A newly uncovered malicious Python package on PyPi, named ‘disgrasya’, has raised serious concerns after it was discovered exploiting WooCommerce-powered e-commerce sites to validate stolen credit card information. Before its removal, the package had been downloaded more than 34,000…
Category: EN
Researchers Unearth a Massive Data Leak Within Apollo Hospitals
For security analysts Akshay and Viral, a casual check of a healthcare system’s security quickly turned into a huge finding. The duo discovered a major data leak at Apollo Hospitals, one of India’s leading hospital networks. The breach first…
Cybercriminal Group’s Website Taken Over by Unknown Hacker
A criminal group known for using ransomware was recently caught off guard when its own website was tampered with. The website, which the gang normally uses to publish stolen data from their victims, was replaced with a short message…
BSidesLV24 – Breaking Ground – 14 Years Later, Proving Ground Is Proving Out. A Panel Discussion With PG Alumni And Staff
Authors/Presenters: Grant Dobbe, Daemon Tamer, Phil Young Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.…
Hackers Mimic Google Chrome Install Page on Google Play to Deploy Android Malware
Security researchers have uncovered a sophisticated malware campaign targeting Android users through fake Google Chrome installation pages. Cybercriminals have created deceptive websites hosted on newly registered domains that closely mimic the Google Chrome install page on the Google Play Store.…
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. This edition highlights emerging threats and the shifting dynamics of digital defenses. Key topics include advanced ransomware attacks…
Threat Actors Manipulate Search Results to Direct Users to Malicious Websites
The digital landscape has become increasingly perilous as cybercriminals develop sophisticated methods to manipulate search engine results, directing unsuspecting users to malicious websites. This dangerous trend exploits our habitual trust in search engines, where users often click on top results…
Threat Research is Broken – Security Teams Need Automation Now
The battle didn’t begin today, and it’s not ending anytime soon, as cyber threats are changing at a rate never seen before. Today, attackers are getting more and more creative,… The post Threat Research is Broken – Security Teams Need…
RansomHub Ransomware Group Compromised 84 Organization, New Groups Emerging
In a significant development within the cybersecurity landscape, the RansomHub ransomware group has emerged as a major threat in March 2025, successfully compromising 84 organizations globally. This newly prominent threat actor has quickly established itself as one of the most…
HelloKitty Ransomware Resurafced Targeting Windows, Linux, & ESXi Environments
Cybersecurity experts have detected a concerning revival of the HelloKitty ransomware, with new variants actively targeting Windows, Linux, and ESXi environments simultaneously. First observed in October 2020, HelloKitty has evolved from its origins as a DeathRansom ransomware fork, expanding its…
Dangling DNS Attack Let Hackers Gain Control Over Organization’s Subdomain
Cybersecurity experts have identified a growing threat vector where attackers exploit improperly configured or abandoned DNS records to hijack organizational subdomains. These “Dangling DNS” attacks occur when DNS records, particularly canonical name (CNAME) records, point to resources that no longer…
The Invisible Fingerprint in Code
Digital Traces in Code Every program contains characteristic patterns of its developers, starting with the choice of variable names and preferred programming paradigms. Some developers rely on iterative solutions using… The post The Invisible Fingerprint in Code appeared first on…
Europcar GitLab Breach Exposes Sensitive User Data and Configuration Files
A cybersecurity breach allegedly targeting Europcar has brought attention to vulnerabilities in corporate development platforms. A threat actor operating under the alias “Europcar” recently claimed on an underground forum that they had gained unauthorized access to the car rental…
New Sec-Gemini v1 from Google Outperforms Cybersecurity Rivals
A cutting-edge artificial intelligence model developed by Google called Sec-Gemini v1, a version of Sec-Gemini that integrates advanced language processing, real-time threat intelligence, and enhanced cybersecurity operations, has just been released. With the help of Google’s proprietary Gemini large…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 41
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by China’s…
Critical Patient Data Exposed: 1.6 Million Affected in Widespread Healthcare Cyber Attack
In a chilling reminder of the growing cyber threats to the healthcare industry, Laboratory Services Cooperative (LSC), a U.S. lab testing provider, confirmed a major data breach that compromised the personal and medical data of 1.6 million individuals. The October…
Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Symbolic Link trick…
Radiant Security Unveils Its Groundbreaking Adaptive AI SOC Platform
In an era where cybersecurity teams face overwhelming alert volumes, staff shortages, and ever-evolving threats, Radiant Security has introduced a transformative solution: the Adaptive AI SOC platform. This innovation promises to revolutionize how security operations centers (SOCs) operate, offering not…
Threat Actors Actively Attacking Semiconductor Companies With 0-Day Exploits
In a concerning development for the global technology supply chain, sophisticated threat actors have launched a coordinated campaign exploiting previously unknown vulnerabilities in critical semiconductor manufacturing systems. These zero-day exploits are enabling attackers to penetrate the networks of leading chip…
Threat Actors Use Email Bombing Attacks to Bypass Security Tools & Hide Activity
Email bombing attacks have emerged as a sophisticated technique in cybercriminals’ arsenals, designed to overwhelm targets’ inboxes while concealing more malicious activities beneath the flood of messages. These attacks involve sending hundreds or thousands of emails to victims within a…