Swapping QR codes in group invites and artillery targeting are latest ploys. Signal, as an encrypted messaging app and protocol, remains relatively secure. But Signal's growing popularity as a tool to circumvent
Published: 2025-02-19T21:21:06
XCSSET has been targeting Mac users since 2020. Microsoft said it has detected a new variant of XCSSET, a powerful macOS malware family that has targeted developers and users since at least 2020. The variant, wh
Published: 2025-02-18T21:04:55
Overlooked attack method has been used since last August in a rash of account takeovers. Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hija
Published: 2025-02-14T21:16:11
Two players who mostly worked independently are increasingly collaborative. There’s a growing collaboration between hacking groups engaging in espionage on behalf of nation-states and those seeking financial gai
Published: 2025-02-13T11:00:40
There's yet another way to inject malicious prompts into chatbots. In the nascent field of AI hacking, indirect prompt injection has become a basic building block for inducing chatbots to exfiltrate sensitive da
Published: 2025-02-11T22:13:42
Amount paid by victims to hackers declined by hundreds of millions of dollars. For much of the past year, the trail of destruction and mayhem left behind by ransomware hackers was on full display. Digital extort
Published: 2025-02-06T14:21:08
Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files. Researchers said they recently discovered a zero-day vulnerability in the 7-Zip archiving utility that was actively exploited as pa
Published: 2025-02-05T21:05:37
Supply chain attack targets developers using the Go programming language. A mirror proxy Google runs on behalf of developers of the Go programming language pushed a backdoored package for more than three years u
Published: 2025-02-05T12:25:55
Senator, Congressman tell DNI to threaten infosec agreements if Blighty won't back down US lawmakers want newly confirmed Director of National Intelligence Tulsi Gabbard to back up her tough talk on backdoors. They're urging her to push back on the U
Published: 2025-02-13T16:58:04
FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities "unforgivable defects , pointed to the presence of the holes in products from the l
Published: 2025-02-13T01:29:47
Users' sluggish migration of critical apps mean current deadline not workable, says analyst By 2030, 40 percent of SAP customers currently using its legacy ERP systems will still not have migrated to the latest software, prompting the business apps g
Published: 2025-02-12T11:46:13
Ring has announced its first outdoor security camera that supports 2K video at launch. Ring's outdoor cameras previously only supported 1080p video, but earlier this year, the Amazon-owned company released software updates upgrading its Floodlight Cam Pro and Spotlight Cam Pro with 2K capabilities. The new Ring Outdoor Cam Plus works in 2K video right […] 
Ring has announced its first outdoor security camera that supports 2K video at launch. Ring’s outdoor cameras previously only supported 1080p video, but earlier this year, the Amazon-owned company released software updates upgrading its Floodlight ...
Published: 2025-02-20T09:00:00
After launching several privacy-focused smartphones, Murena has released its first tablet. The French company customizes mobile devices with a version of Android called /e/OS that removes Google's apps and services so the search giant can t collect your data and personal info. The company is sticking with that familiar playbook for the Murena Pixel Tablet which […] 
After launching several privacy-focused smartphones, Murena has released its first tablet. The French company customizes mobile devices with a version of Android called /e/OS that removes Google’s apps and services so the search giant can’t collect...
Published: 2025-02-19T12:33:56
Chase Bank is going to make it harder to use Zelle for transactions stemming from social media. In an update to its policy on Zelle, Chase says it may decline or block payments related to purchases from social media marketplaces or messaging apps, as spotted earlier by Bleeping Computer. The new policy, which goes into […] 
Chase Bank is going to make it harder to use Zelle for transactions stemming from social media. In an update to its policy on Zelle, Chase says it may “decline or block” payments related to purchases from social media marketplaces or messaging apps...
