Cybersecurity

638 articles in this category (Page 18 of 27)

AI NewsCybersecuritySoftware Supply Chain

Malicious npm Package 'lotusbail' Steals WhatsApp Data and Credentials

A fake WhatsApp API package on npm, downloaded over 56,000 times, intercepted messages, stole credentials, and linked attacker devices.

Dec 22, 2025

AI NewsCybersecurityVulnerability Management

Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

A critical zero-day vulnerability (CVE-2025-14733) in WatchGuard Firebox devices is under active exploitation, impacting nearly 125,000 IPs globally.

Dec 22, 2025

AI NewsCybersecurityMobile Security

Uzbek Users Under Attack by Android SMS Stealers

Telegram users in Uzbekistan are facing a surge in Android SMS-stealer malware attacks, with infection rates increasing due to improved distribution and obfuscation tactics.

Dec 22, 2025

AI NewsCybersecurityThreat Intelligence

Weekly Cybersecurity Recap: Exploited Flaws, AI Data Theft, and Emerging Botnets

This week's cybersecurity recap details a surge in exploited network flaws, AI data harvesting via browser extensions, and the rise of large-scale botnets like Kimwolf with 1.8 million Android TV devices.

Dec 22, 2025

AI NewsCybersecurityAPT

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Iranian APT Infy resurfaced after 5 years of inactivity, deploying updated Foudre and Tonnerre malware in a campaign targeting multiple countries.

Dec 21, 2025

AI NewsCybersecurityFinancial Crime

DOJ Charges 54 in $40.73M ATM Jackpotting Scheme Using Ploutus Malware

The DOJ indicted 54 individuals linked to the Tren de Aragua gang for ATM jackpotting attacks using Ploutus malware, resulting in $40.73 million in U.S. losses since 2021.

Dec 20, 2025

AI NewsCybersecurityMalware

CountLoader and GachiLoader Malware Spread via Cracked Software and YouTube

Researchers discovered a campaign distributing CountLoader, GachiLoader, and info stealers through cracked software and compromised YouTube videos, impacting an estimated 220,000 views.

Dec 19, 2025

AI NewsCybersecurityHardware

UEFI Flaw Enables Early-Boot DMA Attacks on Major Motherboard Vendors

A new UEFI vulnerability (CVEs 2025-14304, 2025-11901, 2025-14302, 2025-14303) allows attackers to perform DMA attacks before OS security loads.

Dec 19, 2025

AI NewsCybersecurityPhishing

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigerian authorities arrested the developer of RaccoonO365, a PhaaS toolkit responsible for the theft of at least 5,000 Microsoft credentials since July 2024.

Dec 19, 2025

AI NewsCybersecurityVulnerability Management

WatchGuard Fireware OS VPN Vulnerability Under Active Exploitation

WatchGuard addressed CVE-2025-14733, a critical 9.3 CVSS-rated Fireware OS VPN flaw, currently exploited in the wild.

Dec 19, 2025

AI NewsCybersecurityVulnerability Management

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

CISA added CVE-2025-59374, a critical ASUS Live Update vulnerability, to its KEV list due to active exploitation stemming from a 2019 supply chain attack.

Dec 18, 2025

AI NewsCybersecurityThreat Intelligence

China-Aligned LongNosedGoblin Deploys Espionage Malware via Windows Group Policy

ESET identifies LongNosedGoblin, a China-aligned threat group, leveraging Windows Group Policy and cloud services to conduct cyber espionage against Southeast Asian and Japanese government networks.

Dec 18, 2025

AI NewsCybersecurityVulnerability

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS

Cisco confirms an unpatched CVSS 10.0 zero-day in AsyncOS actively exploited to gain root access on email security appliances.

Dec 18, 2025

AI NewsCybersecurityMalware

Kimsuky Spreads DocSwap Android Malware via QR Phishing

North Korean group Kimsuky leverages QR code phishing sites disguised as CJ Logistics to distribute DocSwap Android malware, enabling remote access and data theft.

Dec 18, 2025

AI NewsCybersecurityVulnerability Management

HPE OneView Vulnerability Enables Unauthenticated Remote Code Execution (CVE-2025-37164)

HPE addressed a critical vulnerability in OneView Software (CVE-2025-37164) with a CVSS score of 10.0, allowing unauthenticated remote code execution.

Dec 18, 2025

AI NewsCybersecurityThreat Intelligence

North Korean Hackers Steal $2.02 Billion in Crypto in 2025

Chainalysis reports North Korea-linked hackers stole $2.02 billion in cryptocurrency during 2025, representing a 51% year-over-year increase.

Dec 18, 2025

AI NewsCybersecuritySaaS

The Case for Dynamic AI-SaaS Security as Copilots Scale

AI agent proliferation in SaaS creates dynamic data pathways, necessitating continuous monitoring and OAuth visibility to prevent potential security breaches.

Dec 18, 2025

AI NewsCybersecurityThreat Intelligence

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

This week's ThreatsDay Bulletin highlights a surge in threat actor adaptability, with a WhatsApp hijack campaign exploiting legitimate features and 1,000 exposed MCP servers leaking sensitive data.

Dec 18, 2025

AI NewsCybersecurityThreat Intelligence

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

APT28 sustained a phishing campaign for 10 months, from June 2024 to April 2025, exploiting UKR.net users to harvest credentials and 2FA codes.

Dec 17, 2025

AI NewsCybersecurityThreat Intelligence

Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time

Proactive SOCs leverage threat intelligence and contextual visibility to reduce alert noise and anticipate real threats, improving incident response times.

Dec 17, 2025

AI NewsCybersecurityBrowser Security

GhostPoster Malware Campaign Compromises 17 Firefox Add-ons

GhostPoster malware infiltrated 17 Firefox add-ons downloaded 50,000+ times, injecting malicious code for link hijacking and ad fraud.

Dec 17, 2025

AI NewsCybersecurityIoT

Kimwolf Botnet Compromises 1.8 Million Android TVs for Massive DDoS Attacks

The Kimwolf botnet infected 1.8 million Android TV devices and launched 1.7 billion DDoS commands, utilizing ENS to evade takedown efforts.

Dec 17, 2025

AI NewsCybersecurityThreat Intelligence

ForumTroll Phishing Campaign Targets Russian Scholars with eLibrary Lures

Kaspersky details ForumTroll attacks targeting Russian academics with personalized phishing emails disguised as eLibrary notifications, delivering Windows malware.

Dec 17, 2025

AI NewsCybersecurityVulnerability Management

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall addressed CVE-2025-40602, an actively exploited vulnerability enabling privilege escalation and potential root access on SMA 100 appliances.

Dec 17, 2025