Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the “Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user…
Category: EN
ClickFix Attacks Surge 517% in 2025
The ClickFix social engineering technique has become the second most common attack vector, behind only phishing, according to ESET research This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFix Attacks Surge 517% in 2025
US University Targeted by Androxgh0st Botnet Operators for C2 Logger Hosting
CloudSEK’s TRIAD team has made the shocking discovery that the Androxgh0st botnet is a persistent and dynamic cyberthreat. It has targeted a subdomain of the University of California, San Diego, specifically the “USArhythms” portal associated with the USA Basketball Men’s…
Chinese Hackers Deploying Pubload Malware by Weaponizing Tibetan Community Lures & Filenames
A sophisticated cyberattack campaign targeting the Tibetan community has emerged, with China-aligned threat actors deploying advanced malware through carefully crafted social engineering tactics. The campaign exploits culturally significant events and documents to lure victims into downloading malicious software, representing a…
Surge in Attacks Targeting MOVEit Transfer Systems – 100+ Unique IPs Used by Attackers
Researchers observed a significant increase in malicious scanning activity targeting MOVEit Transfer systems observed with over 682 unique IP addresses participating in coordinated reconnaissance and exploitation attempts over the past 90 days. The surge represents a significant shift from baseline…
CISA Warns of Vulnerabilities in ControlID iDSecure Software Allowing Authentication Bypass
CISA has issued a high-priority security advisory warning organizations about critical vulnerabilities in ControlID’s iDSecure On-premises vehicle control software. Released on June 24, 2025, the advisory highlights three severe security flaws that could allow attackers to bypass authentication mechanisms and…
IBM i Vulnerability Allows Let Attackers Escalate Privileges
A critical security vulnerability affecting multiple versions of IBM i that could allow attackers to escalate privileges through an unqualified library call in IBM Facsimile Support for i. The vulnerability, tracked as CVE-2025-36004, carries a high CVSS base score of…
Researchers Manipulated Windows Registry Using a C++ Program
Researchers demonstrated sophisticated Windows Registry manipulation techniques using a C++ program designed for red team operations. The research highlights critical vulnerabilities in how Windows systems handle registry modifications and presents both offensive capabilities and defensive strategies for cybersecurity professionals. Windows…
CISA Warns AMI BMC Vulnerability Exploited in the Wild
CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article has been…
Decrement by one to rule them all: AsIO3.sys driver exploitation
Cisco Talos uncovered and analyzed two critical vulnerabilities in ASUS’ AsIO3.sys driver, highlighting serious security risks and the importance of robust driver design. This article has been indexed from Cisco Talos Blog Read the original article: Decrement by one to…
Pornhub, Others To Introduce Age Checks By 25 July
Ofcom confirms that Pornhub and other adult websites will soon introduce age verification checks due to the UK’s Online Safety Act This article has been indexed from Silicon UK Read the original article: Pornhub, Others To Introduce Age Checks By…
Cybercriminals Use TeamFiltration Pentesting Framework to Breach Microsoft Teams, OneDrive, Outlook, and More
Proofpoint threat researchers have exposed an active account takeover (ATO) campaign, dubbed UNK_SneakyStrike, exploiting the TeamFiltration pentesting framework to target Microsoft Entra ID user accounts. Since December 2024, this malicious operation has impacted over 80,000 user accounts across hundreds of…
You should probably delete any sensitive screenshots you have in your phone right now. Here’s why
A new Trojan malware is targeting sensitive information, including crypto wallet seed phrases. This article has been indexed from Latest stories for ZDNET in Security Read the original article: You should probably delete any sensitive screenshots you have in your…
Outdated Routers: The Hidden Threat to Network Security, FBI Warns
When was the last time you updated your router? If you’re not sure, you’re not alone, and this uncertainty could pose a serious risk to your business. The FBI recently warned that malicious actors are targeting end-of-life (EOL) routers (network…
French Authorities Arrest Four with Suspected Ties to Notorious BreachForums
The hackers are also suspected of being behind several cyber-attacks, including against the French Football Federation This article has been indexed from www.infosecurity-magazine.com Read the original article: French Authorities Arrest Four with Suspected Ties to Notorious BreachForums
BreachForums: ShinyHunters Members Arrested, IntelBroker Identified as Kai West
Four alleged ShinyHunters members arrested, IntelBroker exposed as British national Kai West in global crackdown linked to BreachForums and major data breaches. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the…
CISA Issues Alert on Active Exploitation of D-Link Path Traversal Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert following evidence of active exploitation of a critical vulnerability (CVE-2024-0769) in legacy D-Link DIR-859 WiFi routers. The flaw, which enables attackers to gain unauthorized access and potentially…
U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet…
Androxgh0st Botnet Operators Exploiting US University For Hosting C2 Logger
The Androxgh0st botnet has significantly expanded its operations since 2023, with cybercriminals now compromising prestigious academic institutions to host their command and control infrastructure. This sophisticated malware campaign has demonstrated remarkable persistence and evolution, targeting a diverse range of vulnerabilities…
UK to buy nuclear-capable F-35As that can’t be refueled from RAF tankers
Aircraft meant to bolster NATO deterrent will rely on allied support to stay airborne The UK government is to buy 12 F-35A fighters capable of carrying nuclear weapons as part of the NATO deterrent, but there’s a snag: the new…