Tag: software
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor.Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, First seen on thehackernews.com…
-
Malicious Rust Crates Steal Solana and Ethereum Keys, 8,424 Downloads Confirmed
Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code.The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply chain…
-
Malicious Rust Crates Steal Solana and Ethereum Keys, 8,424 Downloads Confirmed
Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code.The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply chain…
-
JFrog entdeckt Shai-Hulud-Angriff: 164 kompromittierte npm-Pakete
Der Shai-Hulud-Angriff ist kein isoliertes Ereignis. Er ist Teil eines Musters, bei dem Angreifer die Diskrepanz zwischen der zentralen Bedeutung von Open-Source-Software und den begrenzten Ressourcen ihrer Maintainer ausnutzen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-entdeckt-shai-hulud-angriff-164-kompromittierte-npm-pakete/a42139/
-
Thales Named a Leader in the Data Security Posture Management Market
Tags: access, ai, attack, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, defense, detection, encryption, finance, GDPR, google, Hardware, identity, intelligence, law, microsoft, monitoring, network, office, privacy, regulation, resilience, risk, soc, software, strategy, technology, threat, toolThales Named a Leader in the Data Security Posture Management Market madhav Thu, 09/25/2025 – 06:15 Most breaches begin with the same blind spot: organizations don’t know precisely what data they hold, or how exposed it is. Value and risk sit side by side. Data Security Todd Moore – Global VP of Data Security Products…
-
Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software
Cisco addressed a high-severity zero-day in Cisco IOS and IOS XE Software that is being actively exploited in attacks in the wild. Cisco fixed an actively exploited zero-day, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE Software. The high-severity vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and…
-
AI coding assistants amplify deeper cybersecurity risks
Tags: access, ai, api, application-security, attack, authentication, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, data-breach, detection, fintech, flaw, governance, injection, leak, LLM, metric, open-source, programming, radius, risk, risk-management, service, software, startup, strategy, threat, tool, training, vulnerability‘Shadow’ engineers and vibe coding compound risks: Ashwin Mithra, global head of information security at continuous software development firm Cloudbees, notes that part of the problem is that non-technical teams are using AI to build apps, scripts, and dashboards.”These shadow engineers don’t realize they’re part of the software development life cycle, and often bypass critical…
-
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Tags: cisco, credentials, cve, dos, exploit, flaw, rce, remote-code-execution, service, software, vulnerabilityCisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances.The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it “after…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
SonicWall Issues Emergency Patch to Remove ‘OVERSTEP’ Rootkit Malware on SMA Devices
SonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This backdoor malware was discovered in older SMA firmware versions and can give attackers persistent access to affected devices. The new build, version 10.2.2.2-92sv, adds additional file checking to detect and…
-
SonicWall Issues Emergency Patch to Remove ‘OVERSTEP’ Rootkit Malware on SMA Devices
SonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This backdoor malware was discovered in older SMA firmware versions and can give attackers persistent access to affected devices. The new build, version 10.2.2.2-92sv, adds additional file checking to detect and…
-
A look inside 1,000 cyber range events and what they reveal about AppSec
Software powers almost every part of business, which means attackers have more chances than ever to exploit insecure code. A new report from CMD+CTRL Security looks at how … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/24/appsec-cyber-range-training/
-
Google DORA Research: Software Developers Use AI ‘Heavily’
Google’s State of AI-assisted Software Development Report 2025 reveals AI adoption increased, but trust in AI is still uneven. The post Google DORA Research: Software Developers Use AI ‘Heavily’ appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-dora-ai-report-2025/
-
Service Accounts in Active Directory: These OG NHIs Could Be Your Weakest Link
While non-human identities (NHIs) in cloud and SaaS operations may be getting lots of attention right now, securing your Active Directory service accounts can go a long way in reducing risk. Here are three steps you can take right now. Key takeaways Expect sprawl: Agentic AI and cloud native development accelerate non-human identity (NHI) growth. …
-
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems.The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of untrusted data that could result in code execution.…
-
Beware of Fake Online Speedtest Apps with Hidden JavaScript Code
These fake online speedtest applications prey on users seeking to measure their internet performance, yet they harbor hidden payloads that compromise system integrity and privacy. Much like the previously analyzed Fake Manual Reader and Finder software, these imposters leverage packers, obfuscated JavaScript, and persistence mechanisms to execute arbitrary code and exfiltrate sensitive data. On September…
-
GitHub Introduces npm Security with Stronger Authentication and Trusted Publishing
Open source software powers much of today’s technology, enabling developers around the world to build and share tools, libraries, and applications. However, the same openness that drives innovation also presents serious security challenges. Attackers regularly target package registries like npm to compromise accounts and inject malicious code. In response, GitHub has announced significant updates to…
-
Schwachstellen in versteckten Softwarepaketen und Installationsprogrammen finden
Diese Komplexität im modernen Softwaremanagement ist ein stetiger Quell für Cyberrisiken. Das Problem ergibt sich aus den unterschiedlichen Arten, wie Software auf modernen Betriebssystemen installiert und verwaltet wird. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/schwachstellen-in-versteckten-softwarepaketen-und-installationsprogrammen-finden/a42082/
-
European Airport Operations Disrupted by Ransomware
Passengers across Europe are facing another day of flight delays after a cyber-attack struck the company behind the check-in and boarding software used at many airports. London Heathrow, Brussels, Dublin and Berlin have been worst hit since Friday, when the attack first took hold. Automatic kiosks and bag-drop machines went offline, forcing airline staff to…
-
European Airport Operations Disrupted by Ransomware
Passengers across Europe are facing another day of flight delays after a cyber-attack struck the company behind the check-in and boarding software used at many airports. London Heathrow, Brussels, Dublin and Berlin have been worst hit since Friday, when the attack first took hold. Automatic kiosks and bag-drop machines went offline, forcing airline staff to…
-
Anton’s Security Blog Quarterly Q3 2025
Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, edr, google, governance, guide, metric, office, RedTeam, risk, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trustAmazingly, Medium has fixed the stats so my blog / podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify). Gemini for docs based on this blog Top 10 posts with the most…
-
European Airport Disruptions Caused by Ransomware: EU Cyber Office
The EU’s cybersecurity agency says the widespread disruptions at airports in Belgium, England, and Germany were the result of a ransomware attack on third-party on-boarding software from Collins Aerospace that was used at all three airports. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/european-airport-disruptions-caused-by-ransomware-eu-cyber-office/
-
Harness takes aim at AI ‘bottleneck’ with DevSecOps agents
The vendor’s new agentic features are included in products that already have a track record in AI-driven automation, as coding agents swamp software delivery pipelines. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366631493/Harness-takes-aim-at-AI-bottleneck-with-DevSecOps-agents
-
Harness takes aim at AI ‘bottleneck’ with DevSecOps agents
The vendor’s new agentic features are included in products that already have a track record in AI-driven automation, as coding agents swamp software delivery pipelines. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366631493/Harness-takes-aim-at-AI-bottleneck-with-DevSecOps-agents
-
New EDR-Freeze tool uses Windows WER to suspend security software
A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-edr-freeze-tool-uses-windows-wer-to-suspend-security-software/
-
LastPass: Fake password managers infect Mac users with malware
LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lastpass-fake-password-managers-infect-mac-users-with-malware/
-
Top 10 Best Cybersecurity Compliance Management Software in 2025
Cybersecurity compliance has become a mission-critical part of modern business operations. With the rise of data privacy laws, global regulations, and increasing cyber threats, organizations need reliable compliance management software to stay secure and audit-ready. The best compliance platforms streamline frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and more while automating workflows,…