A recently discovered .NET-based multi-stage loader has caught the attention of cybersecurity researchers due to its complex architecture and ability to deploy a range of malicious payloads on Windows systems. Tracked since early 2022 by Threatray, this loader employs a…
Author: wordpress
Barclays Introduces New Step-by-Step Model to Tackle Modern Fraud
Banks and shops are facing more advanced types of fraud that mix online tricks with real-world scams. To fight back, experts from Barclays and a security company called Threat Fabric have created a detailed model to understand how these…
One Click Is All It Takes: New Mac Malware Steals Your Data
A growing number of Mac users are being tricked into downloading harmful software through fake verification messages. These scams look like normal human checks, such as Google’s “I’m not a robot” box, but are actually part of a malware…
Audio and Video Chat Recording Could Be Part of Nintendo Switch 2
Audio and Video Chat Recording Could Be Part of Nintendo Switch 2. In an official announcement from Nintendo, a new in-game communication system known as GameChat will be included in the Nintendo Switch 2 console, which is due…
iHeartMedia Cyberattack Exposes Sensitive Data Across Multiple Radio Stations
iHeartMedia, the largest audio media company in the United States, has confirmed a significant data breach following a cyberattack on several of its local radio stations. In official breach notifications sent to affected individuals and state attorney general offices…
Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. “Criminals targeted our customer support agents overseas,” the company said in a statement. “They used cash…
PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack
A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory This article has been indexed from www.infosecurity-magazine.com Read the original article: PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 5, 2025 to May 11, 2025)
📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. …
Customer Data Compromised in Dior Cyber Attack
Luxury fashion house Dior experienced a significant security incident when unauthorized external actors breached their customer database. According to the official notification, Dior immediately implemented containment protocols and engaged cybersecurity experts to investigate the intrusion. The breach exposed various categories…
Nucor Steel Manufacturer Halts Production After Cyberattack
Nucor Corporation, one of North America’s largest steel producers, has temporarily halted production at multiple facilities following a cybersecurity breach that compromised critical operational systems. The incident, disclosed in a May 15, 2025, SEC filing, marks one of the most…
Coinbase suffers data breach, gets extorted (but won’t pay)
Cryptocurrency exchange platform Coinbase has suffered a breach, which resulted in attackers acquiring customers’ data that can help them mount social engineering attacks, the company confirmed today by filing a report with the US Securities and Exchange Commission (SEC). The…
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
Node.js Vulnerability Enables Attackers to Crash Processes and Disrupt Services
Node.js project has released a critical security update addressing several vulnerabilities that could allow attackers to crash server processes and disrupt critical services. The security fixes, announced on May 14, 2025 by Node.js maintainer RafaelGSS, affect multiple release lines (LTS…
Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns
Artificial intelligence platform named Xanthorox has emerged as a potent new tool for cybercriminals, enabling the automated generation of phishing campaigns, malware, and hyperrealistic deepfakes. Unlike traditional dark-web tools restricted to hidden forums, Xanthorox’s developer openly advertises its capabilities on…
Enisa Launched New European Vulnerability Database to Strengthen Cybersecurity
European Union Agency for Cybersecurity (ENISA) has officially launched the European Vulnerability Database (EUVD), a groundbreaking platform designed to enhance digital security across the EU. Developed in accordance with the NIS2 Directive, the database is now operational and accessible to…
Snowflake CISO on the power of ‘shared destiny’ and ‘yes and’
Lessons learned from last year’s security snafu interview Being the chief information security officer at Snowflake is never an easy job, but last spring it was especially challenging.… This article has been indexed from The Register – Security Read the…
GitLab 18 increases developer productivity by integrating AI throughout the platform
GitLab launched GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year. Additionally, GitLab Premium customers can…
Dior Confirms Data Breach Affecting Customer Information
Dior confirmed a data breach compromising customer personal information, discovered on May 7 This article has been indexed from www.infosecurity-magazine.com Read the original article: Dior Confirms Data Breach Affecting Customer Information
IT Security News Hourly Summary 2025-05-15 15h : 12 posts
12 posts were published in the last hour 12:32 : Securing the Code: Building a Culture of Credential Protection in Dev Teams 12:32 : Interlock Ransomware Targeting Defense Contractors and Supply Chain Networks 12:32 : Chihuahua Stealer Exploits Google Drive…
Monitoringtool Dell PowerScale InsightIQ über zwei Wege angreifbar
Zwei Sicherheitslücken gefärhden Dell PowerScale InsightIQ. Aktuelle Versionen sind abgesichert. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Monitoringtool Dell PowerScale InsightIQ über zwei Wege angreifbar