Cloudflare has unveiled a clientless, browser-based Remote Desktop Protocol (RDP) solution, expanding its Zero Trust Network Access (ZTNA) capabilities for secure Windows server access. This new offering, which follows the October 2024 release of short-lived SSH access, eliminates the need…
Category: EN
China’s Baidu Data Leak, Following Data Leak from User
Baidu, China’s leading search engine giant, has firmly denied allegations of an internal data breach after a controversial incident involving a senior executive’s teenage daughter. The company got involved in a data security incident, which prompted significant concerns about personal…
Google Account Hijackers Target Victims Via Semrush Ads
Threat actors are looking to compromise Google accounts to further malvertising and data theft This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Account Hijackers Target Victims Via Semrush Ads
A week in security (March 17 – March 23)
A list of topics we covered in the week of March 17 to March 23 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (March 17 – March 23)
Cloudflare Reveals AI Labyrinth to Counter Automated AI Attacks
Cloudflare has unveiled AI Labyrinth, an innovative platform designed to combat AI-powered bots that relentlessly crawl and scrape data from websites without permission. By employing AI-generated content, AI Labyrinth cleverly slows down and misdirects these bots, safeguarding legitimate websites while enhancing…
Cloak ransomware group hacked the Virginia Attorney General’s Office
The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. A cyberattack on the…
SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today
Quantum computing’s ability to break today’s encryption may still be years away—but security leaders can’t afford to wait. Forrester’s The Future of Quantum Security makes it clear: the transition to quantum-safe cryptography must start now. Related: Quantum standards come of…
New SvcStealer Malware Attacking Users To Steal Sensitive Data From Browsers & Apps
A sophisticated new information stealer dubbed SvcStealer 2025 has emerged, targeting sensitive user data through spear phishing email attachments. First observed in late January 2025, this malware harvests extensive personal and financial information from infected systems, including machine data, installed…
North Korea Launches New Military Based Research Center To Strengthen Hacking Capabilities
North Korean leader Kim Jong Un has ordered the establishment of a new cyber warfare research center, codenamed “Research Center 227,” under the military’s Reconnaissance General Bureau (RGB). This move, confirmed in late February 2025, signals a significant escalation in…
New VanHelsingRaaS Attacking Linux, BSD, ARM, and ESXi Systems
A new and rapidly evolving ransomware-as-a-service (RaaS) operation called VanHelsingRaaS has emerged in the cybercrime landscape. Launched on March 7, 2025, this sophisticated threat has already claimed three victims in less than two weeks, demanding ransoms of $500,000 paid to…
WordPress Plugin Flaw Exposes 200,000+ Sites at Risk of Code Execution
A critical security vulnerability has been discovered in the popular WordPress plugin, WP Ghost, which boasts over 200,000 active installations. This flaw, tracked as CVE-2025-26909, concerns an unauthenticated Local File Inclusion (LFI) vulnerability that could potentially lead to Remote Code…
How AI, corruption and digital tools fuel Europe’s criminal underworld
Europol has released its 2025 report on serious and organized crime in the EU. The EU Serious and Organised Crime Threat Assessment (EU-SOCTA) is based on intelligence from EU countries and global law enforcement. The findings are stark. Organized crime…
Tornado cash sanctions lifted, Russia Cloudflare outage, Microsoft Trust abused
U.S. Treasury lifts sanctions on Tornado Cash Web service outage in Russia due to reported Cloudflare block Microsoft Trust Signing service abused to code-sign malware Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust…
Tesla owners’ details doxxed online on a website called ‘dogequest’
There has been a data leak of Tesla owners. The details have been published on a website called ‘dogequest.’ The cybercriminals behind the website claim… The post Tesla owners’ details doxxed online on a website called ‘dogequest’ appeared first on…
Global Cybersecurity spending to reach $377 billion as cyber threats increase
Global cybersecurity spending is expected to rise significantly, reaching $377 billion in 2024, up from $305 billion in the previous year (2023-2024). This sharp increase in expenditure is closely tied to the growing complexity and frequency of cyber threats, which…
China’s Baidu Compromised in Data Leak, Affecting Users
Chinese tech giant Baidu has faced severe scrutiny after allegations emerged that a top executive’s teenage daughter had accessed and shared personal details of internet users online. The incident has raised significant concerns about data privacy and security at one…
Trump’s Aggression Sours Europe on US Cloud Giants
Companies in the EU are starting to look for ways to ditch Amazon, Google, and Microsoft cloud services amid fears of rising security risks from the US. But cutting ties won’t be easy. This article has been indexed from Security…
Oracle Has One Of The Largest Supply Chain Breaches: Cyber Security Today For March 24, 2025
In this episode of ‘Cybersecurity Today,’ host Jim Love covers several major cybersecurity events. A devastating breach at Oracle Cloud Infrastructure has exposed 6 million records affecting 140,000 businesses, linked to a threat actor known as Rose87168. The attack exploited…
Oracle Cloud denies data breach claims of 6 million data files leak
Oracle Cloud, the tech giant that has recently found itself in the spotlight due to a series of allegations concerning a potential data leak of over 6 million files, has firmly rejected claims made by a hacker known as ‘rose87168’.…
Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization
A severe vulnerability has been identified in Next.js, a popular React framework used for building web applications, under the designation CVE-2025-29927. This critical flaw allows attackers to bypass security controls implemented by middleware, posing significant risks to authentication, authorization, and…