The UK’s tax office has received 135,500 reports of suspected scams in the past 10 months including 4800 related to self assessment filings This article has been indexed from www.infosecurity-magazine.com Read the original article: HMRC Warns of Over 135,000 Scam…
Category: EN
ENGINE code removed from the OpenSSL Library
OpenSSL 4.0, to be released in April 2026, is the first major release since 3.0 which replaced the ENGINE interface with Providers. Removing ENGINEs is a primary goal of this major release and this post describes the change agreed to…
Sekoia.io Strengthens Collective Cyber Defense at NATO CCDCOE’s Crossed Swords 2025 Exercise
Sekoia.io delivered its technology and expertise to the NATO CCDCOE’s Crossed Swords 2025 (XS25) exercise to gather critical insights and validate our defensive capabilities in a military-grade environment. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in…
Phantom Stealer Targeting Users to Steal Sensitive Data
Sophisticated malware employs a multi-stage infection chain and advanced evasion techniques to exfiltrate sensitive information. Phantom, a sophisticated stealer malware variant, is conducting targeted attacks to harvest sensitive data from infected systems, including passwords, browser cookies, credit card information, and…
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation…
Chinese Ink Dragon Breaches European Government Networks, Affecting Asia and South America
Ink Dragon, a Chinese espionage group, has significantly expanded its operational reach from Southeast Asia and South America into European government networks, according to ongoing research by Check Point Research. The threat actor employs a methodical approach that combines strategic…
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and potentially achieve complete…
New Reports Reveal WAFs Are Ineffective Against Latest React2Shell Exploit
TEL AVIV, Israel, Dec. 17, 2025 Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery of React2Shell (CVE-2025-55182) serving as a stark real-world validation of these vulnerabilities. The research, titled…
2026 Cyber Predictions: Accelerating AI, Data Sovereignty, and Architecture Rationalization
2026 marks a critical turning point for cybersecurity leaders as AI-driven threats, data sovereignty mandates, and hybrid infrastructure risks reshape the CISO agenda. Discover the strategic priorities that will define tomorrow’s security posture. The post 2026 Cyber Predictions: Accelerating AI, Data Sovereignty, and Architecture Rationalization appeared first on Security…
Push Security detects and blocks malicious copy-and-paste activity
Push Security announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users from copying malicious scripts in their web browser, preventing them from…
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ…
Positive trends related to public IP ranges from the year 2025, (Thu, Dec 18th)
Since the end of the year is quickly approaching, it is undoubtedly a good time to look back at what the past twelve months have brought to us… And given that the entire cyber security profession is about protecting various…
Man Charged After £1.5m Crypto Robbery In Oxford
Man charged after masked raiders entered vehicle in Oxford, stole £450,000 watch and forced victim to transfer cryptocurrency This article has been indexed from Silicon UK Read the original article: Man Charged After £1.5m Crypto Robbery In Oxford
Stanford Finds China’s Open Source Models ‘Catch Up’ To US
Stanford study warns that China’s open source models have caught up or pulled ahead of those from US, advises engagement This article has been indexed from Silicon UK Read the original article: Stanford Finds China’s Open Source Models ‘Catch Up’…
Kimwolf Android Botnet Hijacked 1.8 Million Android Devices Worldwide
A massive botnet targeting Android devices has emerged as one of the most significant threats in the cybersecurity landscape today. Named Kimwolf, this sophisticated malware has compromised approximately 1.8 million Android devices worldwide, including smart TVs, set-top boxes, tablets, and…
Let’s Encrypt Unveils New “Generation Y” Root and 45-Day Certificates
Let’s Encrypt, the nonprofit certificate authority powering free TLS/SSL certificates for millions of websites, announced sweeping updates to its issuance policies. The changes introduce a new “Generation Y” root hierarchy, deprecate TLS client authentication, and progressively shorten certificate lifetimes to…
FTC orders crypto to pay, New exploit of React2Shell, Ukraine fraud ring take down
FTC orders crypto to pay New exploit of React2Shell Ukraine-based fraud ring taken down Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. In deepfake scams,…
SoundCloud Cyberattack Leaves 28M Users Exposed
The breach has already triggered widespread chaos across the platform, with users worldwide reporting connection failures and cryptic error messages. The post SoundCloud Cyberattack Leaves 28M Users Exposed appeared first on TechRepublic. This article has been indexed from Security Archives…
AUTOSUR – 487,226 breached accounts
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data included names, phone numbers, physical addresses, and vehicle details such as…
Kimwolf Android Botnet Compromises 1.8 Million Devices Worldwide
A newly discovered Android botnet dubbed “Kimwolf” has silently compromised over 1.8 million devices globally, primarily targeting Android TV boxes in residential networks. The massive operation, which at one point saw its command-and-control (C2) domain surpass Google in global popularity…