access ai android api apple attack authentication backdoor breach business ceo china cisa cisco ciso cloud compliance conference control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach ddos defense detection email exploit finance flaw framework fraud germany google government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft network north-korea open-source password phishing privacy ransomware remote-code-execution risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
AI Safety Prompts Abused to Trigger Remote Code Execution
Researchers demonstrated how AI safety approval prompts can be manipulated to trigger remote code execution. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/ai-safety-prompts-abused-to-trigger-remote-code-execution/ also interesting: Vanna AI Prompt Injection Vulnerability Enables RCE 1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely Privacy Roundup: Week 4 of Year 2025 Critical Vulnerability…
-
Frogblight Malware Targets Android Users With Fake Court and Aid Apps
Kaspersky warns of ‘Frogblight,’ a new Android malware draining bank accounts in Turkiye. Learn how this ‘court case’ scam steals your data and how to stay safe. First seen on hackread.com Jump to article: hackread.com/frogblight-malware-android-fake-court-aid-apps/ also interesting: Privacy Roundup: Week 3 of Year 2025 Fraudulent Scholarship Apps Target Students in “Defarud” Scam Campaign Fraudulent Scholarship…
-
Conman and wannabe MI6 agent must repay £125k to romance scam victim
Tags: scamJudge says former most-wanted fugitive Mark Acklom will likely never return to the UK First seen on theregister.com Jump to article: www.theregister.com/2025/12/22/career_conman_and_wannabe_mi6/ also interesting: Travelers Targeted: Booking.com Phishing Scam Unveiled Challenging Times Remain Among the Ever-Evolving Email Landscape Changing the narrative on pig butchering scams Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
-
Judge rules that NSO cannot continue to install spyware via WhatsApp pending appeal
NSO Group had sought to stay the order pending a decision on its appeal in the case, which centers on allegations that it targeted 1,400 WhatsApp users with its powerful zero-click Pegasus spyware in 2019. First seen on therecord.media Jump to article: therecord.media/judge-rules-nso-cannot-continue-whatsapp-spyware also interesting: Paragon Graphite Spyware used a zero-day exploit to hack at…
-
Pirate activists have copied Spotify’s entire music library
Don’t give hacktivists what they really wantHacktivism’s reemergence explained: Data drops and defacements for social justiceLondon internet attack highlights confusing hacktivism movement First seen on csoonline.com Jump to article: www.csoonline.com/article/4110569/pirate-activists-have-copied-spotifys-entire-music-library.html also interesting: From Managing Vulnerabilities to Managing Exposure: The Critical Shift You Can’t Ignore Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns,…
-
Scammers use AI to make fake art seem real
Human-in-the-loop isn’t enough: New attack turns AI safeguards into exploitsAI startups leak sensitive credentials on GitHub, exposing models and training dataAI hallucinations lead to a new cyber threat: Slopsquatting First seen on csoonline.com Jump to article: www.csoonline.com/article/4110618/scammers-use-ai-to-make-fake-art-seem-real.html also interesting: Ransomware attacks: The evolving extortion threat to US financial institutions 9 things CISOs need know about…
-
CISA warns of continued threat activity linked to Brickstorm malware
Officials provided additional evidence showing its ability to maintain persistence and evade defenses. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-warns-of-continued-threat-activity-linked-to-brickstorm-malware/808499/ also interesting: 71% of CISOs hit with third-party security incident this year Cybersecurity Snapshot: AI Will Take Center Stage in Cyber in 2026, Google Says, as MITRE Revamps ATTCK Framework Cybersecurity Snapshot: Global Agencies…
-
AI security is fundamentally a cloud infrastructure problem, Palo Alto Networks says
Companies should prioritize identity security and integrate cloud monitoring into the SOC, according to the security firm. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-security-cloud-infrastructure-palo-alto-networks/808510/ also interesting: Threat intelligence platform buyer’s guide: Top vendors, selection advice 8 trends transforming the MDR market today Ransomware attacks: The evolving extortion threat to US financial institutions Beyond silos:…
-
Gesetzentwurf zu Vorratsdatenspeicherung: Neuer Anlauf für den digitalen Zombie
Die Regierung startet einen neuen Anlauf zur anlasslosen Speicherung von Verbindungsdaten. Die IT-Wirtschaft kritisiert die Pläne als unverhältnismäßig. First seen on golem.de Jump to article: www.golem.de/news/gesetzentwurf-veroeffentlicht-regierung-treibt-vorratsdatenspeicherung-voran-2512-203533.html also interesting: 5 ways boards can improve their cybersecurity governance How to evaluate and mitigate risks to the global supply chain UK Cybersecurity Weekly Update 2 March 2025 Microsoft…
