A recent Android update has marked a paradigm shifting change in how text messages are handled on employer-controlled devices. This means Google has introduced a feature called Android RCS Archival, which lets organisations capture and store all RCS, SMS,…
NATO Concludes Cyber Coalition Exercise in Estonia, Preparing for Future Digital Threats
NATO has wrapped up its annual Cyber Coalition exercise in Estonia after a week of intensive drills focused on protecting networks and critical infrastructure from advanced cyberattacks. More than 1,300 cyber defenders joined the 2025 exercise. Participants represented 29…
AI-Assisted Cyberattacks Signal a Shift in Modern Threat Strategies and Defense Models
A new wave of cyberattacks is using large language models as an offensive tool, according to recent reporting from Anthropic and Oligo Security. Both groups said hackers used jailbroken LLMs-some capable of writing code and conducting autonomous reasoning-to conduct…
Porsche outage in Russia serves as a reminder of the risks in connected vehicle security
Hundreds of Porsche cars in Russia became undrivable due to a malfunction in their factory-installed satellite security system, owners say. Hundreds of Porsche cars in Russia became undrivable after their factory-installed satellite security system malfunctioned, owners and dealers report. Drivers…
Cybersecurity News Weekly Newsletter – 29.7 Tbps DDoS Attack, Chrome 143, React2Shell Vulnerabilities, and Cloudflare Outage
This week’s cybersecurity landscape featured a record-breaking 29.7 Tbps DDoS attack on a financial institution, leveraging IoT botnets and UDP floods that overwhelmed European networks until mitigated via BGP blackholing by Cloudflare and Akamai, highlighting the need for 5G device…
Beer Firm Asahi Not Entertaining Threat Actors After Cyberattack
Asahi denies ransom payment Japanese beer giant Asahi said that it didn’t receive any particular ransom demand from threat actors responsible for an advanced and sophisticated cyberattack that could have exposed the data of more than two million people. About…
IT Security News Hourly Summary 2025-12-07 15h : 1 posts
1 posts were published in the last hour 13:32 : Android Users Face New WhatsApp Malware Threat
Android Users Face New WhatsApp Malware Threat
Cybersecurity researchers at security firm Cleafy have issued a warning regarding a high risk malware campaign aimed at Android users via WhatsApp messages that could jeopardize users’ cryptocurrency wallets and bank information. The researchers tracked the threat as Albiriox, a new…
IT Security News Hourly Summary 2025-12-07 12h : 1 posts
1 posts were published in the last hour 11:2 : Growing Concerns Over Wi-Fi Router Surveillance and How to Respond
Growing Concerns Over Wi-Fi Router Surveillance and How to Respond
A new report from security researchers warns that a humble Wi-Fi router has quietly become one of the most vulnerable gateways into home and work in an era where digital dependency is becoming more prevalent each day. Despite being…
LockBit 5.0 Infrastructure Exposed in New Server, IP, and Domain Leak
LockBit 5.0 key infrastructure exposed, revealing the IP address 205.185.116.233, and the domain karma0.xyz is hosting the ransomware group’s latest leak site. According to researcher Rakesh Krishnan, hosted under AS53667 (PONYNET, operated by FranTech Solutions), a network frequently abused for…
Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Creative cybersecurity strategies for resource-constrained institutions In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach…
Hackers Launch Widespread Attacks on Palo Alto GlobalProtect Portals from 7,000+ IPs
In an escalating campaign targeting remote access infrastructure, threat actors have initiated active exploitation attempts against Palo Alto Networks’ GlobalProtect VPN portals. GrayNoise tracking activity report scans and exploitation efforts originating from more than 7,000 unique IP addresses worldwide, raising…
IT Security News Hourly Summary 2025-12-07 06h : 2 posts
2 posts were published in the last hour 5:2 : How Security Teams Can Turn AI Into a Practical Advantage 5:2 : Critical Vulnerabilities Found in React Server Components and Next.js
How Security Teams Can Turn AI Into a Practical Advantage
Artificial intelligence is now built into many cybersecurity tools, yet its presence is often hidden. Systems that sort alerts, scan emails, highlight unusual activity, or prioritise vulnerabilities rely on machine learning beneath the surface. These features make work faster,…
Critical Vulnerabilities Found in React Server Components and Next.js
Open in the wild flaw The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical security flaw affecting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog after exploitation in the wild. The flaw CVE-2025-55182 (CVSS score:…
Living off the Hypervisor – LOLPROX
Living off the land in Proxmox for red teams. Covers guest agent abuse, vsock tunnelling, disk access, and hypervisor persistence. LOLPROX This article has been indexed from ZephrSec – Adventures In Information Security Read the original article: Living off the…
LOLPROX – Through a Defender’s Eyes
Defending against LOLPROX, detect hypervisor compromise in Proxmox environments. This article has been indexed from ZephrSec – Adventures In Information Security Read the original article: LOLPROX – Through a Defender’s Eyes
Living off the Hypervisor – Proxmox
Living off the land in Proxmox for red teams. Covers guest agent abuse, vsock tunnelling, disk access, and hypervisor persistence. LOLPROX This article has been indexed from ZephrSec – Adventures In Information Security Read the original article: Living off the…
IT Security News Hourly Summary 2025-12-07 00h : 1 posts
1 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-12-06
IT Security News Daily Summary 2025-12-06
36 posts were published in the last hour 20:32 : Barts Health NHS Reveals Data Breach Linked to Oracle Zero-Day Exploited by Clop Ransomware 20:31 : Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data 18:2 : New…
Barts Health NHS Reveals Data Breach Linked to Oracle Zero-Day Exploited by Clop Ransomware
Barts Health NHS Trust has disclosed a significant data breach affecting patient and staff information after the Cl0p ransomware gang exploited a critical vulnerability in Oracle E-Business Suite software. The criminal syndicate stole files from an invoice database. It published…
Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data
A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket Threat Research Team have discovered two malicious software packages that impersonate popular Google tools. These fake packages, designed to trick…
New FvncBot Android Banking Attacking Users to Log Keystrokes and Inject Malicious Payloads
A dangerous new Android banking malware named FvncBot was first observed on November 25, 2025. This malicious tool is designed to steal sensitive financial information by logging keystrokes, recording screens, and injecting fake login pages into banking apps. The malware initially spreads…