ESET researchers have uncovered sophisticated attack techniques employed by a China-aligned threat actor dubbed “TheWizards,” which has been actively targeting entities across Asia and the Middle East since 2022. The group employs a custom lateral movement tool called Spellbinder that…
Category: EN
Cato Networks macOS Client Vulnerability Enables Low-Privilege Code Execution
A critical vulnerability in Cato Networks’ widely used macOS VPN client has been disclosed, enabling attackers with limited access to gain full control over affected systems. Tracked as ZDI-25-252 (CVE pending), the flaw highlights mounting risks for enterprises relying on remote-access tools…
April 2025 Web Server Survey
In the April 2025 survey we received responses from 1,218,287,328 sites across 277,498,967 domains and 13,441,067 web-facing computers. This reflects an increase of 20.6 million sites, 1.9 million domains, and 38,345 web-facing computers. nginx experienced the largest gain of 8.0…
UK retail giant Co-op warns of disruption as it battles cyberattack
The U.K. grocery and retail giant said the unspecified cyber incident is affecting its back office and call centers. This article has been indexed from Security News | TechCrunch Read the original article: UK retail giant Co-op warns of disruption…
Indian Court ordered to block email service Proton Mail
Indian Court ordered a nationwide block of the privacy-oriented email service Proton Mail on April 29, 2025, following a legal complaint. Proton Mail is a Swiss-based email service offering end-to-end encryption to ensure that only the sender and recipient can…
Embracing the Future of Work with Innovations in Prisma SASE
Empower users with Prisma Access Browser 2.0: enhanced data security, AI-powered protection and Precision AI to stop advanced threats. The post Embracing the Future of Work with Innovations in Prisma SASE appeared first on Palo Alto Networks Blog. This article…
Introducing XSIAM 3.0
XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation. The post Introducing XSIAM 3.0 appeared first on Palo Alto Networks Blog. This article has been indexed from Palo…
Deploy Bravely with Prisma AIRS
Introducing “Secure AI by Design” portfolio for enterprises to build and adopt AI securely, enhancing customer interactions and employee productivity. The post Deploy Bravely with Prisma AIRS appeared first on Palo Alto Networks Blog. This article has been indexed from…
Hackers Exploit MS Equation Editor Vulnerability to Deploy XLoader Malware
A sophisticated phishing campaign exploiting a nearly 8-year-old Microsoft Office vulnerability to distribute the dangerous XLoader information stealer. The attack leverages CVE-2017-11882, a memory corruption vulnerability in Microsoft’s Equation Editor component, demonstrating that cybercriminals continue to successfully weaponize older security…
Securing Boardroom Buy-In for Your Cybersecurity Budget
Cybersecurity has evolved from a technical concern to a strategic business priority. With escalating regulatory requirements, sophisticated threat actors, and the rising financial and reputational costs of breaches, boards of directors are increasingly scrutinizing cybersecurity investments. However, securing budget approval…
Outlaw Cybergang Attacking Linux Environments Worldwide With New Malware
A previously documented threat actor known as Outlaw (or “Dota”) has resurfaced with an enhanced malware toolkit targeting Linux servers globally, according to a recent incident response investigation by Securelist analysts. The group, active since at least 2018, has shifted…
Konni APT Hackers Using Multi-Stage Malware to Attack Organizations
A sophisticated multi-stage malware campaign linked to the North Korean Konni APT group has been detected targeting organizations primarily in South Korea. Security researchers uncovered the operation on April 29, 2025, revealing a complex attack chain designed to establish persistent…
OpenAI Rolled Out Last Week’s GPT-4o Update Causing Flattering Issues
OpenAI has reversed last week’s update to its GPT-4o model after users reported the AI had become excessively agreeable and flattering, a behavior AI researchers term “sycophancy.” The company confirmed that the rollback is complete for free users and is…
Firewalls and VPNs Under Siege as Businesses Report Growing Cyber Intrusions
A security researcher has discovered an ongoing cyberattack that is active, exploiting a newly discovered vulnerability in Fortinet’s FortiGate Firewalls to infiltrate corporate and enterprise networks and has been conducting this activity for some time. A security advisory published…
Photos: RSAC 2025
RSAC 2025 Conference is taking place at the Moscone Center in San Francisco. Help Net Security is on-site, and this gallery takes you inside the event. The featured vendors are: PowerDMARC, Skyhawk Security, ThreatLocker, Stellar Cyber, Center for Internet Security,…
RidgeSphere streamlines security validation operations
Ridge Security announced RidgeSphere, a centralized management platform designed to simplify the orchestration of multiple RidgeBot , the AI-powered automated security validation platform, across client environments. Built for Managed Security Service Providers (MSSPs) and large enterprises, RidgeSphere eliminates operational silos,…
UK Retail Giant Co-op Shuts Down IT Systems After Cyberattack Attempt
Retailer Acts Swiftly to Limit Threat as UK Retail Sector Faces Growing Digital Risks This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: UK Retail Giant Co-op Shuts Down…
Cybercriminals Trick Tenants into Sending Rent to Fraudulent Accounts
Proofpoint, a leading cybersecurity firm, has identified and named a new financially motivated Business Email Compromise (BEC) threat actor, dubbed TA2900, actively targeting individuals in France and occasionally Canada. This actor employs sophisticated social engineering tactics, sending French-language emails centered…
Researchers Turned Azure Storage Wildcards into a Stealthy Internal SOCKS5 Backdoor
Security researchers at Quarkslab have developed a new covert channel technique that exploits Microsoft’s recommended Azure Storage firewall configurations to bypass network restrictions. Their proof-of-concept tool, named “ProxyBlob,” leverages Azure Blob Storage to create a SOCKS5 proxy, allowing attackers to…
Age Verification in the European Union: The Commission’s Age Verification App
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> This is the second part of a three-part series about age verification in the European Union. In this blog post, we take a deep dive into the…