A Pune-based automobile parts manufacturer fell victim to a sophisticated man-in-the-middle (MITM) cyber attack, resulting in a loss of ₹2.35 crore. The 52-year-old director of the company filed an FIR with the cybercrime police station after discovering that fraudsters impersonating…
Author: IT Security News Bot
Retired US Air Force Employee Pleads Guilty for Sharing Military Secrets on a Dating App
A former U.S. Air Force employee has pleaded guilty to charges of sharing classified military information about Russia’s war in Ukraine through a dating application, according to federal court documents. David Franklin Slater, who worked as a civilian employee at…
RenderShock 0-Click Vulnerability Executes Payloads via Background Process Without User Interaction
A sophisticated zero-click attack methodology called RenderShock that exploits passive file preview and indexing behaviors in modern operating systems to execute malicious payloads without requiring any user interaction. Unlike traditional phishing campaigns that rely on users clicking malicious links or…
KongTuke Attacking Windows Users With New Interlock RAT Variant Using FileFix Technique
A sophisticated malware campaign leveraging the KongTuke threat cluster has emerged, targeting Windows users through a novel FileFix technique that deploys an advanced PHP-based variant of the Interlock remote access trojan (RAT). This represents a significant evolution from previous JavaScript-based…
New Forensic Technique Uncovers Hidden Trails Left by Hackers Exploiting Remote Desktop Protocol
Cybersecurity researchers have developed innovative forensic methods to track sophisticated attackers who exploit Remote Desktop Protocol (RDP) for lateral movement within enterprise networks. This breakthrough technique transforms what attackers believe to be stealthy operations into detailed digital footprints, providing incident…
Google Gemini Tricked Into Showing Phishing Message Hidden in Email
Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email. The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email appeared first on SecurityWeek. This article has been indexed from…
Google Gemini Bug Exploits Summaries for Phishing Scams
False AI summaries leading to phishing attacks Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Google…
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents:…
Umspannwerke: LiDAR-Überwachung für kritische Infrastrukturen
EG.D testet gemeinsam mit Hexagon eine LiDAR-basierte 3D-Überwachung für Umspannwerke. Ziel ist mehr Sicherheit für kritische Infrastrukturen in der EU. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Umspannwerke: LiDAR-Überwachung für kritische Infrastrukturen
Gigabyte UEFI Firmware Vulnerability Allows Code Execution in SMM Privileged Mode
Critical security vulnerabilities in Gigabyte motherboard firmware have been disclosed that allow attackers to execute arbitrary code in System Management Mode (SMM), the most privileged execution level on x86 processors. The flaws, identified by security researchers at Binarly REsearch, affect…
AI-Powered Ransomware and Malware Detection in Cloud Environments
Cloud platforms have become prime targets for ransomware and malware attacks, which can paralyze businesses by encrypting data or exfiltrating sensitive information. Traditional security tools such as signature-based antivirus and rule-based systems often struggle to detect advanced threats that mutate…
AI Shield: How Artificial Intelligence Protects Your Digital Life
Artificial intelligence, the unsung hero of modern cyber security, works tirelessly to protect our digital world. While AI’s creative capabilities are well-known, its most critical role is safeguarding data, privacy, and infrastructure from sophisticated cyber threats. As Albert Einstein wisely…
Cyber Security Starts with People: Smarter Training, Stronger Defense
Cyber threats are advancing rapidly, with over 75% of attacks starting via email. Traditional defenses alone are no longer sufficient, which is why SmartAwareness by Check Point, part of Infinity Global Services (IGS), offers a modern, AI-powered approach to security…
Elmo’s X account hacked to publish racist and antisemetic posts
A hacker compromised Elmo’s X account on Sunday and published abusive posts. This article has been indexed from Security News | TechCrunch Read the original article: Elmo’s X account hacked to publish racist and antisemetic posts
Global Louis Vuitton data breach impacts UK, South Korea, and Turkey
Louis Vuitton data breach affects customers in the UK, South Korea, Turkey, and possibly more countries, with notifications underway. Customers of French luxury retailer Louis Vuitton are being notified of a data breach affecting multiple countries, including the UK, South…
Telefónica Investigates Claims of Major Data Breach by Cybercriminal
An investigation has been conducted into a significant cybersecurity incident that occurred in 2025 at Telefónica, a global telecommunications company serving millions across Europe and Latin America. In addition to allegedly obtaining a considerable cache of confidential corporate data…
Stellar Cyber 6.0.0 enhances automation, workflow intelligence, and user experience
Stellar Cyber released version 6.0.0 of its award-winning open and unified SecOps Platform, introducing new AI-driven capabilities and workflow enhancements designed to propel organizations further along their journey to a human-augmented autonomous SOC. The 6.0.0 release builds on Stellar Cyber’s…
Blumira simplifies compliance reporting for IT teams and MSPs
Blumira launched new features and capabilities designed to help IT teams and managed service providers (MSPs) work smarter, reduce alert fatigue and simplify compliance reporting. With these updates, Blumira continues its mission to deliver security that adapts to the realities…
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to be leveraged by attackers soon. About CVE-2025-25257 CVE-2025-25257 is found in FortiWeb’s…
NCSC Urges Enterprises to Upgrade to Microsoft Windows 11 to Avoid Cyber Threats
The NCSC has warned that there are still a significant number of organizations using Windows 10, which will soon be unsupported with security updates This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Urges Enterprises to Upgrade…