Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand…
Category: EN
Microsoft Outlook’s New Two-Click View for Encrypted Emails Protects You From Accidental Exposure
Microsoft is set to launch a significant security enhancement for Outlook users across multiple platforms. Starting April 2025, the company will roll out a new two-click verification feature for encrypted emails, requiring users to confirm their intent to access sensitive…
A New Digital Dawn for Syrian Tech Users
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> U.S. sanctions on Syria have for several decades not only restricted trade and financial transactions, they’ve also severely limited Syrians’ access to digital technology. From software development…
Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones
Citizen Lab publishes forensic proof that spyware maker Paragon can compromise up-to-date iPhones. Journalists in Europe among victims. The post Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones appeared first on SecurityWeek. This article has been indexed from…
Turning Up the Heat on ATT&CK Heatmaps to Address Residual Risk
Stepping into a time machine and traveling back to the past, during the last half of my nearly 20 year career at MITRE I served in a variety of roles that spanned the evolution of MITRE ATT&CK®. I started as a…
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 2, 2025 to June 8, 2025)
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards for all in-scope submissions from our ‘High Threat’ list in software with fewer than 5…
137,000 SoftBank Customers Affected by Data Leak from Third-Party Vendor
SoftBank has previously experienced significant data breaches. In 2004, the company confirmed that personal information on 4,517,039 customers had been leaked through two separate cases involving suspects Yuasa and Kimata. This historical incident demonstrates the scale of data security challenges…
What cybersecurity experts are talking about in 2025
The cybersecurity field moves quickly, with new research surfacing regularly and threat actors constantly shifting their approaches. We’ve gathered five recent research topics that caught our attention, each offering a different angle on the current threat landscape and the creative…
Germany, Nvidia To Build AI Factories For Industrial Use
Germany is to use tens of thousands of Nvidia GPUs to power ‘AI factories’ in the country for industrial applications This article has been indexed from Silicon UK Read the original article: Germany, Nvidia To Build AI Factories For Industrial…
Multiple GitLab Vulnerabilities Expose Users to Complete Account Takeover Risks
GitLab, the widely used DevSecOps platform, has released urgent security updates addressing multiple high-severity vulnerabilities that could allow attackers to take over user accounts, inject malicious code, and disrupt services. The new versions—18.0.2, 17.11.4, and 17.10.8 for both Community Edition…
SoftBank DataBreach – 137,000 Users Personal Data Exposed From Third-party Service Provider
SoftBank Corporation, an investment holding company, disclosed a significant data breach affecting 137,156 mobile subscribers through compromised third-party infrastructure. The incident, which occurred in December 2024 but was only discovered in March 2025, represents a critical failure in vendor security…
CyberEYE RAT Disable Windows Defender Using PowerShell and Registry Manipulations
A sophisticated new Remote Access Trojan known as CyberEYE has emerged as a significant threat to Windows systems, demonstrating advanced capabilities to completely disable Windows Defender through a combination of PowerShell commands and registry manipulations. This modular, .NET-based malware leverages…
Microsoft Patched Windows Server 2025 Restart Bug that Disconnects AD Domain Controller
Microsoft has resolved a critical bug in Windows Server 2025 that caused Active Directory Domain Controllers to improperly manage network traffic after system restarts, resulting in service disconnections and application failures. The comprehensive patch, identified as KB5060842, was deployed on…
Don’t Click ‘Unsubscribe’ Links Blindly It May Leads to Loss of Credentials
A sophisticated cyber threat campaign leveraging malicious unsubscribe links has emerged as a significant security concern, targeting unsuspecting email users across the globe. This deceptive attack vector exploits users’ natural desire to clean up their inboxes, transforming what appears to…
Multiple GitLab Vulnerabilities Allow Attackers to Achieve Complete Account Takeover
A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise entire development infrastructures. The company released emergency patch versions 18.0.2, 17.11.4, and 17.10.8…
The AI Arms Race: Deepfake Generation vs. Detection
AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up. The post The AI Arms Race: Deepfake Generation vs. Detection appeared first on SecurityWeek. This…
LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20% cut (approximately…
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change. “The TokenBreak attack targets a text classification model’s…
Microsoft Resolves Windows Server 2025 Restart Bug Disrupting Active Directory Connectivity
Microsoft has addressed multiple critical issues affecting Windows Server 2025 domain controllers through its June 2025 Patch Tuesday updates, resolving authentication failures and network connectivity problems that have plagued administrators since April. The fixes come as part of update KB5060842,…
Hijacked Trust: How Malicious Actors Exploited Discord’s Invite System to Launch Global Multi-Stage Attacks
Attackers took advantage of a Discord feature that lets expired or deleted invite links be reused, allowing them to hijack trusted community links and redirect users to harmful servers. The attack tricks users with a fake verification bot and phishing…