-
Romanian water authority hit by ransomware attack over weekend
Romanian Waters (AdministraÈ›ia NaÈ›ională Apele Române), the country’s water management authority, was hit by a ransomware attack over the weekend. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanian-water-authority-hit-by-ransomware-attack-over-weekend/ also interesting: 3 Ways the UK Government Plans to Tighten Cyber Security Rules with New Bill Behind the Coinbase breach: Bribery emerges as enterprise threat Hundreds of Swedish municipalities…
-
Malicious npm package steals WhatsApp accounts and messages
A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-npm-package-steals-whatsapp-accounts-and-messages/ also interesting: Hackers impersonate DeepSeek to distribute malware Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak – P2…
-
125,000 WatchGuard Firewalls Vulnerable to Remote Attacks
A critical zero-day flaw is being actively exploited to remotely compromise more than 125,000 WatchGuard Firebox firewalls. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/125000-watchguard-firewalls-vulnerable-to-remote-attacks/ also interesting: Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting SonicWall Has ‘High Confidence’ Attacks Did Not Exploit Zero-Day Flaw Synack + Tenable: AI-Powered Partnership Translates…
-
WatchGuard Fixes Firewall Zero-Day Being Actively Exploited
Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS. Attackers are actively attempting to exploit a now patched, zero-day vulnerability in WatchGuard Firebox firewalls, tracked as CVE-2025-14733, that can be used to remotely execute code. Scans show that over 115,000 of these edge devices remain internet-connected, unpatched and at risk. First seen on…
-
Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.
Ukrainian Artem Stryzhak (35) pleaded guilty in the U.S. for Nefilim ransomware attacks; he was arrested in Spain in 2024, extradited in April 2025. A 35-year-old Ukrainian, Artem Aleksandrovych Stryzhak (35), pleaded guilty in the U.S. for Nefilim ransomware attacks. The Ukrainian citizen was arrested in Spain in 2024 and extradited to the US in…
-
Stealka Stealer: Fake-Roblox-Mods und Cheats plündern Krypto-Wallets
Stealka Stealer ist eine neue Windows-Malware, die sich als Roblox-Mod oder Cheat tarnt und Browserdaten sowie Krypto-Wallets plündert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/stealka-stealer-fake-roblox-mods-und-cheats-pluendern-krypto-wallets-324529.html also interesting: SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware North Korea’s OtterCookie…
-
Nefilim ransomware hacker pleads guilty to computer fraud
A Ukrainian national pleaded guilty in U.S. federal court to one charge stemming from attacks using Nefilim ransomware on companies in the U.S., Canada and Australia. First seen on therecord.media Jump to article: therecord.media/nefilim-ransomware-hacker-fraud also interesting: Russian hacking group targets critical infrastructure in the US, the UK, and Canada The most notorious and damaging ransomware…
-
FTAPI Secure Data Report 2025 – Mit Automatisierung Lücken schließen
Tags: dataFirst seen on security-insider.de Jump to article: www.security-insider.de/ftapi-secure-data-report-2025-sicherer-datenaustausch-a-12176084ad92a79f85c5b3699893cdcc/ also interesting: RisePro Stealer Attacks Windows Users Steals Sensitive Data Comprehensive Guide to Building a Strong Browser Security Program Ireland’s DPC Takes Twitter to Court Over AI User Data Concerns Gravy Analytics Hit by Cyberattack, Hackers Allegedly Stole data
-
Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access
Open-source server monitoring tool, Nezha, is being exploited by attackers for remote system control First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nezha-abused-post-exploitation/ also interesting: Why honeypots deserve a spot in your cybersecurity arsenal Detecting Remote Monitoring and Management Tools Used by Attackers Worm flooding npm registry with token stealers still isn’t under control From feeds…
-
University of Phoenix data breach impacts nearly 3.5 million individuals
The Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university’s network in August. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/university-of-phoenix-data-breach-impacts-nearly-35-million-individuals/ also interesting: Chipmaker Nexperia confirms breach after ransomware gang leaks data Interlock ransomware gang started leaking data allegedly stolen from…
-
Sicherheit von Large-Language-Models
Die Sicherheitsforscher von Check Point Software Technologies und der kürzlich akquirierten KI-Sicherheitsfirma Lakera fassen die Lage rund um die Sicherheit von Large-Language-Models zusammen. Über 60 Prozent der Angriffsversuche waren System-Prompt-Leakages, um die Verhaltensregeln des KI-Models zu testen und abzuleiten, wo sich Schwachstellen befinden. Die wichtigsten Ergebnisse daraus: 60 Prozent aller Angriffsversuche wollten ‘System Prompt Leakage”…
-
Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats
The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and evade detection. The Veriti Research team analyzed these chat logs, revealing our favorite exploits, security measures they bypass, and the defenses they fear most. Veriti Research analyzed these chat communications, exposing: Targeted Exploits:..…
-
DIG AI: New Darknet AI Platform Enhancing Capabilities of Cybercriminals
Resecurity has identified a dangerous new development in the underground cybercrime market, the rise of DIG AI. This uncensored artificial intelligence platform is rapidly gaining traction among threat actors, enabling them to automate malicious campaigns and bypass standard digital safety protocols. First detected on September 29, DIG AI is a >>dark LLM
-
Arcane Werewolf Hacker Group Expands Arsenal with Loki 2.1 Malware Toolkit
The cyber espionage group known as Arcane Werewolf (also tracked as Mythic Likho) has significantly upgraded its offensive capabilities, targeting Russian manufacturing enterprises with a new iteration of its custom malware. According to a report by BI.ZONE Threat Intelligence: campaigns observed in October and November 2025 reveal that the group has transitioned from the Loki…
-
Docker Releases Free, Production-Grade Hardened Container Images
Docker has released its production-grade hardened container images as a free, open-source offering, marking a significant shift in software supply chain security accessibility. The Docker Hardened Images (DHI), previously a commercial product, are now available under an Apache 2.0 license to all 26 million developers in the container ecosystem. The hardened images address the escalating…
-
Sleeping Bouncer Vulnerability Impacts Gigabyte, MSI, ASRock, and ASUS Motherboards
A critical firmware vulnerability affecting motherboards from major manufacturers including Gigabyte, MSI, ASRock, and ASUS has been discovered by Riot Games’ Vanguard anti-cheat team. The vulnerability, dubbed >>Sleeping Bouncer,
-
PoC Exploit Released for UseFree Vulnerability in Linux Kernel POSIX CPU Timers
A critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-free (UAF) vulnerability in the Linux kernel’s POSIX CPU timers implementation. The flaw was previously reported under limited, targeted exploitation in real-world Android…
-
Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component and was discovered by security researchers at HT3Labs. Vulnerability Overview The Brokering File System, introduced alongside Windows’ Win32 App Isolation feature…
-
SideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax Department
Zscaler Threat Hunting has identified a sophisticated espionage campaign targeting Indian entities through fraudulent >>Income Tax Department
-
Blind Eagle Hackers Target Government Agencies Using PowerShell Scripts
Tags: access, cyber, cyberattack, cybersecurity, email, government, group, hacker, phishing, powershell, spear-phishing, threatColombian government institutions are facing a sophisticated multi-stage cyberattack campaign orchestrated by the BlindEagle threat group, which leveraged compromised internal email accounts, PowerShell scripts, and steganography to deploy remote access trojans on target systems, according to Zscaler ThreatLabz researchers. The cybersecurity firm discovered the spear-phishing operation in early September 2025, revealing that BlindEagle targeted agencies…
-
Hacker-Gruppe Ink Dragon Cyberangriffe werden zur Infrastruktur
Check Point Software Technologies warnt vor der zunehmenden Aktivität der staatlich geprägten Gruppe Ink Dragon, die kompromittierte Systeme nicht nur als Ziel nutzt, sondern sie gezielt in ein verdecktes Relais-Netz einbindet, um weitere Operationen zu steuern und auszubauen. Das wichtigste in Kürze: Ink Dragon ist seit mindestens 2023 aktiv und richtet sich zunehmend gegen Regierungseinrichtungen,…
-
Cloud-Angriffsfläche wächst rasant durch KI
Die Verwendung von KI im Unternehmensalltag nimmt immer rasanter zu und führt zu einem beispiellosen Anstieg der Cloud-Sicherheitsrisiken. Um Unternehmen beim Kampf gegen diese eskalierenden Bedrohungen zu helfen, hat Palo Alto Networks seinen jährlichen ‘State of Cloud Security Report 2025″ veröffentlicht. Er zeigt, wie KI die Cloud-Angriffsfläche vergrößert. Die Cloud-Infrastruktur wird zu einem kritischen Angriffsziel,…
-
Zero Trust AI Security: The Comprehensive Guide to Next-Generation Cybersecurity in 2026
The traditional perimeter-based security model has become obsolete in today’s distributed digital environment. With 82% of organizations now operating in hybrid or multi-cloud infrastructures and remote work becoming the standard, the concept of a secure network boundary no longer exists. Zero Trust AI Security represents the evolution of cybersecurity strategy-combining the principles of zero trust…
-
Threat Detection Software: The Complete Guide to Protecting Your Digital Assets in 2026
