Tag: framework
-
MeetC2 A serverless C2 framework that leverages Google Calendar APIs as a communication channel
MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background:Modern adversaries increasingly hide command-and-control (C2) traffic inside cloud services. We built this proof of concept (PoC) to study and demonstrate those techniques in a controlled way, emulating those tactics so red and blue teams…
-
Hackers Turn Red Team AI Tool Into Citrix Exploit Engine
HexStrike-AI Connects LLMs to Over 150 Existing Security Tools. A red-team framework released for penetration testing has become a weapon in the wild, repurposed by hackers to accelerate exploitation of newly disclosed Citrix vulnerabilities. Check Point Research observed chatter suggesting n-day attacks may unfold in minutes, shrinking defender response time. First seen on govinfosecurity.com Jump…
-
Cybersecurity Snapshot: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure
Tags: access, advisory, apt, attack, authentication, breach, china, cisa, cisco, cloud, compliance, computer, computing, control, credentials, cryptography, cve, cyber, cybersecurity, data, defense, detection, espionage, exploit, firmware, framework, google, government, guide, hacker, Hardware, incident response, infrastructure, international, Internet, iot, login, mfa, military, mitigation, monitoring, network, nist, organized, password, phishing, ransomware, regulation, risk, russia, sans, service, software, technology, theft, threat, tool, update, vulnerability, zero-trustDestructive cyber attacks against critical infrastructure have unfortunately become increasingly frequent. Just last week, multinational government agencies blared the alarm about a global cyber espionage campaign targeting critical infrastructure networks. With this type of cyber threat in the spotlight, we’re rounding up recent cyber advice for securing critical infrastructure. In case you missed it, here…
-
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT.”Available in both Python and C variants, CastleRAT’s core functionality consists of collecting system information, downloading and executing additional payloads, and executing commands via CMD and PowerShell,” Recorded Future Insikt Group First seen on…
-
New Exploit Bypasses Code Integrity to Backdoor Signal, 1Password, Slack, and More
A new security exploit has been discovered that lets attackers slip malicious code into widely used desktop applications including Signal, 1Password, Slack, and Google Chrome by evading built-in code integrity checks. The vulnerability, tracked as Electron CVE-2025-55305, affects nearly every app built on the Chromium engine when they use Electron, a popular framework for making…
-
Hackers Exploit Google Calendar API with Serverless MeetC2 Framework
A novel serverless command-and-control (C2) technique that abuses Google Calendar APIs to obscure malicious traffic inside trusted cloud services. Dubbed MeetC2, this lightweight, cross-platform proof-of-concept demonstrates how adversaries can seamlessly blend C2 communications into everyday SaaS usage, presenting fresh detection, telemetry, and response challenges for red and blue teams alike. In a recent internal purple-team…
-
Sitecore zero-day configuration flaw under active exploitation
__VIEWSTATE and can be signed and encrypted with keys, called ValidationKey and DecryptionKey, stored in the application configuration file.If these keys are stolen or leaked, attackers can use them to craft malicious ViewState payloads inside POST requests that the server will then decrypt, validate, and execute by loading them into the memory of its worker…
-
Identity-First Security: Mitigating the Cloud’s Greatest Risk Vector
Tags: access, ai, attack, best-practice, breach, business, cloud, credentials, data, defense, exploit, framework, google, iam, identity, infrastructure, least-privilege, microsoft, phishing, ransomware, risk, service, strategy, threat, vulnerabilityCompromised credentials are now the leading cause of cloud breaches, making identity your most critical attack surface. A new IDC white paper explores why this shift is happening and where traditional defenses fall short. Read on to learn how Tenable’s identity-first approach turns this risk into your strongest defense. Hack the user, own the cloud.…
-
EuG weist Nichtigkeitsklage gegen EUDatentransferabkommen (TADPF) ab
Der französische Abgeordnete Philippe Latombe wollte das Abkommen zwischen der EU und den USA zum Datentransfer, als Trans-Atlantic Data Privacy Framework (TADPF), mit einer Nichtigkeitsklage zu Fall bringen. Diese Klage wurde am 3. September 2025 vom Court of Justice of … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/04/eugh-weist-dsgvo-klage-gegen-eu-us-datentransferabkommen-tadpf-ab/
-
EuGH weist Nichtigkeitsklage gegen EUDatentransferabkommen (TADPF) ab
Der französische Abgeordnete Philippe Latombe wollte das Abkommen zwischen der EU und den USA zum Datentransfer, als Trans-Atlantic Data Privacy Framework (TADPF), mit einer Nichtigkeitsklage zu Fall bringen. Diese Klage wurde am 3. September 2025 vom Europäischen Gerichtshof (EuGH) abgewiesen. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/04/eugh-weist-dsgvo-klage-gegen-eu-us-datentransferabkommen-tadpf-ab/
-
Django Web Vulnerability Exposes Applications to High-Risk SQL Injection CVE-2025-57833
A serious Django web vulnerability has been identified, prompting immediate action from the Django web framework development team. The flaw, officially registered as CVE-2025-57833, affects the FilteredRelation feature in Django and could allow attackers to carry out SQL injection attacks. This vulnerability has been marked as high severity, and users of affected versions are urged…
-
Pressure on CISOs to stay silent about security incidents growing
Tags: access, breach, business, cio, ciso, corporate, credentials, credit-card, crowdstrike, cybersecurity, data, data-breach, email, finance, framework, group, hacker, iam, identity, incident response, insurance, law, mfa, ransomware, sap, security-incident, software, theft, threat, training‘Intense pressure’ to keep quiet about security incidents: CSO spoke to two other former CISOs who reported pressures to stay silent about suspected security incidents. Both CISOs requested to remain anonymous due to end-of-contract confidentiality agreements made with previous employers.”While working inside a Fortune Global 500 company in Europe, I witnessed this multiple times,” one…