Published: 2025-02-18T11:08:30
The paid search engine Kagi has added an even more private way to search. The new feature, called Privacy Pass, lets you make searches without having them traced back to you. Privacy Pass is based on an authentication protocol standardized by the Internet Engineering Task Force. It works by allowing users to authenticate themselves to […] 
The paid search engine Kagi has added an even more private way to search. The new feature, called Privacy Pass, lets you make searches without having them traced back to you. Privacy Pass is based on an authentication protocol standardized by the I...
Published: 2025-02-14T10:07:15
The open-source code repository Codeberg has blamed the far right for a recent campaign of abuse and harassment across its systems. Projects advocating tolerance and equal rights were subjected to spam campaigns using abusive messages, which escalated to spam emails sent to users via Codeberg's own automated systems. Codeberg says it stands strong against hate […] 
The open-source code repository Codeberg has blamed the far right for a recent campaign of abuse and harassment across its systems. “Projects advocating tolerance and equal rights” were subjected to spam campaigns using abusive messages, which esca...
Published: 2025-02-14T08:52:17
As Elon Musk and President Donald Trump have sought to gut and remake the federal government to their liking, federal workers have changed how they communicate with one another and with friends. They have locked down communication channels, migrated to new platforms, and what was once skepticism has grown into deep distrust not just […] 
As Elon Musk and President Donald Trump have sought to gut and remake the federal government to their liking, federal workers have changed how they communicate with one another and with friends. They have locked down communication channels, migrate...
Published: 2025-02-13T08:00:00
Apple released iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 today to address a zero-day exploit that might allow attackers to access data on a locked device. The update patches the OS against an attack on USB Restricted Mode, which Apple first implemented in devices with the release of iOS 11.4.1 in 2018, to prevent attempts […] 
Apple released iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 today to address a zero-day exploit that might allow attackers to access data on a locked device. The update patches the OS against an attack on USB Restricted Mode, which Apple first impl...
Published: 2025-02-10T14:31:49
Apple has reportedly been ordered by the UK government to create a backdoor that would give security officials access to users encrypted iCloud backups. If implemented, British security services would have access to the backups of any user worldwide, not just Brits, and Apple would not be permitted to alert users that their encryption was […] 
Apple has reportedly been ordered by the UK government to create a backdoor that would give security officials access to users’ encrypted iCloud backups. If implemented, British security services would have access to the backups of any user worldwi...
Published: 2025-02-07T07:55:54
Apple has advanced security features that you can enable to protect more of your data. Among other things, it includes highly secure end-to-end encryption for iCloud backups under the name Advanced Data Protection. This means that essentially only you can access the data stored in your iCloud device backup — Apple doesn’t have the key […] 
Apple has advanced security features that you can enable to protect more of your data. Among other things, it includes highly secure end-to-end encryption for iCloud backups under the name Advanced Data Protection. This means that essentially only ...
Published: 2025-02-07T07:51:46
Apps distributed through both Apple and Google's app stores are hiding malicious screenshot-reading code that's being used to steal cryptocurrency, the cybersecurity software firm Kaspersky reported today. It's the first known case of apps infected with malware that uses OCR tech to extract text from images making it into Apple's App Store, according to a […] 
Apps distributed through both Apple and Google’s app stores are hiding malicious screenshot-reading code that’s being used to steal cryptocurrency, the cybersecurity software firm Kaspersky reported today. It’s the “first known case” of apps infect...
Published: 2025-02-05T13:03:09
Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11,253,400 to settle allegations that HNFS falsely certified compliance with cybersecurity requirements under its Defense Health Agency (DHA) TRICARE
Published: 2025-02-20T13:47:21
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. [...]
Published: 2025-02-20T11:11:59
Large Language Models (LLMs) can provide many benefits to security professionals by helping them analyze logs, detect phishing attacks, or offering threat intelligence. Learn from Wazuh how to incorporate an LLM, like ChatGPT, into its open source s
Published: 2025-02-20T10:01:11
Microsoft has issued a security bulletin for a high-severity elevation of privilege vulnerability in Power Pages, which hackers exploited as a zero-day in attacks. [...]