The cybersecurity landscape in 2026 presents unprecedented challenges for organizations across all industries. With cybercrime damages projected to exceed $10.5 trillion annually, enterprises face sophisticated threats from attackers leveraging AI-powered tools, advanced persistent threats, and multi-vector attack strategies. Effective threat detection is no longer optional it is a critical business imperative for maintaining operational continuity…
-
Best of 2025: Scattered Spider Targets Aflac, Other Insurance Companies
Fresh off a series of recent attacks targeting major retail companies in the United States and the UK, the notorious Scattered Spider cybercrime group is now targeting insurance companies, and earlier this month apparently bagged a high-profile victim in Aflac. The intrusion in Aflac, which was detected June 12 when the insurance company’s security team..…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
How to Browse the Web More Sustainably With a Green Browser
As the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.Choosing a browser designed with First seen…
-
âš¡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most, firewalls, browser add-ons, and even smart TVs, turning small cracks into serious breaches.The real danger now isn’t just one major attack, but hundreds of quiet ones using the software and…
-
Infy Returns: Iran-linked hacking group shows renewed activity
Researchers report renewed activity by Iran-linked Infy (Prince of Persia), showing the hacking group remains active and dangerous after years of silence. SafeBreach researchers have spotted renewed activity from the Iran-linked APT group Infy, also known as Prince of Persia, nearly five years after its last known campaigns in Europe. SafeBreach warns the group remains…
-
How an LMS Cloud Model Supports Scalable Learning
There’s a new era for training and development programs, making the LMS (Learning Management System) cloud model the… First seen on hackread.com Jump to article: hackread.com/how-lms-cloud-model-supports-learning/ also interesting: 7 obsolete security practices that should be terminated immediately Black Hat 2025: Latest news and insights Rethinking identity for the AI era: CISOs must build trust at…
-
Hackers Abuse Popular Monitoring Tool Nezha as a Stealth Trojan
Cybersecurity firm Ontinue reveals how the open-source tool Nezha is being used as a Remote Access Trojan (RAT) to bypass security and control servers globally. First seen on hackread.com Jump to article: hackread.com/hackers-abuse-monitoring-tool-nezha-trojan/ also interesting: Top 7 zero-day exploitation trends of 2024 2025 Cybersecurity and AI Predictions 6 ways hackers hide their tracks Cybersecurity Snapshot:…
-
Around 1,000 systems compromised in ransomware attack on Romanian water agency
On-site staff keep key systems working while all but one region battles with encrypted PCs First seen on theregister.com Jump to article: www.theregister.com/2025/12/22/around_1000_systems_compromised_in/ also interesting: Chicago Children’s Hospital Says 791,000 Impacted by Ransomware Attack BlackLock Ransomware Strikes Over 40 Organizations in Just Two Months Kettering Health Confirms Interlock Ransomware Breach and Data Theft REvil Actor…
-
Romanian national water agency hit by BitLocker ransomware attack
Workstations and servers at Romania’s water agency have been disrupted by a ransomware incident, but officials said critical infrastructure was still operating normally. First seen on therecord.media Jump to article: therecord.media/romania-national-water-agency-ransomware-attack also interesting: Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps Cloud Security Stories: From Risky…
-
Think you can beat ransomware? RansomHouse just made it a lot harder
Tags: access, attack, backup, corporate, data, detection, encryption, endpoint, extortion, incident response, leak, monitoring, ransom, ransomware, strategy, updateRansomHouse attempts double extortion: Beyond the cryptographic update, RansomHouse leverages a double extortion model, which involves exfiltrating data and threatening public disclosure in addition to encrypting it, to add pressure on victims to pay.This layered pressure tactic, already a common feature of modern ransomware attacks, complicates incident response timelines and negotiating strategies for corporate security…
-
NHS Supplier Confirms Cyber-Attack, Operations Unaffected
DXS International, an official partner of NHS England, said the breach has not affected its operations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-nhs-supplier-confirms/ also interesting: More telecom firms were breached by Chinese hackers than previously reported Port of Seattle ‘s August data breach impacted 90,000 people China alleges US cyber espionage during the Asian…
-
WatchGuard Firebox firewalls under attack (CVE-2025-14733)
More than 115,000 internet-facing WatchGuard Firebox firewalls may be vulnerable to compromise via CVE-2025-14733, a remote code execution vulnerability actively targeted by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/22/watchguard-firebox-vulnerability-cve-2025-14733/ also interesting: Attackers exploit zero-day RCE flaw in Cleo managed file transfer Top 7 zero-day exploitation trends of 2024 China-Nexus Nation State Actors Exploit…