Tag: infrastructure
-
Gremlin Stealer Hides C2 and Exfiltration Paths in Encrypted Resources
A newly identified variant of the Gremlin stealer malware is leveraging advanced obfuscation techniques to conceal its command-and-control (C2) infrastructure and data exfiltration logic within encrypted .NET resource sections. This evolution highlights a significant shift toward stealth, modularity, and anti-analysis sophistication in modern infostealer campaigns. Its targets include browser-stored credentials, session tokens, cryptocurrency wallets, clipboard…
-
Senator presses CISA for answers about alleged GitHub repository leak
U.S. Senator Maggie Hassan (D-NH) sent a letter to the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday demanding answers about an alleged breach uncovered by cybersecurity reporter Brian Krebs involving government contractor Nightwing. First seen on therecord.media Jump to article: therecord.media/hassan-presses-cisa-github-leak
-
Certes Research Warns Legacy Systems Are Biggest Barrier to Quantum Security Readiness
Certes has released new research showing that many organizations remain unprepared for the security risks posed by quantum computing, despite growing awareness of the threat. According to the company’s Emerging PQC Imperative report, 78% of organizations believe legacy systems represent their biggest quantum security risk. The findings highlight growing concerns that outdated infrastructure and applications…
-
Void Botnet Leverages Ethereum for Resilient C2
A newly identified botnet, named Void, is leveraging Ethereum smart contracts to build a resilient, hard-to-disrupt command-and-control (C2) infrastructure, marking a continued evolution in blockchain-enabled cybercrime. Discovered in March 2026 and advertised on a Russian-language cybercrime forum, Void Botnet follows closely behind the earlier Aeternum C2 campaign documented by Qrator Labs, but introduces notable differences…
-
As AI costs spiral, Dell pitches return to on-premise datacentres
With agentic AI driving up public cloud consumption, Dell Technologies is pitching local and hybrid infrastructure to shield enterprises from soaring token costs First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643353/As-AI-costs-spiral-Dell-pitches-return-to-on-premise-datacentres
-
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Tags: android, control, cybersecurity, fraud, infrastructure, intelligence, malicious, malware, threatCybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users.The activity, per HUMAN’s Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud.”Users First seen on thehackernews.com Jump to…
-
Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool
Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-takes-down-fox-tempest/
-
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects
INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Middle East and North Africa, leading to 201 arrests and identifying 382 additional suspects. << A first-of-its-kind cybercrime operation in the MENA region has led to the arrest of 201 individuals, with a…
-
Chinese APT FamousSparrow Weaponizes Evolved Deed RAT Against Azerbaijani Energy Infrastructure
The post Chinese APT FamousSparrow Weaponizes Evolved Deed RAT Against Azerbaijani Energy Infrastructure appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/famoussparrow-deed-rat-azerbaijan-energy-exchange-vulnerability/
-
Microsoft Details Storm-2949 Cloud Attack on Azure and Microsoft 365
Tags: attack, breach, cloud, cyberattack, data, identity, infrastructure, intelligence, microsoft, service, theft, threatMicrosoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a large-scale breach of cloud infrastructure and sensitive enterprise systems. The campaign focused heavily on data theft from Microsoft 365 services, Azure-hosted production environments, and cloud storage resources, demonstrating how compromised identities can…
-
Dell Technologies Bets on AI Infrastructure
Dell Conference Speakers Say 67% of AI Innovation Is Running Outside the Cloud Dell predicts up to $4 trillion in AI infrastructure investment by 2030, with 67% of AI workloads are already run outside the cloud. If this estimate is even roughly correct, the idea that enterprise AI mainly exists in hyperscaler environments is more…
-
CISA Admin Reportedly Exposes AWS GovCloud Credentials in Public GitHub Repository
Tags: cisa, credentials, cyber, cybersecurity, data, data-breach, github, government, infrastructureA significant security lapse involving the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has come to light after a contractor reportedly exposed highly sensitive AWS GovCloud credentials in a public GitHub repository. The incident, disclosed by security researchers on May 15, 2026, is being described as one of the most serious government-related data exposures in…
-
AI infrastructure is cracking under sovereignty demands
AI deployments are moving into environments with tighter controls around data, infrastructure, and system operations. Organizations are building AI systems across multiple … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/19/ntt-sovereign-ai-strategy-report/
-
GSK: The AI-Driven Science Factory
