Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface. This…
Category: EN
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. “The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files…
All SonicWall Cloud Backup Users Have Firewall Configuration Files Stolen
SonicWall said that a threat actor has accessed files containing encrypted credentials and configuration data for all customers who have used its cloud backup service This article has been indexed from www.infosecurity-magazine.com Read the original article: All SonicWall Cloud Backup…
ClayRat Spyware Campaign Targets Android Users in Russia
A new ClayRat spyware campaign has been observed targeting Russian users via fake apps on Telegram and exfiltrating data This article has been indexed from www.infosecurity-magazine.com Read the original article: ClayRat Spyware Campaign Targets Android Users in Russia
Researchers Warn of Security Gaps in AI Browsers
A new report from SquareX Labs highlights security weaknesses in AI browsers like Comet, revealing new cyber-risks This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Warn of Security Gaps in AI Browsers
1Password says it has a solution for AI agents leaking your passwords
Agentic browsing is the next big thing in AI, at least when you ask the likes of Microsoft, Google, Opera, Perplexity and others. It is an integrated AI that performs tasks on […] Thank you for being a Ghacks reader.…
GitHub Copilot Chat Flaw Leaked Data From Private Repositories
Hidden comments allowed full control over Copilot responses and leaked sensitive information and source code. The post GitHub Copilot Chat Flaw Leaked Data From Private Repositories appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In…
PoC Exploit Released For Nothing Phone Code Execution Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in the secure boot chain of the Nothing Phone (2a) and CMF Phone 1, potentially affecting other devices using MediaTek systems-on-a-chip (SoCs). The exploit, named Fenrir and published by…
Shuyal Stealer Attacking 19 Browsers to Steal Login Credentials
Shuyal Stealer has rapidly ascended as one of the most versatile credential theft tools observed in recent months. First detected in early August 2025, its modular architecture allows it to target an expansive range of web browsers, including Chromium-based, Gecko-based,…
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed…
EU Launches ‘Apply AI’ Strategy To Improve Competitiveness
European Commission says plan will push AI adoption across critical sectors including healthcare, defence, manufacturing This article has been indexed from Silicon UK Read the original article: EU Launches ‘Apply AI’ Strategy To Improve Competitiveness
Fake Teams Installers Dropping Oyster Backdoor (aka Broomstick)
Hackers are using fake Microsoft Teams installers found in search results and ads to deploy the Oyster backdoor. Learn how to protect your PC from this remote-access threat. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News,…
Hackers Targeting WordPress Plugin Vulnerability to Seize Admin Access
A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began within 24 hours of public disclosure, and over 13,800 exploit attempts have been blocked by…
Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day
The company said there is no evidence that confidential client data was stolen from its systems. The post Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Ready1 for Identity Crisis Management restores operations after identity breaches
Semperis released Ready1 for Identity Crisis Management, which combines its Active Directory Forest Recovery (ADFR), Disaster Recovery for Entra Tenant (DRET), and Identity Forensics and Incident Response (IFIR) services with its enterprise crisis management system, Ready1, to help organizations restore…
Ootbi Mini delivers zero trust, immutable data protection
Object First unveiled Ootbi Mini, a new compact immutable storage appliance designed for remote and branch offices, edge environments, and small businesses to ransomware-proof local Veeam backup data. Ootbi Mini is available in 8, 16, and 24 terabyte (TB) capacities…
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine
Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country’s State Service for Special Communications and Information Protection (SSSCIP) said. “Hackers now employ…
OpenAI, Anthropic Weigh Using Investor Funds To Pay Settlements
OpenAI, Anthropic reportedly consider using investor funds for payouts after finding insurers reluctant to foot bill for emerging risks This article has been indexed from Silicon UK Read the original article: OpenAI, Anthropic Weigh Using Investor Funds To Pay Settlements
PoC Released for Linux Kernel ksmbd Filesystem Vulnerability
Security researcher Norbert Szetei published the final installment of his deep-dive into the ksmbd filesystem module, culminating in a working proof-of-concept exploit targeting CVE-2025-37947. Unlike earlier use-after-free candidates that required complex race conditions or depended on external factors, this vulnerability…