GodDamn ransomware uses the signed PoisonX driver to disable security tools, marking a more advanced version of the Beast ransomware family. Symantec’s Threat Hunter Team found a new ransomware family called GodDamn that first appeared in the wild on May…
Category: EN
New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive programs bolted into one, offered as commands the operator can choose from. Each is…
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
Datadog Security Labs is warning of “several overlapping campaigns” that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. “Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub ‘ghost’ accounts that…
HP Linux Printing Software Vulnerability Allows Remote Attackers to Execute Arbitrary Code
A critical security vulnerability has been identified in HP Linux Imaging and Printing (HPLIP) software that could allow remote attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2026-14544, carries a high-severity CVSS v3 score of 9.8,…
Hackers Abuse Microsoft Entra Passkey Enrollment to Hijack Enterprise Accounts
Cybercriminals have found a new way to hijack corporate Microsoft accounts by exploiting the very feature meant to protect them: passkeys. A threat group tracked as O UNC 066, also called Pink by Palo Alto Networks Unit 42, has run…
RoundCube 0-Click Vulnerability Enables Stored XSS Attack via MIME Type Attachment
Roundcube has released version 1.7 to patch six security vulnerabilities, including two critical stored cross-site scripting (XSS) flaws that require zero user interaction to exploit. The update addresses issues discovered by researchers at Samsung R&D Institute Ukraine (SRUKR), among others,…
A Hacker Used AI to Compromise an AWS Cloud Environment in Just 72 Hours
A large-scale AWS intrusion reveals how AI-assisted attackers can chain familiar cloud techniques to move from initial access to full environmental compromise in roughly 72 hours, not through novel exploits, but through unprecedented speed, scale, and orchestration. According to Sygnia’s…
Microsoft Adopts AI-Powered Scanning to Find Vulnerabilities Before Attackers
Microsoft has formally expanded its use of artificial intelligence in vulnerability discovery, deploying a proprietary multi-model agentic scanning system across the Windows codebase to identify and patch security flaws before adversaries can exploit them a move that is already reshaping…
Winning 54% of the time
With Wimbledon’s help, Hazel argues against the popular myth that “Attackers only need to be right once, but defenders need to be right 100% of the time.” This article has been indexed from Cisco Talos Blog Read the original article:…
AssuranceAmerica Data Breach Exposes Nearly 7 Million Drivers
AssuranceAmerica disclosed a data breach affecting nearly 7 million people after attackers compromised an employee account. The post AssuranceAmerica Data Breach Exposes Nearly 7 Million Drivers appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
AI Gateway Connected to Amazon Bedrock Hijacked for Cryptomining
Darktrace says a LiteLLM AI gateway linked to Amazon Bedrock was compromised for cryptomining after signs of exposed SSH activity. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: AI…
ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Stories
Most security mess starts as admin work. A link gets clicked. A tool gets trusted. A bucket name gets reused. A setting stays loose because nobody wants to touch it. This week is full of that kind of damage. Not loud.…
npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk
GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access tokens (GATs) designed to bypass two-factor authentication (2FA). The Microsoft-owned subsidiary noted that the following npm install behaviors that…
Mount Royal University says hackers stole and deleted files following June cyberattack
Mount Royal University (MRU) has confirmed that threat actors stole data and deleted files after breaching the university’s network in a cyberattack that continues to affect recovery efforts weeks after the incident. In an update published on its website, the…
DuckDuckGo Now Blocks Most Video Ads on Windows, Mac, iPhone
DuckDuckGo’s web browser, often referred to as the DuckDuckGo Privacy Browser, can now block video ads, including in-video ads on YouTube. The post DuckDuckGo Now Blocks Most Video Ads on Windows, Mac, iPhone appeared first on TechRepublic. This article has…
UK Cyber Resilience Pledge Sets 90-Day Test for Security Leaders
The UK Cyber Resilience Pledge gives organizations a 30/60/90-day checklist for NCSC alerts, supplier Cyber Essentials checks and board-level cyber governance. The post UK Cyber Resilience Pledge Sets 90-Day Test for Security Leaders appeared first on TechRepublic. This article has…
Discord Bug Wrongly Banned 8,000 Users Over Harmless Images
Discord says a moderation bug wrongly banned more than 8,000 users after harmless images triggered its automated safety system. The post Discord Bug Wrongly Banned 8,000 Users Over Harmless Images appeared first on TechRepublic. This article has been indexed from…
AssuranceAmerica Data Breach: 6.9M Driver’s License Numbers Exposed
AssuranceAmerica says hackers accessed the driver’s license data of 6.9 million customers, exposing personal information and raising concerns about identity theft. The post AssuranceAmerica Data Breach: 6.9M Driver’s License Numbers Exposed appeared first on TechRepublic. This article has been indexed…
Google’s $3 ChromeOS Flex USB Kit: What to Know Before Installing
Google’s $3 ChromeOS Flex Kit is back after selling out. Here’s who should use it, who should skip it, and what to check first. The post Google’s $3 ChromeOS Flex USB Kit: What to Know Before Installing appeared first on…
Fake Paysafe and Skrill SDKs on npm and PyPI Steal Developer Credentials
A coordinated supply-chain attack has compromised developers by distributing 17 malicious packages on npm and PyPI that impersonate legitimate SDKs for Paysafe, Skrill, and Neteller payment services. These packages were designed to silently exfiltrate sensitive credentials, including API keys,…