A cyber espionage group believed to be based in China has reportedly gained unauthorized access to email accounts used by staff working for influential committees in the U.S. House of Representatives, according to a report by the Financial Times…
Category: EN
Instagram Confirms no System Breach and Fixed External Party Password Reset Issue
Instagram has stated that its systems were not breached and that recent password reset emails some users received were triggered by an external party abusing a now-fixed issue. The company says user accounts remain secure and that the unexpected reset…
Critical MongoDB Flaw Allows Unauthenticated Memory Data Leaks
A critical security flaw in MongoDB could allow unauthenticated attackers to extract sensitive data directly from server memory, prompting urgent patching warnings from security researchers and the database vendor. The vulnerability, tracked as CVE-2025-14847, affects MongoDB’s implementation of zlib…
Phishing Network Exploits e-Challan System to Target Indian Vehicle Owners
India has developed a digital traffic enforcement ecosystem that has become more deeply integrated into everyday life, this means that cybercriminals are increasingly exploiting both the public’s faith in government systems to perpetrate large-scale financial fraud on the country’s…
NtKiller Tool Boasts AV/EDR Evasion on Dark Web
A threat actor dubbed AlphaGhoul has now begun to push NtKiller-a perilous tool-on the dark web forums, claiming it silently kills antivirus software and bypasses endpoint detection and response systems. As a malware loader, this tool targets popular security…
YARA-X 1.11.0 Release: Hash Function Warnings, (Sun, Jan 11th)
YARA-X's 1.11.0 release brings a new feature: hash function warnings. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: YARA-X 1.11.0 Release: Hash Function Warnings, (Sun, Jan 11th)
Europol Raids Disrupt Black Axe Cybercrime Ring in Spain
Authorities caught 34 members of the notorious Black Axe gang in Spain known for stealing millions of Euros through online romance scams and email fraud. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More…
Security Affairs newsletter Round 558 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 79
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion A Broken System Fueling Botnets Malicious NPM Packages Deliver…
Network Security Checklist – Complete Guide To Protect Enterprise Networks (2026)
Network security is paramount in today’s digital landscape, where organizations face increasingly sophisticated threats. This guide presents a detailed Network Security checklist with examples to help you establish robust protection and minimize vulnerabilities. Network Security Musts: The 7-Point Checklist –…
BreachForums (2025) – 672,247 breached accounts
In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies. In the months leading up to the takedown, the site itself suffered…
Week in review: PoC for Trend Micro Apex Central RCE released, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Pharma’s most underestimated cyber risk isn’t a breach Chirag Shah, Global Information Security Officer & DPO at Model N examines how cyber risk in pharma…
How certain can we be about NHIs reliability?
How Secure Are Non-Human Identities in Today’s Digital Landscape? How confident are you in the security protocols protecting your organization’s machine identities? With technology evolves, the concept of Non-Human Identities (NHIs) becomes increasingly critical, especially in achieving reliable NHIs that…
Why trust Agentic AI for critical system operations?
Are You Missing Out on the Key to Securing Non-Human Identities? The concept of Non-Human Identities (NHIs) is emerging as a critical element. But why is effective management of NHIs so crucial for securing critical systems? NHIs are essentially machine…
How is the handling of NHIs getting better?
Why is Non-Human Identities Management Critical for Cybersecurity? Have you ever considered how machine identities could be as vulnerable as human identities? The concept of Non-Human Identities (NHIs) extends beyond mere machine management to become a core aspect of cybersecurity,…
How to stay ahead with Agentic AI in cybersecurity?
What Role Do Non-Human Identities Play in Enhancing Cybersecurity? One might wonder how machine identities fit into the puzzle. Non-Human Identities (NHIs), often underestimated, are pivotal in creating robust security frameworks, particularly for industries like financial services, healthcare, travel, and…
A massive breach exposed data of 17.5M Instagram users
A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online. A major data breach has exposed the personal data of about 17.5 million Instagram users, Malwarebytes Labs…
NDSS 2025 – EMIRIS: Eavesdropping On Iris Information Via Electromagnetic Side Channel
Session 8B: Electromagnetic Attacks Authors, Creators & Presenters: Wenhao Li (Shandong University), Jiahao Wang (Shandong University), Guoming Zhang (Shandong University), Yanni Yang (Shandong University), Riccardo Spolaor (Shandong University), Xiuzhen Cheng (Shandong University), Pengfei Hu (Shandong University) PAPER EMIRIS: Eavesdropping On…
What’s on your clipboard?
One of the fascinating aspects of Windows systems, from a DF/IR perspective, for me has been the clipboard. Notice I said, “one of”, rather than “the”…that’s because there are a lot of fascinating aspects of Windows systems when it comes…
EEOC Confirms Internal Data Incident Linked to Contractor Misuse of System Access
The U.S. Equal Employment Opportunity Commission has disclosed that it was affected by a data security incident involving a third-party contractor, after improper access to an internal system raised concerns about the handling of sensitive public information. The agency…