Published: 2025-02-20T09:34:14
The Darcula phishing-as-a-service (PhaaS) platform is preparing to release its third major version, with one of the highlighted features, the ability to create do-it-yourself phishing kits to target any brand. [...]
Published: 2025-02-20T06:00:00
A previously undocumented ransomware payload named NailaoLocker has been spotted in attacks targeting European healthcare organizations between June and October 2024. [...]
Published: 2025-02-20T03:00:00
CISA and the FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations. [...]
Published: 2025-02-19T15:55:05
A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). [...]
Published: 2025-02-19T15:14:09
Genea, one of Australia's largest fertility services providers, disclosed that unknown attackers breached its network and accessed data stored on compromised systems. [...]
Published: 2025-02-19T12:40:32
Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in active attacks. [...]
Published: 2025-02-19T10:38:29
For years, defensive security strategies have focused on three core areas: network, endpoint, and email. Meanwhile, the browser, sits across all of them. This article examines three key areas where attackers focus their efforts and how browser-based
Published: 2025-02-19T10:02:12
Executive Summary Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders' resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors...
Published: 2025-02-11T20:00:00
Mobile devices have become the go-to for daily tasks like online banking, healthcare management, and personal photo storage, making them prime targets for malicious actors seeking to exploit valuable information. Bad actors often turn to publishing
Published: 2025-02-06T14:00:00
by Mark Olalde ProPublica is a nonprofit newsroom that
Published: 2025-02-14T05:00:00
Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. 
Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States ...
Published: 2025-02-18T18:37:26
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive ... 
Published: 2025-02-12T04:58:37
New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek&#... 
Published: 2025-02-06T21:12:30
5 cameras, 2-year battery, 1 low price Blink Outdoor 4 Security Cam (5-pack) is now $200.... 
Published: 2025-02-20T17:20:00
A painful loss for young company that's yet to generate revenue A NASDAQ-listed US minerals company says cybercriminals broke into its systems on Valentine's Day and paid themselves around $500,000 money earmarked for a vendor.
Published: 2025-02-20T16:44:51
Bugs fixed, updating to the latest version is advisable Security sleuths found two critical vulnerabilities in a third-party library that MongoDB relies on, which means bad guys can potentially steal data and run code.
Published: 2025-02-20T14:45:14
The latest in a long line of fraud stings worth billions each year Two men are in police custody after being arrested in connection with a July cryptocurrency fraud involving a man in his seventies.
Published: 2025-02-20T11:35:30
FBI and CISA issue reminder - deep sigh - about the importance of patching and backups The operators of Ghost ransomware continue to claim victims and score payments, but keeping the crooks at bay is possible by patching known vulnerabilities and some basic infosec actions, according to a joint advisory issued Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency.
Published: 2025-02-20T08:41:14
2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Exclusive HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless a substantial ransom is paid.
Published: 2025-02-20T07:34:12
That's the way the cookie melts A US Army soldier suspected of hacking AT&T and Verizon has admitted leaking online people's private call records.
Published: 2025-02-20T03:01:39
Hey, at least Katie Arrington brings a solid resume Donald Trump's nominee for a critical DoD cybersecurity role sports a resume that outshines many of his past picks, despite previously suspended security clearance.
Published: 2025-02-19T22:00:08
You can find out if your GitHub codebase is leaking keys ... but so can miscreants A free automated tool that lets anyone scan public GitHub repositories for exposed AWS credentials has been released.
Published: 2025-02-19T20:45:09
15GB of sensitive files traced back to former software biz Typically shoppers can expect to find tie-dye t-shirts, broken lamps and old disco records at flea markets, now it seems storage drives filled with huge volumes of sensitive data can be added to that list.
Published: 2025-02-19T13:01:37
Showbiz members' passport scans already plastered online A London talent agency has reported itself to the UK's data protection watchdog after the Rhysida ransomware crew last week claimed it had attacked the business, which represents luminaries of stage and screen.