AI Rebuilds $50B Pharma Giant’s Thinking, Plan Could Help Every Data-Driven Firm GSK is redesigning pharmaceutical research around AI, from data infrastructure to autonomous scientific agents. Its platforms accelerate hypothesis generation, imaging analysis and drug discovery workflows, offering CIOs a blueprint for enterprise-scale AI transformation in regulated industries. First seen on govinfosecurity.com Jump to article:…
-
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects.The initiative involved the efforts of 13 countries from the region between October 2025 and February 2026, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind these…
-
How geopolitical instability could reshape Gulf datacentre investments and sovereign AI strategies
Rising tensions are forcing hyperscalers, governments and investors to reassess risk, resilience and infrastructure strategies as the Gulf positions itself as a global AI powerhouse First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643123/How-geopolitical-instability-could-reshape-Gulf-datacentre-investments-and-sovereign-AI-strategies
-
How a government contest launched a revolution in AI-based bug hunting
Security researchers have spent months honing AI systems that can find and fix serious vulnerabilities. Critical infrastructure everywhere could benefit. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-vulnerability-discovery-darpa-challenge-critical-infrastructure/819494/
-
How a government contest launched a revolution in AI-based bug hunting
Security researchers have spent months honing AI systems that can find and fix serious vulnerabilities. Critical infrastructure everywhere could benefit. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-vulnerability-discovery-darpa-challenge-critical-infrastructure/819494/
-
Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blends custom tooling, cloud infrastructure, and stealthy data exfiltration. At the center of the operation is an Azure virtual machine (IP: 20.17.161.118) used to orchestrate attacks across government-linked networks. The infrastructure contained a wide range of…
-
Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely
A newly disclosed critical vulnerability in the Marimo Python notebook framework is raising serious alarms across the cybersecurity community, as it allows attackers to execute arbitrary commands remotely, without authentication. Tracked as CVE-2026-39987, the flaw exposes a WebSocket endpoint that can be abused to spawn a system-level shell, potentially leading to full infrastructure compromise. Marimo RCE…
-
Closing the Gap: The Regulatory and Structural Maturation of Digital Assets
Digital assets are reshaping global finance as institutions adopt regulated crypto infrastructure, stablecoins, and tokenized assets. First seen on hackread.com Jump to article: hackread.com/regulatory-structural-maturation-of-digital-assets/
-
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-42897 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that threat actors are…
-
SecurityScorecard Buys Driftnet for More Internet Visibility
Driftnet Acquisition Adds Real-Time Visibility Into Exposed Assets and AI Risks. SecurityScorecard acquired internet reconnaissance startup Driftnet to expand real-time visibility into hidden infrastructure, exposed assets and AI-driven third-party risks while strengthening threat hunting, attribution and internet-scale intelligence capabilities. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/securityscorecard-buys-driftnet-for-more-internet-visibility-a-31707
-
Anthropic Warns US Risks Losing AI Edge to China Over Chips
New Report Warns China Could Reach Frontier AI Near-Parity by 2028. Anthropic warned that weak chip export controls, model distillation and expanded Chinese access to advanced compute infrastructure could erode Washington’s frontier AI advantage and accelerate Beijing’s push toward near-parity in advanced AI systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/anthropic-warns-us-risks-losing-ai-edge-to-china-over-chips-a-31702
-
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB) First…
-
Cisco warns of an actively exploited SD-WAN flaw with max severity
Tags: access, advisory, cisco, cloud, control, cve, cvss, cybersecurity, data-breach, exploit, flaw, infrastructure, kev, malicious, mitigation, network, service, software, update, vulnerabilityroot user account,” Cisco said. “Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.”The issue, tracked as CVE-2026-20182, received a max-severity rating of CVSS 10.0. The company said that the issue is configuration-independent, meaning vulnerable systems remain exposed regardless of deployment-specific settings.Cisco…
-
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/15/stolen-iphone-unlocking-tools-telegram-groups/
-
Autonomous systems are finally working. Security is next
Security still runs at human speed: Despite advances in infrastructure, cloud and AI, the underlying workflow of security operations has not fundamentally changed. At its core, security still operates as a human-driven process: Alerts are generated, analysts investigate, context is assembled manually and decisions are made under pressure. This model was sufficient when environments were…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…