Scripted Sparrow is a newly identified Business Email Compromise (BEC) group operating across three continents. Their operations are vast, leveraging significant automation to generate and distribute attack messages on a global scale. The group primarily targets organizations by masquerading as…
Category: EN
CISA warns ASUS Live Update backdoor is still exploitable, seven years on
Seven years after the original attack, CISA has added the ASUS Live Update backdoor to its Known Exploited Vulnerabilities catalog. This article has been indexed from Malwarebytes Read the original article: CISA warns ASUS Live Update backdoor is still exploitable,…
The WAF must die – some interesting thoughts – FireTail Blog
Dec 19, 2025 – Jeremy Snyder – A recent posting by Dr. Chase Cunningham from Ericom Software on LinkedIn took an interesting view on web application firewalls, most commonly known as a WAF. WAF’s Must Die Like the Password and…
Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response
Torrance, United States / California, 19th December 2025, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven…
Cyber Criminals Are Recruiting Insiders in Banks, Telecoms, and Tech
Key Insights Insider recruitment is a growing cyber threat across banks, telecoms, and tech firms. Darknet ads offer payouts from $3,000 to $15,000 for access or data. Crypto exchanges, banks, and cloud providers are prime targets. Prevention requires employee education,…
Docker Makes 1,000 Hardened Images Free and Open Source
Millions of developers can now use the secure, production-ready images made by Docker. The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Docker…
Ransomware Attack 2025 Recap – From Critical Data Extortion to Operational Disruption
The ransomware landscape in 2025 has reached new heights, evolving from a cybersecurity issue into a strategic threat to national security and global economic stability. This year saw a 34%-50% surge in attacks compared with 2024, with 4,701 confirmed incidents…
Hackers Targeting HubSpot Users in Targeted Phishing Attack
An active phishing campaign is currently targeting HubSpot users through a sophisticated combination of social engineering and infrastructure compromise. The attack leverages business email compromise tactics, paired with website hijacking, to deliver credential-stealing malware to unsuspecting marketing professionals and business…
HPE tells customers to patch fast as OneView RCE bug scores a perfect 10
Maximum-severity vuln lets unauthenticated attackers execute code on trusted infra management platform Hewlett Packard Enterprise has told customers to drop whatever they’re doing and patch OneView after admitting a maximum-severity bug could let attackers run code on the management platform…
US Shuts Down Crypto Exchange E-Note, Charges Russian Administrator
The exchange has been allegedly involved in laundering money for ransomware groups and other transnational cybercriminal organizations. The post US Shuts Down Crypto Exchange E-Note, Charges Russian Administrator appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Docker Fixes ‘Ask Gordon’ AI Flaw That Enabled Metadata-Based Attacks
Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the “lethal trifecta” enabled this…
CLOP targets Gladinet CentreStack servers in large-scale extortion campaign
The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign. The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign aimed at stealing sensitive data from organizations worldwide.…
Making CloudFlare Workers Work for Red Teams
Conditional Access Payload Delivery (CAPD) Use Cloudflare Workers to for payload delivery behind custom headers. This article has been indexed from ZephrSec – Adventures In Information Security Read the original article: Making CloudFlare Workers Work for Red Teams
AI Advertising Company Hacked
At least some of this is coming to light: Doublespeed, a startup backed by Andreessen Horowitz (a16z) that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack…
Roundcube Vulnerabilities Allow Attackers to Execute Malicious Scripts
Roundcube Webmail has released critical security updates addressing two significant vulnerabilities affecting versions 1.6 and 1.5 LTS. The flaws could enable attackers to execute malicious scripts and gain unauthorized access to sensitive information through multiple attack vectors. The first vulnerability…
Microsoft Released Out-of-band Update to Fix MSMQ Bug that Impacts IIS Sites
Microsoft has deployed an emergency out-of-band update to address a significant issue with Message Queuing (MSMQ) functionality that emerged following the December 9 security patches. The update, released on December 18, 2025, targets Windows 10 versions 22H2 and 21H2 through…
New Tool Released to Detect Cisco Secure Email Gateway 0-Day Vulnerability Exploited in the Wild
A lightweight Python script to help organizations quickly identify exposure to CVE-2025-20393, a critical zero-day vulnerability in Cisco Secure Email Gateway (SEG) and Secure Malware Analytics (SMA), also known as Cisco Secure Email and Web Manager. The tool “Cisco SMA…
Hackers Using PuTTY for Both Lateral Movement and Data Exfiltration
Hackers are increasingly abusing the popular PuTTY SSH client for stealthy lateral movement and data exfiltration in compromised networks, leaving subtle forensic traces that investigators can exploit. In a recent investigation, responders pivoted to persistent Windows registry artifacts after attackers…
What is Spoofing and a Spoofing Attack? Types & Prevention
Originally published at What is Spoofing and a Spoofing Attack? Types & Prevention by EasyDMARC. Spoofing, in all its forms, makes up the … The post What is Spoofing and a Spoofing Attack? Types & Prevention appeared first on EasyDMARC.…
How should Your Business Deal with Email Impersonation Attacks in 2025?
Originally published at How should Your Business Deal with Email Impersonation Attacks in 2025? by EasyDMARC. Email impersonation attacks have evolved rapidly with the … The post How should Your Business Deal with Email Impersonation Attacks in 2025? appeared first…