Published: 2025-02-19T09:30:09
If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help An alleged security SNAFU that occurred during the Obama administration has finally been settled under the second Trump administration.
Published: 2025-02-19T01:14:11
If you want to avoid urgent patches, stop exposing management consoles to the public internet A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems.
Published: 2025-02-19T00:15:15
Because stealing your credentials, banking info, and IP just wasn't enough A new variant of Snake Keylogger is making the rounds, primarily hitting Windows users across Asia and Europe. This strain also uses the BASIC-like scripting language AutoIt to deploy itself, adding an extra layer of obfuscation to help it slip past detection.
Published: 2025-02-18T20:41:38
Called it an 'incident' in SEC filing, but encrypted apps and data exfiltration suggest Lee just can't say the R word US newspaper publisher Lee Enterprises is blaming its recent service disruptions on a "cybersecurity attack," per a regulatory filing, and is the latest company to avoid using the dreaded R word.
Published: 2025-02-18T17:00:16
Exploit code now available for MitM and DoS attacks Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released.
Published: 2025-02-18T15:30:06
Lions juggling chainsaws are fun to watch, but you wouldn't want them trimming your trees Opinion Nobody likes The Man. When a traffic cop tells you to straighten up and slow down or else, profound thanks are rarely the first words on your lips. Then you drive past a car embedded in a tree, surrounded by blue lights and cutting equipment. Perhaps Officer Dibble had a point.
Published: 2025-02-18T14:01:05
Devices containing crypto wallets tracked online, then in the real world Indian authorities seize loot from BitConnect crypto-Ponzi scheme Devices containing crypto wallets tracked online, then in the real world India's Directorate of Enforcement has found and seized over $200 million of loot it says are the proceeds of the BitConnect crypto-fraud scheme.
Published: 2025-02-18T05:29:09
Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert Microsoft says there's a new variant of XCSSET on the prowl for Mac users the first new iteration of the malware since 2022.
Published: 2025-02-17T13:43:08
PLUS: DOGE web design disappoints; FBI stops crypto scams; Zacks attacked again; and more! Infosec In Brief A security researcher has found that Google could leak the email addresses of YouTube channels, which wasn't good because the search and ads giant promised not to do that.
Published: 2025-02-17T02:25:06
PLUS: Pacific islands targeted by Chinese APT; China's new rocket soars; DeepSeek puts Korea in a pickle; and more Asia In Brief The head of Fujitsu's North American operations has warned that the Trump administration's tariff plans will be bad for business.
Published: 2025-02-16T23:59:13
El Reg shows you how to run Zyphra's speech-replicating AI on your own box Hands on Palo Alto-based AI startup Zyphra unveiled a pair of open text-to-speech (TTS) models this week said to be capable of cloning your voice with as little as five seconds of sample audio. In our testing, we generated realistic results with less than half a minute of recorded speech.
Published: 2025-02-16T18:58:09
'In 50 years, I think we'll view these business practices like we view sweatshops today' Interview It has been nearly a decade since famed cryptographer and privacy expert Bruce Schneier released the book Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World - an examination of how government agencies and tech giants exploit personal data. Today, his predictions feel eerily accurate.
Published: 2025-02-15T15:44:13
Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir Digital thieves quite possibly Kremlin-linked baddies have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.
Published: 2025-02-15T00:02:38
Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew updated Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.
Published: 2025-02-14T22:53:26
High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.
Published: 2025-02-14T14:19:59
Officer says mistakenly published police details were shared 'a considerable amount of times' Two suspected New IRA members were arrested on Tuesday and charged under the Terrorism Act 2000 after they were found in possession of spreadsheets containing details of staff that the Police Service of Northern Ireland (PSNI) mistakenly published online.
Published: 2025-02-14T12:12:16
Germany's Federal Cartel Office voices concerns iPhone maker may be breaking competition law Apple is feeling the heat over its acclaimed iPhone privacy policy after a German regulator's review of iOS tracking consent alleged that the tech giant exempted itself from the rules it enforces on third-party developers.
