGuard Technologies.Another important point is that, during the summer, attackers know that many IT and cybersecurity teams are operating with more limited resources or with staff on vacation. “They take advantage of this to launch phishing campaigns and other targeted attacks, aware that attention and vigilance often…
-
Attackers wrap phishing links through URL scanning services to bypass detection
urldefense.proofpoint.com and url.emailprotection.link (Intermedia).”Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the moment of click,” Cloudflare researchers wrote in their report on the attacks. “While this is effective against known threats, attacks can still succeed…
-
Threat Actors Use Malicious RMM Tools for Stealthy Initial Access to Organizations
A small increase in targeted cyberattacks that make use of Remote Monitoring and Management (RMM) capabilities that are embedded in PDF documents has been seen by WithSecure. These campaigns primarily focus on organizations in France and Luxembourg, employing socially engineered emails to deliver innocuous PDFs containing hyperlinks to legitimate RMM installers. This method effectively circumvents…
-
LAMEHUG: First AI-Powered Malware Targets Organizations via Compromised Official Email Accounts
The Russian state-sponsored threat actor APT28, also known as Fancy Bear or Forest Blizzard, has deployed LameHug, the first publicly documented malware leveraging large language models (LLMs) for automated command generation and execution. According to a recent CERT-UA report, this campaign targeted Ukraine’s security and defense sectors earlier this month, initiating with spearphishing emails dispatched…
-
Threat Actors Use LNK Files to Deploy RedLoader Malware on Windows Systems
Sophos analysts have identified a novel infection chain employed by the financially motivated cybercriminal group GOLD BLADE, also known as RedCurl, Red Wolf, and Earth Kapre, to deploy their custom RedLoader malware on Windows systems. This group, active since 2018 and specializing in commercial espionage, has been observed using highly targeted phishing emails to infiltrate…