The original leak site that never sold out, never surrendered Obituary John Young, the co-founder of the legendary internet archive Cryptome, died at the age of 89 on March 28. The Register talked to friends and peers who gave tribute…
Category: EN
The US Is Building a One-Stop Shop for Buying Your Data
Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more. This article has been indexed from Security Latest Read the original…
Leader of Qakbot cybercrime network indicted in U.S. crackdown
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks. The U.S. authorities have indicted Russian national Rustam Gallyamov, the leader of the Qakbot operation, which infected over 700,000…
GitLab Duo Vulnerability Let Attack Inject Malicious link & Steal Source Code
A critical remote prompt injection vulnerability was uncovered in GitLab Duo, the AI-powered coding assistant integrated into GitLab’s DevSecOps platform. The vulnerability, disclosed in February 2025, allowed attackers to manipulate the AI assistant into leaking private source code and injecting…
184 Million Users’ Passwords Exposed From an Open Directory Controlled by Hackers
A massive cybersecurity breach has exposed 184 million login credentials in an unprotected database, marking one of the largest credential exposures discovered in recent years. Cybersecurity researcher Jeremiah Fowler uncovered the non-encrypted database containing 184,162,718 unique usernames and passwords totaling…
.Net Based Chihuahua Infostealer Exploit Google Drive Steals Browser Credentials and Crypto Wallets
A new .NET-based malware, dubbed Chihuahua Infostealer, has emerged as a significant threat to cybersecurity, targeting sensitive browser credentials and cryptocurrency wallet data. Discovered in April 2025, this multi-stage malware employs obfuscated PowerShell scripts and trusted cloud platforms like Google…
From English Literature to Cybersecurity: A Journey Through Blockchain and Security
LINKS: https://distrust.co/ – Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with Anton Levi from Distrust. Anton shares his unique…
Ransomware May Soon Target the Brain of Your Computer — Here’s What You Need to Know
Cyberattacks are evolving fast, and one of the biggest threats on the horizon is ransomware that doesn’t just take over your files but could directly attack your computer’s processor. Usually, ransomware blocks access to your files or system until…
Russian Cybercriminal Charged in $24 Million Qakbot Ransomware Scheme
The U.S. Department of Justice unsealed federal charges Thursday against Russian national Rustam Rafailevich Gallyamov, 48, for allegedly orchestrating one of the world’s most sophisticated malware operations that infected over 700,000 computers globally and facilitated devastating ransomware attacks. The Moscow-based…
Cyber Heads Up: “BadSuccessor”—A Critical Active Directory Privilege Escalation Vulnerability in Windows Server 2025
Overview: Akamai researchers have identified a significant privilege escalation vulnerability in Windows Server 2025, termed “BadSuccessor.” This flaw exploits the newly introduced delegated Managed Service Accounts (dMSAs) feature, allowing attackers to impersonate any Active Directory (AD) user, including domain administrators,…
Naukri exposed recruiter email addresses, researcher says
The recruiter website fixed the email address exposure earlier this week. This article has been indexed from Security News | TechCrunch Read the original article: Naukri exposed recruiter email addresses, researcher says
Offensive Threat Intelligence
CTI isn’t just for blue teams. Used properly, it sharpens red team tradecraft, aligns ops to real-world threats, and exposes blind spots defenders often miss. It’s not about knowing threats, it’s about becoming them long enough to help others beat…
184 Million Records Database Leak: Microsoft, Apple, Google, Facebook, PayPal Logins Found
The database’s exposure duration is unknown. Signs of infostealer malware were found, but no confirmed breach or misuse of user data, says cybersecurity researcher. This article has been indexed from Security | TechRepublic Read the original article: 184 Million Records…
GenAI Assistant DIANNA Uncovering New Obfuscated Malware
The cybersecurity landscape witnessed a significant milestone this February with the emergence of BypassERWDirectSyscallShellcodeLoader, a sophisticated malware specimen that represents the first documented case of large language model-generated malicious code being analyzed by an artificial intelligence security assistant. This groundbreaking…
Threat Actor Selling Burger King Backup System RCE Vulnerability for $4,000
A cybersecurity threat has emerged targeting one of the world’s largest fast-food chains, as a threat actor known as #LongNight has put up for sale remote code execution (RCE) access to Burger King Spain’s backup infrastructure for $4,000. The vulnerability…
Bypassing Zero-Trust Policies to Exploit Vulnerabilities & Manipulate NHI Secrets
A comprehensive security research demonstration has revealed how attackers can systematically undermine modern zero-trust security frameworks by exploiting a critical DNS vulnerability to disrupt automated secret rotation mechanisms. The research showcases a sophisticated attack chain that begins with crashing DNS…
Feel Protected: Advances in NHI Security Techniques
How Relevant is NHI Security in Today’s Cloud-Dependent Society? It is becoming increasingly clear that the safe management of Non-Human Identities (NHIs) and their secrets is critical. A comprehensive approach to securing these machine identities is no longer optional but…
Ensuring Stability with Robust NHI Strategies
Are Your Non-human Identities and Secrets Secure? The security of Non-Human Identities (NHIs) and their secretive credentials has proven to be an essential dimension of data management. NHIs, as machine identities, play a crucial role in businesses, especially those operating.…
Week in Review: Disabling Microsoft Defender, corrupted power inverters, bipartisan training bill
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System – check out George’s new book plus all his other achievements at…
Hackers Attacking macOS Users With Fake Ledger Apps to Deploy Malware
Cybercriminals are increasingly targeting cryptocurrency users through sophisticated malware campaigns that exploit the trust placed in cold wallet management applications. Since August 2024, threat actors have been distributing malicious clones of Ledger Live, the widely-used application for managing cryptocurrency through…