-
European Court rejects challenge to EU-US data transfer agreement
The General Court of the Court of Justice of the European Union ruled against a French lawmaker who had challenged the EU-U.S. Data Privacy Framework, citing the fact that a U.S. data protection court provides independent oversight of U.S. intelligence agencies and their potential surveillance of Europeans’ data. First seen on therecord.media Jump to article:…
-
European court upholds EU-US Data Privacy Framework data-sharing agreement
EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US for now. An appeal may be in the offing First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366630156/European-court-upholds-EU-US-Data-Privacy-Framework-data-sharing-agreement
-
EU Court Preserves EU-US Data Privacy Framework
The EU General Court Gives Victory to Backers of Trans-Atlantic Data Flows. The European Union General Court on Wednesday dismissed a plea by a French politician to annul the legal framework underpinning commercial data flows across the Atlantic, rejecting claims that a U.S. intelligence agency oversight body is not independent of the federal government. First…
-
Bridging Cybersecurity and Biosecurity With Threat Modeling
Structured Approach to Mitigate Vulnerabilities and Risks in Synthetic Biology Labs Advances in synthetic biology promise breakthroughs, such as engineered bacteria and microbes for pollution cleanup and medicine production. But this promise brings new risks: cyberthreats that intersect with biosecurity. Threat modeling provides a critical framework to anticipate these risks. First seen on govinfosecurity.com Jump…
-
Relief for European Commission as court upholds EU Data Privacy Framework agreement with US
ex post judicial oversight by the [US Data Protection Review Court],” the judgment said.A key issue is whether the agreement achieves ‘adequacy’, the extent to which US laws offer the same level of protection as EU equivalents.”Today’s EU General Court judgement will bring relief and reassurance to the thousands of US companies and their European…
-
The Full Lifecycle Imperative: Why >>Shift Left<>Shift Right<<
Tags: access, ai, api, attack, authentication, automation, business, cloud, compliance, data, detection, framework, governance, HIPAA, mitre, nist, PCI, risk, siem, strategy, threat, tool, vulnerability, wafIn this series, we examined the vital connection between AI and APIs, highlighting what makes a leader in the API security market through the 2025 KuppingerCole Leadership Compass. Now, we turn to the core strategy of true API security: the full-lifecycle approach, where security is a continuous, integrated process rather than a single action. The…
-
Hackers use new HexStrike-AI tool to rapidly exploit n-day flaws
Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit newly disclosed n-day flaws. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-use-new-hexstrike-ai-tool-to-rapidly-exploit-n-day-flaws/
-
Indirect Prompt Injection Attacks Against LLM Assistants
Tags: attack, automation, control, data, disinformation, email, framework, google, injection, LLM, malicious, mitigation, mobile, phishing, risk, risk-assessment, threat, toolReally good research on practical attacks against LLM agents. “Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous” Abstract: The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware”, maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of…
-
Empire Red Teaming Tool Updated With Enhanced Agents and API Support
The BC-SECURITY team has released a major update to its flagship offensive security framework,Empire, introducing enhanced agent capabilities and comprehensive API support designed to streamline post-exploitation operations and adversary emulation for Red Teams and penetration testers worldwide. Enhanced Features Drive Advanced Operations Empire’s latest iteration showcases aserver/client architectureengineered for multiplayer support, enabling distributed teams to…
-
MobSF Vulnerability Allows Attackers to Upload Malicious Files
Tags: application-security, cyber, exploit, flaw, framework, malicious, mobile, open-source, vulnerabilityCritical security flaws discovered in Mobile Security Framework (MobSF) version 4.4.0 enable authenticated attackers to exploit path traversal and arbitrary file write vulnerabilities, potentially compromising system integrity and exposing sensitive data. Two significant vulnerabilities have been identified in the popular Mobile Security Framework (MobSF), a widely-used open-source mobile application security testing platform. The flaws, tracked…
-
Agentic AI: A CISO’s security nightmare in the making?
Tags: access, ai, antivirus, api, attack, automation, ciso, compliance, cybersecurity, data, defense, detection, email, endpoint, exploit, framework, governance, law, leak, malicious, malware, open-source, privacy, risk, service, strategy, supply-chain, tool, vulnerabilityFree agents: Autonomy breeds increased risks: Agentic AI introduces the ability to make independent decisions and act without human oversight. This capability presents its own cybersecurity risk by potentially leaving organizations vulnerable.”Agentic AI systems are goal-driven and capable of making decisions without direct human approval,” Joyce says. “When objectives are poorly scoped or ambiguous, agents…
-
Can AI agents catch what your SOC misses?
A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the framework brings … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/02/netmoniai-open-source-soc-ai-driven-network-defense/
-
South Korea AI Act
What is the South Korea AI Act? South Korea’s Framework Act on the Development of Artificial Intelligence and Creation of a Trust Foundation, often referred to simply as the AI Framework Act or the AI Basic Act, is the country’s landmark law on artificial intelligence. It was passed by the National Assembly in December 2024,……