A new ransomware variant known as PlayBoy Locker has emerged, targeting multiple operating systems including Windows, NAS, and ESXi. First discovered in September 2024, this malware initially operated as a Ransomware-as-a-Service (RaaS) platform, offering cybercriminals a versatile tool for their…
Category: EN
Hackers Abuse MailChimp Email Marketing Platform via Phishing, and Social Engineering Tactics
Hackers have launched sophisticated attacks targeting MailChimp, one of the most widely used email marketing platforms. These attacks leverage advanced phishing techniques and social engineering tactics to gain unauthorized access to corporate MailChimp accounts, potentially exposing sensitive subscriber data and…
9-Year-Old NPM Crypto Package Hijacked for Information Theft
Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
Palo Alto, USA, 28th March 2025, CyberNewsWire The post SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk first appeared on Cybersecurity Insiders. The post SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk appeared first on Cybersecurity Insiders. This…
AI Datasets Reveal Human Values Blind Spots
Artificial intelligence is being applied across every industry. Often, this takes place behind the scenes. However, consumers encounter AI daily, such as in the automated… The post AI Datasets Reveal Human Values Blind Spots appeared first on Panda Security Mediacenter.…
Russian Phishing Uses Fake CIA Sites to Target Anti-war, Ukraine Supporters
The phishing campaign is highly sophisticated! This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News Read the original article: Russian Phishing Uses Fake CIA Sites to Target Anti-war, Ukraine Supporters
Red Team Tactics Grow More Sophisticated with Advancements in Artificial Intelligence
A recent scoping review has revealed that red team tactics are becoming increasingly sophisticated as artificial intelligence (AI) technologies advance. The study, which analyzed 11 articles published between 2015 and 2023, identified a wide array of AI methods being employed…
In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked
Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced. The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared…
JFK and the Houthis: Haste Makes Waste of Security
Rather than simply exposing buried truths of the assassination, the final tranche of JFK files also exposed the personal information, including social security numbers, of a parade of people associated with the decades-long investigation, many of whom are still alive…
Trump CISA Cuts Threaten US Election Integrity, Experts Warn
Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump CISA Cuts Threaten…
Malicious Snow White Movie Download Targets Viewers with New Malware
As the latest adaptation of Snow White hits theaters with lukewarm reception, the absence of streaming options on platforms like Disney+ has led many viewers to seek pirated versions online. This trend is not new; every major movie release without…
VanHelsing Ransomware: What You Need To Know
What is the VanHelsing ransomware? First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation. Oh, so it’s a relatively new player on the malware scene, then. Why the concern? At least three victims of VanHelsing have already…
AIs as Trusted Third Parties
This is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third parties: Abstract: We often interact with untrusted parties. Prioritization of…
New Issuance Requirements Improve HTTPS Certificate Validation
HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation. The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: New Issuance Requirements…
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH
OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and avoiding any…
Morphing Meerkat PhaaS Platform Spoofs 100+ Brands
A PhaaS platform, dubbed ‘Morphing Meerkat,’ uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel This article has been indexed from www.infosecurity-magazine.com Read the original article: Morphing Meerkat PhaaS Platform Spoofs 100+…
Generative AI providers rewriting the rules of automated traffic – F5 report
Over half of page requests for web content are now automated as LLM scrapers take over Over a third of login attempts for the Technology industry are account takeover attacks Healthcare and Hospitality were the most targeted industries on web,…
GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries
A critical SQL injection vulnerability, tracked as CVE-2025-24799, has been identified in GLPI, a widely used open-source IT Service Management (ITSM) tool. The flaw, if exploited, enables remote, unauthenticated attackers to manipulate database queries, potentially leading to severe consequences such as data…
Hackers Exploit MailChimp Email Marketing Platform Using Phishing and Social Engineering Tactics
Cybercriminals are increasingly targeting MailChimp, a popular email marketing platform, through sophisticated phishing and social engineering attacks. Recent incidents reveal compromised accounts being used to exfiltrate subscriber lists, impersonate trusted brands, and launch secondary attacks. Attackers bypass multi-factor authentication (MFA)…
Keeper Unveils Latest WearOS App for Android
Keeper Security has unveiled its latest improvements to the Keeper WearOS app that accompanies their flagship password management solution. The upscaled app enhances security and ease for smartwatch users. The update aligns with Google’s latest Android guidelines, providing a more intuitive…