Cybersecurity

638 articles in this category (Page 24 of 27)

AI NewsCybersecurityMobile Security

Sturnus Android Trojan Captures Encrypted Chats and Enables Device Hijacking

The Sturnus Android trojan bypasses encryption to steal chats from WhatsApp, Telegram, and Signal, impacting financial institutions in Southern and Central Europe.

Nov 20, 2025

AI NewsCybersecurityAI Frameworks

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

ShadowRay 2.0 leverages a 2-year-old Ray vulnerability (CVE-2023-48022) to hijack 230,500 exposed GPU clusters for cryptojacking and DDoS attacks.

Nov 20, 2025

AI NewsCybersecurityMalware

TamperedChef Malware Campaign Exploits Fake Installers for Persistent Access

TamperedChef malware infects 100K+ systems globally, targeting healthcare and manufacturing sectors via fake installers.

Nov 20, 2025

AI NewsCybersecurityPrivacy

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

Chinese spies exploit LinkedIn for political intel; 31,000 malicious browser extensions steal data.

Nov 20, 2025

AI NewsCybersecurityMalware

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

The Tsundere botnet is actively spreading via MSI and PowerShell installers, leveraging game-themed lures and an Ethereum-based C2 rotation system.

Nov 20, 2025

AI NewsCybersecurityMalware

EdgeStepper Implant Hijacks DNS to Deploy SlowStepper Malware

PlushDaemon leverages the EdgeStepper implant to redirect DNS queries, enabling malicious software updates and the deployment of SlowStepper malware.

Nov 19, 2025

AI NewsCybersecurityVulnerability

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Fortinet’s CVE-2025-58034 vulnerability (CVSS 6.7) is being exploited in the wild, requiring urgent patches.

Nov 19, 2025

AI NewsCybersecurityVulnerability

Hackers Actively Exploiting 7-Zip Vulnerability (CVE-2025-11001)

Active exploitation of 7-Zip CVE-2025-11001 allows remote code execution; update to version 25.00 is critical.

Nov 19, 2025

AI NewsDigital MarketingCybersecurity

Purchase Ancient Gmail Accounts Online for Marketing Success

Businesses are increasingly buying aged Gmail accounts to leverage established trust and bypass spam filters, resulting in higher engagement rates.

Nov 19, 2025

AI NewsCybersecurityVulnerability

NHS Alerts to Active Exploitation of 7-Zip Symbolic Link RCE (CVE-2025-11001)

The NHS initially warned of active exploitation of 7-Zip’s CVE-2025-11001, a symbolic link remote code execution vulnerability, before retracting the claim.

Nov 19, 2025

AI NewsCybersecurityMalware

Python-Based WhatsApp Worm Distributes Eternidade Stealer in Brazil

Eternidade Stealer, a Delphi-based banking trojan, is spreading via a Python-scripted WhatsApp worm campaign targeting Brazilian users.

Nov 19, 2025

AI NewsCybersecurityAI Security

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts

Second-order prompt injection exploits ServiceNow agent discovery, enabling unauthorized data access and privilege escalation.

Nov 19, 2025

AI NewsCybersecurityPhishing

Sneaky 2FA Phishing Kit Employs BitB Pop-ups to Mimic Browser Address Bars

The Sneaky 2FA phishing kit now utilizes Browser-in-the-Browser (BitB) pop-ups, increasing the success rate of credential theft attacks.

Nov 19, 2025

AI NewsCybersecurityIoT Security

Operation WrtHug Exploits ASUS Router Flaws, Compromising 50,000+ Devices

Operation WrtHug exploits six ASUS WRT vulnerabilities to hijack over 50,000 end-of-life routers globally.

Nov 19, 2025

AI NewsCybersecurityIdentity Management

Beyond IAM Silos: Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Unified identity security fabric integrates IAM, governance, and threat response to protect all identities, addressing the 80% of breaches involving compromised credentials.

Nov 18, 2025

AI NewsCybersecuritySoftware Vulnerabilities

Google Patches Critical Chrome V8 Zero-Day CVE-2025-13223 Under Active Exploitation

Google addresses actively exploited Chrome V8 zero-day CVE-2025-13223 (CVSS 8.8) with urgent updates.

Nov 18, 2025

AI NewsCybersecurityThreat Intelligence

Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks

UNC1549, an Iranian threat actor, successfully breached 11 European telecom companies via a LinkedIn-based social engineering campaign.

Nov 18, 2025

AI NewsCloud SecurityCybersecurity

Securing Cloud Workloads and Infrastructure: Balancing Innovation with Identity and Access Control

A free webinar from CyberArk addresses the growing challenge of securing multi-cloud environments and mitigating identity risks.

Nov 18, 2025

AI NewsCybersecurityPrivacy

Meta Boosts WhatsApp Security Research with $4M in Bounties and New Proxy Tool

Meta increased WhatsApp security investment to $4M in bug bounties this year and released a new research proxy tool to address vulnerabilities impacting 3.5 billion users.

Nov 18, 2025

AI NewsCybersecurityNetwork Security

Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet

Microsoft neutralized a record 15.72 Tbps DDoS attack, the largest observed in the cloud, originating from the AISURU IoT botnet.

Nov 18, 2025

AI NewsCybersecurityThreat Intelligence

Researchers Detail Tuoni C2's Role in an Attempted 2025 Real-Estate Cyber Intrusion

Researchers uncovered a failed 2025 cyberattack on a US real estate firm utilizing the Tuoni C2 framework and steganographic payload delivery.

Nov 18, 2025

AI NewsCybersecurityMalware

Dragon Breath Exploits RONINGLOADER to Deploy Gh0st RAT

Dragon Breath threat actor leverages the RONINGLOADER to bypass security tools and deploy a modified Gh0st RAT, impacting Chinese-speaking users.

Nov 17, 2025

AI NewsCloud ComputingCybersecurity

Choosing a Cloud Network Security Solution for Enterprises

A 2025 report revealed 97% of organizations experiencing AI security incidents failed to secure access properly, highlighting the need for robust cloud network security.

Nov 17, 2025

AI NewsCybersecurityMalware

EVALUSION ClickFix Campaign Deploys Amatera Stealer and NetSupport RAT

A new EVALUSION campaign leverages ClickFix social engineering to deliver Amatera Stealer and NetSupport RAT, impacting users across multiple phishing attacks.

Nov 17, 2025