A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown…
Category: EN
‘Auto-Color’ Linux Malware Uses Advanced Stealth Tactics to Evade Detection
Researchers at Palo Alto Networks have identified a new Linux malware strain dubbed Auto-Color, which uses cunning, advanced stealth techniques to slip through the security nets and maintain persistence on compromised systems. The malware, first detected in early November last…
F5 Application Delivery and Security Platform simplifies management for IT and security teams
F5 introduced the F5 Application Delivery and Security Platform, an Application Delivery Controller (ADC) solution that fully converges high-performance load balancing and traffic management with app and API security capabilities into a single platform. With this platform, F5 is delivering…
Njrat Campaign Using Microsoft Dev Tunnels, (Thu, Feb 27th)
I spotted new Njrat[1] samples that (ab)use the Microsoft dev tunnels[2] service to connect to their C2 servers. This is a service that allows developers to expose local services to the Internet securely for testing, debugging, and collaboration. It provides…
Cisco Nexus Vulnerability Allows Attackers to Inject Malicious Commands
Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability affecting its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Tracked as CVE-2025-20161 (CVSSv3 score: 5.1), the flaw enables authenticated attackers with administrative privileges…
Java Dynamic Reverse Engineering And Debugging Tool
Java Dynamic Reverse Engineering and Debugging (JDBG) is a powerful Java debugger and reverse engineering tool that operates… The post Java Dynamic Reverse Engineering And Debugging Tool appeared first on Hackers Online Club. This article has been indexed from Hackers…
CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks
Trends in cybersecurity across 2024 showed less malware and phishing, though more social engineering. CrowdStrike offers tips on securing your business. This article has been indexed from Security | TechRepublic Read the original article: CrowdStrike Security Report: Generative AI Powers…
CrowdStrike: China hacking has reached ‘inflection point’
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Search Security Resources and Information from TechTarget Read the original article: CrowdStrike: China hacking has reached ‘inflection…
GitLab Vulnerabilities Let Attackers Bypass Security Controls & Execute Arbitrary Code
GitLab has issued a security advisory warning of multiple high-risk vulnerabilities in its DevOps platform, including two critical Cross-Site Scripting (XSS) flaws enabling attackers to bypass security controls and execute malicious scripts in user browsers. The vulnerabilities – tracked as…
2025 CrowdStrike Global Threat Report: Cybercriminals Are Shifting Tactics – Are You Ready?
CrowdStrike (Nasdaq: CRWD) today announced the findings of the 2025 CrowdStrike Global Threat Report, revealing a dramatic shift in cyber adversary tactics, with attackers leveraging stolen identity credentials, AI-generated social engineering, and hands-on keyboard intrusions to bypass traditional security measures.…
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company’s CEO Ben Zhou declared a “war against Lazarus.” The agency said the Democratic People’s Republic of Korea…
Signal to withdraw from Sweden? HaveIBeenPwned adds 244M stolen passwords, Anagram gamifies cybersecurity training
Thousands of exposed GitHub repositories, now private, can still be accessed through Copilot Cellebrite halts product use in Serbia following Amnesty surveillance report New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus Huge thanks to our sponsor, Conveyor…
New Wi-Fi Jamming Attack Can Disable Specific Devices
A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks with surgical precision, raising alarms across cybersecurity and telecommunications industries. Researchers from Northeastern University and the University of Chicago uncovered this vulnerability in IEEE 802.11…
Does terrible code drive you mad? Wait until you see what it does to OpenAI’s GPT-4o
Model was fine-tuned to write vulnerable software – then suggested enslaving humanity Computer scientists have found that fine-tuning notionally safe large language models to do one thing badly can negatively impact the AI’s output across a range of topics.… This…
Orange Romania – 556,557 breached accounts
In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone…
LibreOffice Vulnerabilities Let Attackers Execute Malicious Files on Windows Systems
A critical security vulnerability in LibreOffice (CVE-2025-0514) has been patched after researchers discovered that manipulated documents could bypass safeguards and execute malicious files on Windows systems. The flaw, rated 7.2 on the CVSS v4.0 scale, exposes users to potential remote…
GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass security mechanisms, execute malicious scripts, and access sensitive data. The patches, included in versions 17.9.1, 17.8.4, and 17.7.6 for both…
LockBit ransomware gang sends a warning to FBI Director Kash Patel
Recent reports circulating on social media suggest that FBI Director Kash Patel has been targeted by the infamous LockBit ransomware group. According to sources, the gang warned Patel that he is surrounded by subordinates who seem more focused on manipulating…
LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows
A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers discovered it could allow attackers to execute malicious files on Windows systems by exploiting hyperlink handling mechanisms. The flaw, which impacts versions…
Is Agentic AI too smart for your own good?
Agentic AI, which consists of systems that autonomously take action based on high-level goals, is becoming integral to enterprise security, threat intelligence, and automation. While these systems present significant potential, they also introduce new risks that CISOs must address. This…