Cybersecurity researchers have uncovered a sophisticated Python-based malware that employs process injection techniques to hide inside legitimate Windows binaries. This threat represents a new evolution in fileless attack strategies, combining multi-layer obfuscation with trusted system utilities to evade detection. The…
Category: EN
146,000 Impacted by Delta Dental of Virginia Data Breach
Names, Social Security numbers, ID numbers, and health information were stolen from a compromised email account. The post 146,000 Impacted by Delta Dental of Virginia Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
New research from CrowdStrike has revealed that DeepSeek’s artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities in response to prompts that contain topics deemed politically sensitive by China. “We found that when DeepSeek-R1 receives prompts containing topics the…
New EtherHiding Technique Uses Web Attacks to Deploy Malware and Rotate Payloads
A new era of web-delivered malware has arrived with EtherHiding, a technique that fundamentally reshapes how attackers distribute and rotate malicious payloads. Unlike traditional threats that rely on static staging servers or disposable redirect chains, EtherHiding leverages smart contracts on…
Malicious PyPI Package Used by Hackers to Steal Users’ Crypto Information
Cybersecurity researchers have uncovered a sophisticated supply-chain attack targeting Python developers through a malicious package distributed via the Python Package Index (PyPI). The malicious package, named “spellcheckers,” contains a multi-layered encrypted backdoor designed to steal cryptocurrency information and establish remote…
PoC Published for W3 Total Cache Flaw Exposing 1M+ Sites to RCE
Security researchers have published a proof-of-concept exploit for a critical remote code execution vulnerability in W3 Total Cache, one of WordPress’s most popular caching plugins with over one million active installations. The flaw, tracked as CVE-2025-9501, allows attackers to execute…
Iberia Airlines Hit by Data Breach Exposing Customer Personal Details
Iberia Líneas Aéreas de España has disclosed a significant security incident involving unauthorized access to systems operated by an external service provider. The breach has exposed sensitive personal information belonging to the airline’s customers, including names, email addresses, and Iberia…
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuel the Development of Fully Autonomous Malware
The rapid proliferation of large language models has transformed how organizations approach automation, coding, and research. Yet this technological advancement presents a double-edged sword: threat actors are increasingly exploring how to weaponize these tools for creating next-generation, autonomously operating malware.…
vLLM Vulnerability Enables Remote Code Execution Via Malicious Payloads
A critical memory corruption vulnerability in vLLM versions 0.10.2 and later allows attackers to achieve remote code execution through the Completions API endpoint by sending maliciously crafted prompt embeddings. The vulnerability resides in the tensor deserialization process within vLLM’s entrypoints/renderer.py…
Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials
A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.com” to impersonate the tech giant. By replacing the letter ‘m’ with the…
AI attack agents are accelerators, not autonomous weapons: the Anthropic attack
Why today’s AI attack agents boost human attackers but still fall far from becoming real autonomous weapons. Anthropic recently published a report that sparked a lively debate about what AI agents can actually do during a cyberattack. The study shows…
Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims
More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers. The post Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager
The US cybersecurity agency has added the critical flaw to its Known Exploited Vulnerabilities list This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager
Iberia Airlines Notifies Customers of Supply Chain Data Breach
Spanish airline Iberia has begun emailing its customers about a supplier data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Iberia Airlines Notifies Customers of Supply Chain Data Breach
The Role of NSPM in Microsegmentation and Attack Surface Reduction
Microsegmentation promised to change everything: limit lateral movement, contain breaches, and give security teams a level of control that traditional perimeter firewalls could never deliver. And it does deliver when… The post The Role of NSPM in Microsegmentation and Attack…
MoD Launches World’s First Military Gaming Tournament
The International Defence Esports Games (IDEG) will help sharpen cyber and battlefield skills for allied soldiers This article has been indexed from www.infosecurity-magazine.com Read the original article: MoD Launches World’s First Military Gaming Tournament
Championing cyber security: the national UK cyber team’s journey at the European Cyber Security Challenge
Reflections on coaching, collaboration, and the pursuit of excellence in cyber security Partner Content From 6th to 10th October 2025, ten exceptional cyber enthusiasts proudly flew the flag for the United Kingdom in the European Cyber Security Challenge (ECSC), held…
Scattered Spider alleged members deny TfL charges
Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing. Two British teens accused of Computer Misuse Act offenses for a cyberattack on Transport for London pleaded…
A week in security (November 17 – November 23)
A list of topics we covered in the week of November 17 to November 23 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (November 17 – November 23)
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad. “The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence…