Tag: malicious

Cybersecurity Needs Satellite Navigation, Not Paper Maps

Jun 5, 2025 7:55 PM

Tags: access, ai, attack, automation, best-practice, breach, business, ceo, cloud, communications, computer, computing, cryptography, cyber, cyberattack, cybersecurity, data, data-breach, deep-fake, defense, encryption, endpoint, exploit, finance, firewall, framework, government, Hardware, healthcare, infrastructure, intelligence, Internet, leak, least-privilege, malicious, military, network, phishing, privacy, resilience, risk, saas, service, social-engineering, software, strategy, technology, threat, tool, vpn, vulnerability, zero-trust
WordPress Admins Cautioned About Fake Cache Plugin Stealing Admin Credentials

Jun 5, 2025 7:55 PM

Tags: credentials, cyber, detection, malicious, malware, wordpress

A newly identified malicious plugin, dubbed >>wp-runtime-cache,
#Infosec2025: Defenders and Attackers are Locked in an AI Arms Race

Jun 5, 2025 3:55 PM

Tags: ai, attack, government, malicious

Malicious actors are making more use of AI in attacks, even as governments look to boost AI investments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-arms-race-ai/
Microsoft launches European Security Program to counter nation-state threats

Jun 5, 2025 2:54 PM

Tags: access, ai, attack, blizzard, cloud, control, country, crime, crimes, cyber, cybercrime, cybersecurity, framework, google, government, group, infrastructure, intelligence, malicious, malware, microsoft, network, open-source, resilience, russia, service, strategy, threat, vulnerability

Three-component strategy: The European Security Program will operate through three main components designed to strengthen continental cyber defenses.The first element centers on enhanced threat intelligence sharing, where Microsoft will provide European governments with AI-enhanced, real-time insights into nation-state tactics.The company’s Digital Crimes Unit will expand intelligence sharing through the Cybercrime Threat Intelligence Program, giving European…
Supply chain attack hits RubyGems to steal Telegram API data

Jun 5, 2025 2:54 PM

Tags: ai, api, attack, communications, data, endpoint, exploit, Internet, malicious, network, open-source, privacy, risk, service, supply-chain, threat, tool

Risk may extend past the regional ban: The malicious packages (Gems) were published by the threat actor on May 24, 2025, three days after Vietnam’s Ministry of Information and Communications ordered a nationwide ban on Telegram and gave internet service providers until June 2 to report compliance.Apart from the timing, the aliases used by the…
Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem

Jun 5, 2025 2:54 PM

Tags: access, advisory, cve, cvss, cyber, flaw, malicious, unauthorized, vulnerability

Dell Technologies has issued a critical security advisory (DSA-2025-208) for its PowerScale OneFS operating system, addressing multiple vulnerabilities that could allow malicious actors to compromise affected systems. The most severe of these vulnerabilities, tracked as CVE-2024-53298, involves a missing authorization flaw in the NFS export functionality. This critical vulnerability, with a CVSS base score of…
VMware NSX XSS Vulnerability Exposes Systems to Malicious Code Injection

Jun 5, 2025 2:54 PM

Tags: advisory, attack, cve, cyber, firewall, injection, malicious, router, vmware, vulnerability, xss

Broadcom has issued a high-severity security advisory (VMSA-2025-0012) for VMware NSX, addressing three newly discovered stored Cross-Site Scripting (XSS) vulnerabilities: CVE-2025-22243, CVE-2025-22244, and CVE-2025-22245. These vulnerabilities impact the NSX Manager UI, gateway firewall, and router port components, exposing organizations to potential code injection attacks if left unpatched. The vulnerabilities, all stemming from improper input validation,…
Hackers Exploit New HTML Trick to Deceive Outlook Users into Clicking Malicious Links

Jun 5, 2025 2:54 PM

Tags: cyber, cybersecurity, email, exploit, finance, hacker, malicious, phishing

Cybersecurity researchers have encountered a cleverly crafted phishing email targeting Czech bank customers, employing a lesser-known but highly deceptive technique to bypass security mechanisms and trick users into clicking malicious links. At first glance, the email appears to be a standard phishing attempt, masquerading as a legitimate message from a Czech bank and urging recipients…
Critical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure

Jun 5, 2025 11:55 AM

Tags: access, cisco, cloud, cve, data, flaw, identity, infrastructure, malicious, microsoft, oracle, service, vulnerability

Cisco fixed a critical flaw in the Identity Services Engine (ISE) that could allow unauthenticated attackers to conduct malicious actions. A vulnerability tracked as CVE-2025-20286 (CVSS score 9.9) in cloud deployments of Cisco ISE on AWS, Microsoft Azure, and Oracle Cloud Infrastructure allows unauthenticated remote attackers to access sensitive data, perform limited administrative actions, modify…
#Infosec2025: Securing Endpoints is Still Vital Amid Changing Threats

Jun 5, 2025 10:54 AM

Tags: ai, endpoint, malicious, network, supply-chain, threat

Endpoint and network security is still essential, even as malicious actors turn to supply chains, identities and AI First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-securing-endpoints/
Outlook Users Targeted by New HTML-Based Phishing Scheme

Jun 5, 2025 9:54 AM

Tags: attack, corporate, cyber, email, exploit, finance, malicious, microsoft, phishing

A recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate users. The attack, initially appearing as a standard phishing attempt impersonating a Czech bank, leverages conditional HTML comments to display different content depending on the email client used to open the…
Securing Against Attacks: How WAF Rate Limiting Works

Jun 5, 2025 8:54 AM

Tags: api, application-security, attack, control, credentials, malicious, waf

Rate limiting plays a major role in application security, especially when it is about defending web applications from malicious bot attacks, credential stuffing, brute force attacks and excessive API calls. Rate limiting security ensures that systems function properly without overwhelming them. It controls the number of requests a client or a specific IP address can……
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI

Jun 5, 2025 8:54 AM

Tags: cisco, cloud, credentials, cve, cvss, exploit, flaw, identity, malicious, service

Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems.The security defect, tracked as CVE-2025-20286, carries a CVSS score of 9.9 out of 10.0. It has been described as a static credential…
When AI Turns Against Us FireTail Blog

Jun 5, 2025 12:54 AM

Tags: access, ai, breach, data, email, gitlab, google, healthcare, intelligence, leak, LLM, malicious, openai, risk, threat, training

Jun 04, 2025 – Lina Romero – Artificial Intelligence is the biggest development in tech of the 21st century. But although AI is continuing to develop at a breakneck pace, many of us still don’t understand all the risks and implications for cybersecurity. And this issue is only growing more complicated and critical. Now more…
UAE Central Bank Tells FIs to Drop SMS, OTP Authentication

Jun 5, 2025 12:54 AM

Tags: authentication, banking, compliance, email, finance, fraud, malicious, monitoring

Banking Sector Faces Challenges in Meeting March 2026 Compliance Deadline. The Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected. First seen on govinfosecurity.com Jump to…
Vishing Crew Targets Salesforce Data

Jun 4, 2025 11:54 PM

Tags: access, data, google, group, malicious

A group Google is tracking as UNC6040 has been tricking users into installing a malicious version of a Salesforce app to gain access to and steal data from the platform. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/vishing-crew-salesforce-data
Exploiting Clickfix: AMOS macOS Stealer Evades Security to Deploy Malicious Code

Jun 4, 2025 7:55 PM

Tags: cyber, exploit, infrastructure, Internet, macOS, malicious, social-engineering

A newly uncovered campaign involving an Atomic macOS Stealer (AMOS) variant has emerged, showcasing the evolving sophistication of multi-platform social engineering attacks. This campaign, discovered during routine attacker infrastructure analysis, leverages typo-squatted domains mimicking Spectrum, a prominent U.S.-based telecommunications provider offering cable television, internet, and managed services. By employing the Clickfix method, attackers deliver tailored…
Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards

Jun 4, 2025 7:55 PM

Tags: access, android, cyber, cybercrime, exploit, google, malicious, malware, service, threat

Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. These safeguards, rolled out in May 2022, were designed to prevent malicious applications from abusing accessibility services by blocking such access for sideloaded apps. However, cybercriminals have found ways to bypass these protections, leveraging sophisticated malware loaders and…
What TikTok’s virtual machine tells us about modern bot defenses

Jun 4, 2025 6:55 PM

Tags: defense, hacker, malicious, reverse-engineering

A recent Hacker News post looked at the reverse engineering of TikTok’s JavaScript virtual machine (VM). Many commenters assumed the VM was malicious, designed for invasive tracking or surveillance. But based on the VM’s behavior and string patterns, a more plausible explanation is that it’ First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/what-tiktoks-virtual-machine-tells-us-about-modern-bot-defenses/
Hackers abuse malicious version of Salesforce tool for data theft, extortion

Jun 4, 2025 5:55 PM

Tags: data, extortion, group, hacker, malicious, phishing, theft, threat, tool

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-abuse-salesforce-tool-extortion/749790/
Lumma Infostealer Developers Persist in Their Malicious Activities

Jun 4, 2025 5:55 PM

Tags: credentials, cyber, cybercrime, group, infrastructure, malicious, malware, microsoft, service, tool

A coordinated operation by Europol, the FBI, Microsoft, and other public and private sector partners targeted the Lumma infostealer, a prolific malware distributed via a malware-as-a-service (MaaS) model. Known for stealing credentials and being a tool of choice for notorious cybercriminal groups like Scattered Spider, Angry Likho, and CoralRaider, Lumma’s infrastructure faced significant disruption. Starting…
Attackers Impersonate Ruby Packages to Steal Sensitive Telegram Data

Jun 4, 2025 5:55 PM

Tags: attack, data, malicious, supply-chain

Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global supply chain reach. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-impersonate-ruby-packages-telegram-data
Malicious ‘Sleeper Agent’ Browser Extensions Infected 1.5 Million Users Globally

Jun 4, 2025 4:55 PM

Tags: cyber, cybersecurity, infrastructure, malicious, network, tool

LayerX, a cybersecurity firm, has uncovered a sophisticated network of malicious browser extensions, dubbed “sleeper agents,” that are currently installed on nearly 1.5 million devices worldwide. These extensions, masquerading as legitimate in-browser sound management tools, are built on a shared codebase and infrastructure, indicating a coordinated effort by a single developer or group. Despite their…
Widespread Campaign Targets Cybercriminals and Gamers

Jun 4, 2025 2:55 PM

Tags: cybercrime, github, hacker, malicious, sophos

Sophos has uncovered a scheme planting malicious code in 130+ GitHub repositories, targeting hackers and gamers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/campaign-targets-cybercriminals/
New Malware Attack Uses Malicious Chrome Edge Extensions to Steal Sensitive Data

Jun 4, 2025 1:55 PM

Tags: access, attack, browser, chrome, cyber, cybersecurity, data, google, malicious, malware, microsoft, strategy, tool

Cybersecurity experts from Positive Technologies’ Security Expert Center have uncovered a sophisticated malicious campaign dubbed >>Phantom Enigma,
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

Jun 4, 2025 1:55 PM

Tags: api, attack, crypto, data-breach, malicious, open-source, pypi, supply-chain, threat

Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems.The findings come from multiple reports published by Checkmarx, First seen on thehackernews.com…
APT37 Hackers Fake Academic Forum Invites to Deliver Malicious LNK Files via Dropbox Platform

Jun 4, 2025 1:55 PM

Tags: cyber, email, group, hacker, hacking, korea, malicious, north-korea, phishing, spear-phishing

The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues. Disguised as invitations to an academic forum hosted by a South Korean national security think tank, these emails cleverly referenced a real event titled “Trump 2.0 Era: Prospects and South Korea’s…
Threat Actors Abuse ‘Prove You Are Human’ System to Distribute Malware

Jun 4, 2025 10:54 AM

Tags: attack, captcha, cyber, exploit, malicious, malware, powershell, tactics, threat, windows

Threat actors have been found exploiting the ubiquitous >>Prove You Are Human
Hackers Exploit Ruby Gems to Steal Telegram Tokens and Messages

Jun 4, 2025 10:54 AM

Tags: attack, backdoor, cyber, exploit, hacker, malicious, programming, supply-chain

Researchers have unearthed a sophisticated supply chain attack targeting Ruby Gems, a popular package manager for the Ruby programming language. Malicious actors have infiltrated the ecosystem by embedding backdoors in seemingly legitimate gems, enabling them to steal sensitive Telegram tokens and private messages from unsuspecting developers and users. Uncovering a Sophisticated Supply Chain Attack This…
DollyWay World Domination Attack Compromises 20,000+ Sites

Jun 4, 2025 8:55 AM

Tags: attack, cyber, exploit, infection, malicious, vulnerability, wordpress

Since 2016, the “DollyWay World Domination” campaign has quietly compromised more than 20,000 WordPress websites worldwide, exploiting vulnerabilities in plugins and themes to redirect visitors to malicious destinations. The operation’s name comes from a telltale code string found in infected sites: phpdefine(‘DOLLY_WAY’, ‘World Domination’); DollyWay’s infection chain is highly sophisticated, employing a four-stage JavaScript and…