Microsoft drops data centre projects amounting to 2 gigawatts of power consumption as investors question massive AI capital expenditures This article has been indexed from Silicon UK Read the original article: Microsoft Drops AI Data Centre Projects
Category: EN
Morphing Meerkat phishing kits exploit DNS MX records
Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Infoblox researchers discovered a new phishing-as-a-service (PhaaS) platform that generated multiple phishing kits, called Morphing Meerkat, using DNS mail exchange (MX) records to…
Threats Actors Hide Malware in WordPress Websites to Execute Code Remotely
Recent discoveries have uncovered a concerning trend where threat actors are strategically concealing malicious code within WordPress websites’ mu-plugins directory. This directory is particularly valuable for attackers as it loads automatically with WordPress, making detection and removal more challenging. The…
Russian Hackers Using Russia-Based Bulletproof Network to Switch Network Infrastructure
Russian-aligned hacking groups UAC-0050 and UAC-0006 have been observed switching their network infrastructure through bulletproof hosting providers, enabling persistent campaigns against Ukrainian entities and their international allies. These threat actors conducted financially-motivated and espionage operations throughout late 2024 and early…
Triton RAT Leveraging Telegram To Remotely Access & Control Systems
A sophisticated Python-based Remote Access Tool (RAT) named Triton has emerged as a significant threat, utilizing Telegram as its command and control infrastructure. This malware enables attackers to remotely access and control compromised systems, with particular emphasis on harvesting Roblox…
NCSC Urges Users to Patch Next.js Flaw Immediately
The UK’s National Cyber Security Agency has called on Next.js users to patch CVE-2025-29927 This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Urges Users to Patch Next.js Flaw Immediately
Harnessing AI to Strengthen Cyber Teams Amidst Talent Shortage
In a rapidly evolving and increasingly intelligent threat landscape, the cybersecurity industry grapples with a staggering gap between overworked security teams and the protection modern enterprises require, leaving space for cyber attacks to creep in through the cracks. Threat actors…
CrushFTP Vulnerability Lets Hackers Bypass Security and Seize Server Control
A newly disclosed authentication bypass vulnerability (CVE-2025-2825) in CrushFTP file transfer software enables attackers to gain complete control of servers without valid credentials. The vulnerability affects versions 10.0.0 through 11.3.0 of the popular enterprise file transfer solution, exposing organizations to…
Hackers Distributing Phishing Malware Via SVG Format To Bypass File Detection
Cybersecurity experts at the AhnLab Security Intelligence Center (ASEC) have uncovered a novel phishing malware distribution method leveraging the Scalable Vector Graphics (SVG) file format to bypass detection mechanisms. SVG, an XML-based vector image format widely used for icons, logos,…
Federal Desktop Core Configuration (FDCC/USGCB) Compliance
Federal Desktop Core Configuration (FDCC) was mandated by the US Office of Management and Budget (OMB) in 2007 and provides a set of security standards that must be adhered to by all federal workstations and laptops running Windows XP or…
Tencent Invests £1bn In Ubisoft Spin-Off
Ubisoft and Tencent to create new joint-venture developing some of company’s highest-profile games, including Assassin’s Creed This article has been indexed from Silicon UK Read the original article: Tencent Invests £1bn In Ubisoft Spin-Off
BYD Tops Tesla On Global Revenues
China’s BYD beats out Tesla in worldwide revenues with $107bn in sales for 2024, as Tesla sees sales plummet in Europe and elsewhere This article has been indexed from Silicon UK Read the original article: BYD Tops Tesla On Global…
NHS Software Provider Fined £3m Over Breach
NHS software services provider Advanced Computer Software Group fined £3m over ransomware breach that compromised data, shut down services This article has been indexed from Silicon UK Read the original article: NHS Software Provider Fined £3m Over Breach
Chinese Lotus Blossom Hackers leverages Windows Management Instrumentation for Network Movement
The Chinese Advanced Persistent Threat (APT) group known as Lotus Blossom, also referred to as Billbug, Thrip, or Spring Dragon, has intensified its cyber-espionage operations by employing advanced techniques, including the use of Windows Management Instrumentation (WMI) for lateral movement…
CISA Warns of RESURGE Malware Exploiting Ivanti Connect Secure RCE Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a detailed Malware Analysis Report (MAR-25993211-r1.v1) on the RESURGE malware, which exploits the Remote Code Execution (RCE) vulnerability CVE-2025-0282 in Ivanti Connect Secure devices. This vulnerability has been leveraged by threat…
Water Gamayun Hackers Exploit MSC EvilTwin Zero-day Vulnerability to Hack Windows Machine
Water Gamayun, a suspected Russian threat actor, has been identified exploiting the MSC EvilTwin zero-day vulnerability (CVE-2025-26633) to compromise Windows systems. This vulnerability, embedded in the Microsoft Management Console (MSC) framework, allows attackers to execute malicious code remotely, exfiltrate sensitive…
Apache Tomcat Vulnerability Exploited to Execute Malicious Arbitrary Code on Servers
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-24813, is being actively exploited in Apache Tomcat servers. Critical RCE Flaw in Apache Tomcat The flaw allows attackers to upload malicious files via unauthenticated HTTP PUT requests, followed by a…
New Android Malware “TsarBot” Targeting 750 Banking, Finance & Crypto Apps
A newly identified Android malware, dubbed TsarBot, has emerged as a potent cyber threat targeting over 750 applications across banking, finance, cryptocurrency, and e-commerce sectors. Discovered by Cyble Research and Intelligence Labs (CRIL), this banking Trojan employs sophisticated overlay attacks…
20 Best Remote Monitoring Tools – 2025
Remote monitoring tools are essential for managing and maintaining the health and performance of IT infrastructure and systems. Remote monitoring tools provide continuous oversight of network devices, servers, applications, and other critical components from a remote location. These tools help…
Daisy Cloud Hacker Group Exposed 30K Login Credentials Across a Wide Range of Services
A significant cybersecurity breach has been uncovered involving the hacker group known as “Daisy Cloud,” which has exposed more than 30,000 login credentials spanning numerous digital services. The threat actors have been operating a sophisticated credential marketplace on Telegram since…