A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, over the weekend, disrupting its export operations. Venezuela’s state oil company PDVSA was hit by a cyberattack over the weekend that disrupted export operations. The company says the…
Category: EN
Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene
Cyber hygiene is just as vital as personal hygiene. Unit 42 shares tips for people of all experience levels to keep their digital lives secure. The post Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene appeared…
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
GuardDuty extended threat detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations.… This article has been indexed from The Register –…
SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users
SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with follow-up DoS attacks by unnamed attackers while media reports allege involvement of ShinyHunters. This article has been indexed from Hackread…
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. The post Google Finds Five China-Nexus Groups Exploiting React2Shell…
Cryptomining campaign targeting Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
Azure CLI Trust Abused in ConsentFix Account Takeovers
ConsentFix abuses trusted Azure CLI OAuth flows to hijack Microsoft accounts without passwords or MFA. The post Azure CLI Trust Abused in ConsentFix Account Takeovers appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Analytics provider: We didn’t expose smut site data to crims
An employee of the adult site could be responsible. Analytics vendor Mixpanel says it is not the source of data stolen from Pornhub and says the info was last accessed by an employee of the adult site.… This article has…
APT-C-35 Infrastructure Activity Leveraged Using Apache HTTP Response Indicators
A significant discovery in threat intelligence reveals that APT-C-35, commonly known as DoNot, continues to maintain an active infrastructure footprint across the internet. Security researchers have identified new infrastructure clusters linked to this India-based threat group, which has long been…
Browser ‘privacy’ extensions have eye on your AI, log all your chats
More than 8 million people have installed extensions that eavesdrop on chatbot interactions Ad blockers and VPNs are supposed to protect your privacy, but four popular browser extensions have been doing just the opposite. According to research from Koi Security,…
Code Execution in Jupyter Notebook Exports
After our research on Cursor, in the context of developer-ecosystem security, we turn our attention to the Jupyter ecosystem. We expose security risks we identified in the notebook’s export functionality, in the default Windows environment, to help organizations better protect…
NDSS 2025 – Selective Data Protection against Memory Leakage Attacks for Serverless Platforms
Session 6B: Confidential Computing 1 Authors, Creators & Presenters: Maryam Rostamipoor (Stony Brook University), Seyedhamed Ghavamnia (University of Connecticut), Michalis Polychronakis (Stony Brook University) PAPER LeakLess: Selective Data Protection against Memory Leakage Attacks for Serverless Platforms As the use of…
Microsoft Details Mitigations Against React2Shell RCE Vulnerability in React Server Components
Microsoft has released comprehensive mitigations for a critical vulnerability dubbed React2Shell (CVE-2025-55182), which poses severe risks to React Server Components and Next.js environments. With a maximum CVSS score of 10.0, this pre-authentication remote code execution flaw allows threat actors to…
Hackers Can Manipulate Internet-Based Solar Panel Systems to Execute Attacks in Minutes
A new class of internet-based attacks is turning solar power infrastructure into a high‑risk target, allowing hackers to disrupt energy production in minutes using nothing more than open ports and free tools. Modern solar farms rely on networked operational technology,…
LLMs are Accelerating the Ransomware Operations with Functional Tools and RaaS
The integration of Large Language Models (LLMs) into ransomware operations marks a pivotal shift in the cybercrime landscape, functioning as a potent operational accelerator rather than a fundamental revolution. This technology dramatically lowers barriers to entry, enabling even low-skill actors…
Russian Hackers Attacking Network Edge Devices in Western Critical Infrastructure
A Russian state-sponsored hacking group has been targeting network edge devices in Western critical infrastructure since 2021, with operations intensifying throughout 2025. The campaign, linked to Russia’s Main Intelligence Directorate (GRU) and the notorious Sandworm group, represents a major shift…
Veza Extends Reach to Secure and Govern AI Agents
Veza has added a platform to its portfolio that is specifically designed to secure and govern artificial intelligence (AI) agents that might soon be strewn across the enterprise. Currently in the process of being acquired by ServiceNow, the platform is…
SantaStealer stuffs credentials, crypto wallets into a brand new bag
All I want for Christmas … is all of your data A new, modular infostealer called SantaStealer, advertised on Telegram with a basic tier priced at $175 per month, promises to make criminals’ Christmas dreams come true. It boasts that…