After seven years of acting like normal add-ons, five popular Chrome and Edge extensions with millions of installs suddenly turned malicious. This article has been indexed from Malwarebytes Read the original article: “Sleeper” browser extensions woke up as spyware on…
Stealth RCE in Codex Exposes Developer Workflows
A Codex CLI flaw lets attackers turn simple repo files into hidden execution triggers. The post Stealth RCE in Codex Exposes Developer Workflows appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
University of Pennsylvania joins list of victims from Clop’s Oracle EBS raid
Ivy League school warns more than 1,400 people after attackers siphon data via zero-day The University of Pennsylvania has become the latest victim of Clop’s smash-and-grab spree against Oracle’s E-Business Suite (EBS) customers, with the Ivy League school now warning…
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
As we look at the remainder of 2025 and beyond, the pace and sophistication of cyber attacks targeting the financial sector show no signs of slowing. In fact, based on research from Check Point’s Q2 Ransomware Report, the financial cybersecurity…
Closing the Document Security Gap: Why Document Workflows Must Be Part of Cybersecurity
Organizations are spending more than ever on cybersecurity, layering defenses around networks, endpoints, and applications. Yet a company’s documents, one of the most fundamental business assets, remains an overlooked weak spot. Documents flow across every department, cross company boundaries, and…
ServiceNow to Acquire Identity Security Firm Veza
ServiceNow Inc. announced on Tuesday plans to acquire Veza in a move aimed at fortifying security for identity and access management. The acquisition will integrate Veza’s technology into ServiceNow’s Security and Risk portfolios, helping organizations monitor and control access to…
Security’s Next Control Plane: The Rise of Pipeline-First Architecture
For years, security operations have relied on monolithic architectures built around centralized collectors, rigid forwarding chains, and a single “system of record” where all data must land before action can be taken. On paper, that design promised simplicity and control.…
OAuth Isn’t Enough For Agents
OAuth is a broadly accepted standard. It’s used all over the internet. But as the usage of LLM agents continues to expand, OAuth isn’t going to be enough. In fact, relying on OAuth will be dangerous. We won’t be able…
Attackers Actively Exploiting Critical Vulnerability in King Addons for Elementor Plugin
On July 24th, 2025, we received a submission for a Privilege Escalation vulnerability in King Addons for Elementor, a WordPress plugin with more than 10,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative…
Iskra iHUB and iHUB Lite
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Iskra Equipment: iHUB and iHUB Lite Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to…
Industrial Video & Control Longwatch
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Industrial Video & Control Equipment: Longwatch Vulnerability: IMPROPER CONTROL OF GENERATION OF CODE (‘CODE INJECTION’) 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an…
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-336-01 Industrial Video & Control Longwatch ICSA-25-336-02 Iskra iHUB and iHUB Lite ICSMA-25-336-01 Mirion Medical EC2 Software NMIS…
Mirion Medical EC2 Software NMIS BioDose
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mirion Medical Equipment: EC2 Software NMIS BioDose Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Use of Client-Side Authentication, Use of Hard-coded Credentials 2. RISK EVALUATION Successful…
PostHog Details “Most Impactful” Security Breach as Shai-Hulud 2.0 npm Worm Spreads Through JavaScript SDKs
PostHog has described the Shai-Hulud 2.0 npm worm incident as “the largest and most impactful security incident” the company has ever faced, after attackers managed to push tainted versions of its JavaScript SDKs and attempted to automatically harvest developer…
Hackers Use Look-Alike Domain Trick to Imitate Microsoft and Capture User Credentials
A new phishing operation is misleading users through an extremely subtle visual technique that alters the appearance of Microsoft’s domain name. Attackers have registered the look-alike address “rnicrosoft(.)com,” which replaces the single letter m with the characters r and…
IT Security News Hourly Summary 2025-12-02 18h : 9 posts
9 posts were published in the last hour 17:2 : NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware 17:2 : 4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack 17:2 : Zafran Security Raises $60 Million in Series C…
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. This article has been indexed…
4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack
ShadyPanda spent years hiding inside Google-verified extensions before unleashing an RCE backdoor that compromised 4.3 million users. The post 4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…
Zafran Security Raises $60 Million in Series C Funding
The cybersecurity startup will use the investment to accelerate product innovation and global expansion. The post Zafran Security Raises $60 Million in Series C Funding appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Fortinet FortiWeb flaws found in unsupported versions of web application firewall
Security researchers raise new concerns after the company previously failed to issue prompt security guidance. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Fortinet FortiWeb flaws found in unsupported versions of web application…
Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24)
This week on the Lock and Code podcast, we revisit three stories about smart devices that want to collect more data than people may know. This article has been indexed from Malwarebytes Read the original article: Air fryer app caught…
A data breach at analytics giant Mixpanel leaves a lot of open questions
We sent over a dozen questions to Mixpanel’s CEO about the company’s data breach. Here’s what we want to know. This article has been indexed from Security News | TechCrunch Read the original article: A data breach at analytics giant…
Fortinet at AWS re:Invent 2025: Expanding What’s Possible in Cloud Security
At AWS re:Invent, Fortinet is proud to support several key AWS launches that make securing the cloud simpler, smarter, and more integrated than ever. This article has been indexed from Industry Trends & Insights Read the original article: Fortinet…
Europol nukes Cryptomixer laundering hub, seizing €25M in Bitcoin
Operation Olympia pulls Swiss servers offline and scoops up 12TB of data in latest crime infrastructure crackdown Law enforcement agencies in Germany and Switzerland have shut down cryptocurrency laundering platform Cryptomixer in Europe’s latest pushback against cybercrime infrastructure.… This article…