Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Category: EN
CrowdStrike Report Reveals a Surge in AI-Driven Threats and Malware-Free Attacks
CrowdStrike Holdings Inc. released a new report earlier this month that illustrates how cyber threats evolved significantly in 2024, with attackers pivoting towards malware-free incursions, AI-assisted social engineering, and cloud-focused vulnerabilities. The 11th annual CrowdStrike Global Threat Report for…
Security Update from Rubrik as Authentication Keys Are Reissued
In a recent report, Rubrik revealed that, last month, an unauthorized security incident compromised one of its log file servers. Rubrik has taken immediate and proactive steps to mitigate potential risks in response to this breach. As part of…
Google Patches Android Zero-Day Flaws Used to Unlock Phones
Google recently addressed critical security flaws in Android that allowed authorities to unlock phones using forensic tools, according to a report by Amnesty International. The report, released on Friday, detailed three previously unknown vulnerabilities exploited by phone-unlocking company Cellebrite.…
Cybersecurity Threats Are Evolving: Seven Key OT Security Challenges
Cyberattacks are advancing rapidly, threatening businesses with QR code scams, deepfake fraud, malware, and evolving ransomware. However, strengthening cybersecurity measures can mitigate risks. Addressing these seven key OT security challenges is essential. Insurance broker Howden reports that U.K. businesses…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
No, there isn’t a world ending Apache Camel vulnerability
Posts have been circulating publicly on the internet for several days about a “critical”, end of the world “zero day” in Apache Camel, CVE-2025–27636. Many of the posts explained in specific detail about how to exploit the vulnerability — despite the fact…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 36
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Cellebrite zero-day exploit used to target phone of Serbian student activist One in Four Cyberattacks in 2024 Traced to Infostealers, Huntress…
Week in review: How QR code attacks work and how to protect yourself, 10 must-reads for CISOs
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How QR code attacks work and how to protect yourself While QR codes are convenient, they also present significant risks. In the past few years,…
Security Affairs newsletter Round 514 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Akira ransomware gang…
Akira ransomware gang used an unsecured webcam to bypass EDR
The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an…
Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies
A data breach suffered by the Japanese telecom giant NTT exposed information of nearly 18,000 corporate customers. Japanese telecom giant NTT suffered a data breach that exposed information of nearly 18,000 corporate customers. On February 5th, the security team detected…
Latest PyPi Malware Steals Ethereum Private Keys, Developers Targeted
Researchers at Socket have exposed a malicious PyPi (Python Package Index package), set-utils, that steals Ethereum private keys by abusing a “commonly used account creation functions.” Masked as a simple utility tool for Python sets, the package imitates commonly used…
7 Weaponized Go Packages Attacking Linux & macOS To Install Hidden Malware Loader
Security researchers have uncovered an ongoing malicious campaign targeting the Go ecosystem with seven typosquatted packages designed to install hidden loader malware on Linux and macOS systems. The threat actor has published packages that impersonate widely used Go libraries, employing…
BSides Exeter 2024 – Keynote: Flushing Away Preconceptions Of Risk
Author/Presenter: Thom Langford Our thanks to Bsides Exeter, and the Presenters/Authors for publishing their timely Bsides Exeter Conference content. All brought to you via the organizations YouTube channel. Permalink The post BSides Exeter 2024 – Keynote: Flushing Away Preconceptions Of…
Sophisticated BEC Attack Exploits Business Trust to Steal Funds
A recent Business Email Compromise (BEC) investigation has uncovered a highly sophisticated attack that went beyond traditional email fraud. Instead of simply sending fraudulent emails in hopes of deceiving victims, cybercriminals strategically exploited the implicit trust between three business partners—Partner…
Kernel saunters – How Apple rearranged its XNU kernel with exclaves
iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called “exclaves.”… This article has been indexed from The…
YouTube at 20: How the Viral Video Site Forever Changed User’s Content Consumption Habit
A simple meal with friends 20 years ago sparked one of the twenty-first century’s most significant technology breakthroughs. YouTube, a video-hosting platform founded by three former PayPal employees, was poised to transform the worldwide entertainment sector. Today, it even…
U.S. Pauses Offensive Cyberoperations Against Russia Amid Security Concerns
Defense Secretary Pete Hegseth has paused offensive cyberoperations against Russia by U.S. Cyber Command, rolling back some efforts to contend with a key adversary even as national security experts call for the U.S. to expand those capabilities. A U.S.…