Skip to main content
← All Tags

Cybersecurity

627 articles in this category (Page 23 of 27)

AI NewsCybersecuritySupply Chain Attacks

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

25,000+ GitHub repos compromised by Sha1-Hulud via npm preinstall scripts stealing cloud credentials.

Read more
AI NewsCybersecurityMalware

ShadowPad Malware Exploits WSUS Vulnerability for System Access

ShadowPad malware is actively exploiting CVE-2025-59287 in WSUS, leading to full system compromise of vulnerable servers.

Read more
AI NewsCybersecurityAI Ethics

Vision Language Models Keep an Eye on Physical Security

Vision language models now enhance physical security with real-time monitoring, as seen in Ambient.ai's Pulsar system.

Read more
AI NewsCybersecurityThreat Intelligence

Scale IR Tabletop Exercises — Best Practices & Steps to Build a Plan

This week’s cybersecurity recap details a record 15.72 Tbps DDoS attack mitigated by Microsoft and multiple 0-day exploits affecting Fortinet and Chrome.

Read more
AI NewsCybersecurityAPT

China-Linked APT31 Leverages Cloud Services in Stealthy Russian IT Attacks

APT31 conducted a multi-year espionage campaign against Russian IT firms, successfully exfiltrating data via cloud services like Yandex Cloud.

Read more
AI NewsCybersecurityVulnerability Management

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

CISA added CVE-2025-61757, a critical 9.8 CVSS-rated flaw in Oracle Identity Manager, to its KEV catalog due to active exploitation.

Read more
AI NewsCybersecurityMalware

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Matrix Push C2 exploits browser notifications for fileless phishing, priced at $150/month as malware-as-a-service.

Read more
AI NewsCybersecurityMalware

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

APT24's BADAUDIO malware compromised over 1,000 domains via supply chain attacks in a 3-year espionage campaign.

Read more
AI NewsCybersecurityInfrastructure

Cloudflare's One-Stop-Shop Convenience Takes Down Global Digital Economy

Cloudflare's 2025 outage disrupted 20% of global web traffic, exposing systemic risks of centralized infrastructure.

Read more
AI NewsCybersecurityAndroid

Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Google’s Quick Share now supports AirDrop, enhancing Android-iOS file sharing and blocking 115M fraud attempts in India.

Read more
AI NewsCybersecurityThreat Intelligence

6 Black Hat Laws: Cybersecurity's New Frontline Against Silent Attacks

A 2025 cybersecurity framework reveals how attackers exploit governance logic, not just code, to infiltrate enterprises.

Read more
AI NewsCybersecurityOAuth Security

Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity

Salesforce and Gainsight investigate OAuth abuse linked to ShinyHunters, impacting nearly 1,000 organizations.

Read more
AI NewsCybersecurityLegal

SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny

The SEC dismissed its case against SolarWinds after court rulings questioned allegations related to the 2020 APT29 supply chain attack.

Read more
AI NewsCybersecurityMobile Security

Sturnus Android Trojan Captures Encrypted Chats and Enables Device Hijacking

The Sturnus Android trojan bypasses encryption to steal chats from WhatsApp, Telegram, and Signal, impacting financial institutions in Southern and Central Europe.

Read more
AI NewsCybersecurityAI Frameworks

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

ShadowRay 2.0 leverages a 2-year-old Ray vulnerability (CVE-2023-48022) to hijack 230,500 exposed GPU clusters for cryptojacking and DDoS attacks.

Read more
AI NewsCybersecurityMalware

TamperedChef Malware Campaign Exploits Fake Installers for Persistent Access

TamperedChef malware infects 100K+ systems globally, targeting healthcare and manufacturing sectors via fake installers.

Read more
AI NewsCybersecurityPrivacy

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

Chinese spies exploit LinkedIn for political intel; 31,000 malicious browser extensions steal data.

Read more
AI NewsCybersecurityMalware

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

The Tsundere botnet is actively spreading via MSI and PowerShell installers, leveraging game-themed lures and an Ethereum-based C2 rotation system.

Read more
AI NewsCybersecurityMalware

EdgeStepper Implant Hijacks DNS to Deploy SlowStepper Malware

PlushDaemon leverages the EdgeStepper implant to redirect DNS queries, enabling malicious software updates and the deployment of SlowStepper malware.

Read more
AI NewsCybersecurityVulnerability

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Fortinet’s CVE-2025-58034 vulnerability (CVSS 6.7) is being exploited in the wild, requiring urgent patches.

Read more
AI NewsCybersecurityVulnerability

Hackers Actively Exploiting 7-Zip Vulnerability (CVE-2025-11001)

Active exploitation of 7-Zip CVE-2025-11001 allows remote code execution; update to version 25.00 is critical.

Read more
AI NewsDigital MarketingCybersecurity

Purchase Ancient Gmail Accounts Online for Marketing Success

Businesses are increasingly buying aged Gmail accounts to leverage established trust and bypass spam filters, resulting in higher engagement rates.

Read more
AI NewsCybersecurityVulnerability

NHS Alerts to Active Exploitation of 7-Zip Symbolic Link RCE (CVE-2025-11001)

The NHS initially warned of active exploitation of 7-Zip’s CVE-2025-11001, a symbolic link remote code execution vulnerability, before retracting the claim.

Read more
AI NewsCybersecurityMalware

Python-Based WhatsApp Worm Distributes Eternidade Stealer in Brazil

Eternidade Stealer, a Delphi-based banking trojan, is spreading via a Python-scripted WhatsApp worm campaign targeting Brazilian users.

Read more