Published: 2025-02-14T09:28:08
Some employees steal sticky notes, others 'borrow' malicious code A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.
Published: 2025-02-14T02:19:39
Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks China's Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven devices linked to global telecom providers and other orgs, in addition to its previous victim count.
Published: 2025-02-13T18:34:07
Senator, Congressman tell DNI to threaten infosec agreements if Blighty won't back down US lawmakers want newly confirmed Director of National Intelligence Tulsi Gabbard to back up her tough talk on backdoors. They're urging her to push back on the UK government's reported order for Apple to weaken iCloud security for government access.
Published: 2025-02-13T16:58:04
Yet another cash grab from Kim's cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.
Published: 2025-02-13T12:00:12
Limited-edition hotfix to get wider release before end of month Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.
Published: 2025-02-13T07:21:10
'What are customers actually getting from resellers other than massive price markups?' asks Troy Hunt Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.
Published: 2025-02-13T04:59:12
FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities "unforgivable defects , pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.
Published: 2025-02-13T01:29:47
De-dupes some roles, hints others aren't needed as the infosec scene shifts Nine days after completing its $859 million acquisition of managed detection and response provider Secureworks, Sophos has laid off around six percent of its staff.
Published: 2025-02-13T00:34:57
GOP lawyer Sean Cairncross will be learning on the fly, as we also say hi to new intelligence boss Tulsi Gabbard President Trump has reportedly chosen a candidate for National Cyber Director another top tech appointee with no professional experience in that role.
Published: 2025-02-12T21:14:13
300+ US companies, 70+ individuals hit by the fraudsters An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.
Published: 2025-02-12T20:30:15
Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data Feature Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.
Published: 2025-02-12T19:30:12
'Near-global' initial access campaign active since 2021 An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.
Published: 2025-02-12T17:00:08
Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us? Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.
Published: 2025-02-12T13:29:34
Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins Patch Tuesday Microsoft's February patch collection is mercifully smaller than January's mega-dump. But don't get too relaxed some deserve close attention, and other vendors have stepped in with plenty more fixes.
Published: 2025-02-12T02:58:11
Numerous systemic vulnerabilities could scuttle $5.4T industry Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.
Published: 2025-02-11T23:44:07
Which is why Cisco is adding these Pensando DPUs to more switches Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.
Published: 2025-02-11T23:22:47
Rustaceans could just wait for unwelcoming C coders to slowly SIGQUIT... The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.
Published: 2025-02-11T22:15:48
These crooks have no chill A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, and also hijacks their cloud accounts to illegally mine for cryptocurrency.
Published: 2025-02-11T20:42:51
Huge if true: Brit Foreign Sec says Putin running a 'corrupt mafia state' One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of its key allies.
Published: 2025-02-11T18:26:07
Said to have asked search engine 'What are some signs that the FBI is after you?' An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.
Published: 2025-02-11T16:15:08
Remote position, webcam not working, then glitchy AI face ... Red alert! Twice, over the past two months, Dawid Moczad o has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP.
Published: 2025-02-11T14:01:12
Cupertino mostly uses bland language when talking security, so this sounds nasty Apple has warned that some iPhones and iPads may have been targeted by an extremely sophisticated attack and has posted patches that hopefully prevent it.
Published: 2025-02-11T01:58:06
Dark web site seized, four cuffed in Thailand updated An international police operation spanning the US, Europe, and Asia has shuttered the 8Base ransomware crew's dark web presence and resulted in the arrest of four European suspects accused of stealing $16 million from more than 1,000 victims worldwide.
Published: 2025-02-10T22:15:13
Google enables marketers to target people with serious illnesses and crushing debt against its policies as well as the makers of classified defense technology, a WIRED investigation has found.
Published: 2025-02-20T12:21:41
Breeze Liu has been a prominent advocate for victims. But even she struggled to scrub nonconsensual intimate images and videos of herself from the web.
Published: 2025-02-20T10:30:00
DOGE technologists Edward Coristine the 19-year-old known online as “Big Balls” and Kyle Schutt are now listed as staff at the Cybersecurity and Infrastructure Security Agency.
Published: 2025-02-20T01:59:54
Google warns that hackers tied to Russia are tricking Ukrainian soldiers with fake QR codes for Signal group invites that let spies steal their messages. Signal has pushed out new safeguards.
Published: 2025-02-19T11:00:00
At least eight ongoing lawsuits related to the so-called Department of Government Efficiency’s alleged access to sensitive data hinge on the Watergate-inspired Privacy Act of 1974. But it’s not airtight.
Published: 2025-02-18T21:50:14
Plus: Researchers find RedNote lacks basic security measures, surveillance ramps up around the US-Mexico border, and the UK ordering Apple to create an encryption backdoor comes under fire.
Published: 2025-02-15T11:30:00
The US Cybersecurity and Infrastructure Security Agency has frozen efforts to aid states in securing elections, according to an internal memo viewed by WIRED.
Published: 2025-02-15T03:07:33
Romance scams cost victims hundreds of millions of dollars a year. As people grow increasingly isolated, and generative AI helps scammers scale their crimes, the problem could get worse.
Published: 2025-02-13T11:00:00
Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms.
Published: 2025-02-13T05:00:00
A team Microsoft calls BadPilot is acting as Sandworm's “initial access operation,” the company says. And over the last year it's trained its sights on the US, the UK, Canada, and Australia.
Published: 2025-02-12T17:00:00
A Florida data broker told a US senator it obtained sensitive data on US military members in Germany from a Lithuanian firm, which denies involvement revealing the opaque nature of online ad surveillance.
Published: 2025-02-12T04:00:00
Services supporting victims of online child exploitation and trafficking around the world have faced USAID and State Department cuts and children are suffering as a result, sources tell WIRED.
Published: 2025-02-10T17:47:24
Swarms of weaponized unmanned surface vessels have proven formidable weapons in the Black and Red Seas. Can the US military learn the right lessons from it?
Published: 2025-02-10T10:30:00
Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more.
Published: 2025-02-08T11:30:00
The ACLU says it stands ready to sue for access to government records that detail DOGE’s access to sensitive personnel data.
Published: 2025-02-07T21:43:33
Experts question whether Edward Coristine, a DOGE staffer who has gone by “Big Balls” online, would pass the background check typically required for access to sensitive US government systems.
Published: 2025-02-06T07:30:20
The dismantling of USAID by Elon Musk's DOGE and a State Department funding freeze have severely disrupted efforts to help people escape forced labor camps run by criminal scammers.
Published: 2025-02-05T17:33:53
Ransomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars.
Published: 2025-02-05T13:00:00
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, Famous Chollima,
Published: 2025-02-20T19:07:00
A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved the exploitation of a new-patched security flaw
Published: 2025-02-20T16:51:00
The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. This is not an optional requirement as non-compliance may result in monetary
Published: 2025-02-20T16:51:00
A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation," the AhnLab SEcurity Intelligence Center (ASEC)
Published: 2025-02-20T16:42:00
For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchange for seamless internal and external communication, often integrating it deeply with their workflows, compliance policies and security frameworks
Published: 2025-02-20T15:30:00
Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions. The vulnerability, tracked as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0. It has been described as a case of improper privilege management that could
Published: 2025-02-20T10:06:00
Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below - CVE-2025-21355 (CVSS score: 8.6) - Microsoft Bing Remote Code Execution Vulnerability CVE-2025-24989 (CVSS score: 8.2) - Microsoft Power Pages Elevation of Privilege Vulnerability "
Published: 2025-02-20T09:59:00
Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app's legitimate 'linked devices' feature that enables Signal to be used on multiple
Published: 2025-02-19T22:29:00
A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of the year. "Typically delivered through phishing emails containing malicious attachments or links,
Published: 2025-02-19T18:15:00
The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) to offer virtual Chief Information Security Officer (vCISO) services delivering high-level cybersecurity leadership without the cost of a full-time hire. However, transitioning to vCISO services is not without its challenges
Published: 2025-02-19T16:30:00
Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month. Targets of the campaign include individuals and
Published: 2025-02-19T15:05:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below - CVE-2025-0108 (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS
Published: 2025-02-19T10:18:00
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below - CVE-2025-26465 (CVSS score: 6.8) - The
Published: 2025-02-18T21:04:00
The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,
Published: 2025-02-18T20:39:00
Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is a "threat actor that uses fake
Published: 2025-02-18T18:30:00
Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which analyzed over one million malware samples, there's been no significant surge, so far, in AI-driven attacks. Yes, adversaries are definitely continuing to innovate, and while AI will certainly start playing a
Published: 2025-02-18T17:50:00
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. "An Authentication Bypass Using an Alternate Path or
Published: 2025-02-18T17:48:00
The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster tracked by Trend Micro as Earth Freybug, which has been assessed to be a subset within the APT41
Published: 2025-02-18T15:22:00
Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. "This pass-back style attack leverages a vulnerability that allows a malicious actor to alter the MFP's configuration and cause the MFP
Published: 2025-02-18T12:34:00
Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that's capable of stealing sensitive payment information from online shopping sites. The attacks are known to
Published: 2025-02-18T10:56:00
Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies," the Microsoft Threat Intelligence team said in a post shared on X. "These enhanced features add to
Published: 2025-02-17T22:00:00
South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations. Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal Information Protection Commission (PIPC) said in a statement. The web service remains
Published: 2025-02-17T17:06:00
Cyber threats evolve has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management (CTEM) is the smart approach for proactive cybersecurity. This concise report makes a clear business case for why CTEM’s comprehensive approach is the best overall strategy for shoring up a business’s cyber defenses in the face of evolving attacks. It also
Published: 2025-02-17T16:30:00
Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. Threat of the Week Russian Threat Actors Leverage Device Code Phishing to Hack
Published: 2025-02-17T14:49:00
Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications. Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin. "The malware is compiled in Golang and once executed it acts like a backdoor," security researcher Leandro Fr es said in an analysis
Published: 2025-02-17T14:34:00
Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority. Users who attempt
Published: 2025-02-15T15:56:00
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. "If executed at scale, this attack could be used to gain access to thousands of accounts," Datadog Security Labs researcher Seth Art said in a report
Published: 2025-02-15T00:12:00
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that's associated with a profile named "
Published: 2025-02-14T23:58:00
Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: ‘As technology continues to evolve, so do cybercriminals' tactics.’ This article explores some of the impacts of this GenAI-fueled acceleration. And examines what
Published: 2025-02-14T16:30:00
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas
Published: 2025-02-14T15:57:00
The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their post-compromise strategy. "RansomHub has targeted over 600 organizations globally, spanning sectors
Published: 2025-02-14T15:47:00
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql. "An
Published: 2025-02-14T10:33:00
A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud. "The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a phishing link, leading them to
Published: 2025-02-13T20:43:00
A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail, TA427, and Velvet
Published: 2025-02-13T19:56:00
Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other? We invite you to our upcoming webinar, "Opening the Fast Lane for Secure Deployments." This isn’t another tech talk full of buzzwords it's a down-to-earth session that
Published: 2025-02-13T17:55:00
An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity. "During the attack in late 2024, the attacker deployed a distinct toolset that had
Published: 2025-02-13T17:28:00
AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences. No question AI benefits users, but it also brings new security challenges, especially Identity-related security
Published: 2025-02-13T16:30:00
Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is restricted to a jump box. "An authentication bypass in the Palo Alto Networks PAN-OS software enables an
Published: 2025-02-13T15:09:00
Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it tracks as REF7707. Some of the other targets include a telecommunications entity and a university,
Published: 2025-02-13T14:41:00
A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe. "This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations," the
Published: 2025-02-12T22:32:00
Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation protections and gain complete access to the underlying host. The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions - NVIDIA Container Toolkit (All
Published: 2025-02-12T19:34:00
CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren’t many resources to guide them on what their role should look like or what they should bring to these meetings. We’ve pulled together a framework for security leaders to help push AI teams and committees further in their AI adoption providing them with the
Published: 2025-02-12T16:50:00
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. "To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds rapport with a target before sending a
Published: 2025-02-12T16:13:00
Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild. Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity. This is aside from the 23 flaws Microsoft addressed in its Chromium-based Edge
Published: 2025-02-12T15:08:00
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy
Published: 2025-02-12T11:27:00
Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data," a spokesperson for
Published: 2025-02-11T20:43:00
Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality is that MFA sometimes feels
Published: 2025-02-11T19:00:00
Progress Software has addressed multiple high-severity security flaws in its LoadMaster software that could be exploited by malicious actors to execute arbitrary system commands or download any file from the system. Kemp LoadMaster is a high-performance application delivery controller (ADC) and load balancer that provides availability, scalability, performance, and security for business-critical
Published: 2025-02-11T17:22:00
Gcore’s latest DDoS Radar report analyzes attack data from Q3 Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained the most-targeted industry. This period’s findings emphasize the need for robust, adaptive DDoS
Published: 2025-02-11T16:55:00
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild. Assigned the CVE identifier CVE-2025-24200 (CVSS score: 4.6), the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber
Published: 2025-02-11T16:46:00
NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. Orange Cyberdefense CERT uncovered a malware campaign, tracked as The Green Nailao campaign, that targeted European organizations, including healthcare, in late 2024, using ShadowPad, PlugX, and the previously undocumented NailaoLocker ransomware. The Orange Cyberdefense CERT investigated four attackers with […]
Published: 2025-02-20T15:47:59
Microsoft addressed a privilege escalation vulnerability in Power Pages, the flaw is actively exploited in attacks. Microsoft has addressed two critical vulnerabilities, tracked as CVE-2025-21355 (CVSS score: 8.6) and CVE-2025-24989 (CVSS score: 8.2), respectively impacting Bing and Power Pages. CVE-2025-21355 is a missing authentication for critical Function in Microsoft Bing, an unauthorized attacker could exploit the flaw […]
Published: 2025-02-20T11:20:11
Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. The vulnerability is an improper privilege management that could allow attackers to escalate privileges […]
Published: 2025-02-20T10:46:51
Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474, to compromise PAN-OS firewalls. The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, an […]
Published: 2025-02-20T06:32:44
Russia-linked threat actors exploit Signal ‘s “linked devices” feature to hijack accounts, per Google Threat Intelligence Group. Google Threat Intelligence Group (GTIG) researchers warn of multiple Russia-linked threat actors targeting Signal Messenger accounts used by individuals of interest to Russian intelligence. The experts speculate that the tactics, techniques, and procedures used to target Signal will […]
Published: 2025-02-19T21:43:54
Venture capital firm Insight Partners suffered a cyberattack involving unauthorized access to its information systems. A cyber attack hit venture capital firm Insight Partners, threat actors gained unauthorized access to its information systems. Venture Capital (VC) is a form of private equity financing provided by firms or funds to startup, early-stage, and emerging companies, that […]
Published: 2025-02-19T14:45:27
Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions. The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities in OpenSSH. The first, tracked as CVE-2025-26465 (CVSS score: 6.8) can be exploited by an attacker to conduct an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is enabled. The […]
Published: 2025-02-19T12:10:24
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: Researchers recently warned that threat actors exploit a […]
Published: 2025-02-19T06:24:17
Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router. Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8), affecting its Session Smart Router product. “An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow a network-based […]
Published: 2025-02-18T22:30:07
China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing, […]
Published: 2025-02-18T16:10:38