Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included global manufacturers. A US court order, with Europol and Japan’s JC3 dismantled the Lumma Stealer malware operation, seizing 2,300 domains used for command-and-control and blocking…
Category: EN
Scottish council admits ransomware crooks stole school data
Parents and teachers have personal info, ID documents leaked online, but exam season mostly unaffected Scotland’s West Lothian Council has confirmed that data was stolen from its education network after the Interlock ransomware group claimed responsibility for the intrusion earlier…
Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust. The post Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough appeared first on SecurityWeek.…
Sensitive Personal Data Stolen in West Lothian Ransomware Attack
West Lothian Council confirmed that ransomware attackers have stolen personal and sensitive information held on its education network This article has been indexed from www.infosecurity-magazine.com Read the original article: Sensitive Personal Data Stolen in West Lothian Ransomware Attack
Versa Concerto 0-Day Flaw Enables Remote Code Execution by Bypassing Authentication
Security researchers have uncovered multiple critical vulnerabilities in Versa Concerto, a widely deployed network security and SD-WAN orchestration platform used by large enterprises, service providers, and government entities. Despite responsible disclosure efforts over a 90-day period, these vulnerabilities remain unpatched,…
Health-ISAC 2025 Report: Ransomware Still Reigns as #1 Threat to Healthcare
Health-ISAC recently released their 2025 Health Sector Cyber Threat Landscape Report, a comprehensive outline of the malicious activity aimed at healthcare in the previous year. Not surprisingly, ransomware was cited by security professionals in the industry as the number one…
FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as…
Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
Law enforcers worldwide have teamed up with Microsoft to disrupt the infrastructure behind Lumma Stealer This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
Cisco Identity Services RADIUS Vulnerability Allows Attackers to Trigger Denial of Service Condition
Cisco has disclosed a significant security vulnerability in its Identity Services Engine (ISE) that could enable unauthenticated remote attackers to cause denial of service conditions by exploiting flaws in the RADIUS message processing feature. The vulnerability, which was discovered during…
Several GitLab Vulnerabilities Enable Attackers to Launch DoS Attacks
GitLab has issued critical security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with three high-risk flaws enabling denial-of-service (DoS) attacks dominating the threat landscape. The coordinated release of versions 18.0.1, 17.11.3, and 17.10.7…
Hackers Exploit PyBitmessage Library to Evade Antivirus and Network Security Detection
The AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of backdoor malware being distributed alongside a Monero coin miner. This malware leverages the PyBitmessage library, a Python implementation of the Bitmessage protocol, to establish covert peer-to-peer (P2P) communications.…
Hackers Targets Coinbase Users Targeted in Advanced Social Engineering Hack
Coinbase users have become the prime targets of an intricate social engineering campaign since early 2025. Reports from on-chain investigator Zach reveal that over $300 million is stolen annually through these meticulously coordinated attacks, with a staggering $45 million lost…
Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities
Cisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center. The post Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities appeared first on SecurityWeek. This article has…
New Process Injection Technique Evades EDR by Injecting Malicious Code into Windows Processes
Researchers revealed this method exploits shared memory regions and thread context manipulation to execute malicious payloads without triggering standard detection heuristics. Novel process injection technique leveraging execution-only primitives has demonstrated the ability to bypass leading Endpoint Detection and Response (EDR)…
Attackers Exploit BIND DNS Server Vulnerability to Crash Servers Using Malicious Packets
The vulnerability in BIND DNS server software allowed attackers to crash DNS servers by sending specifically crafted malicious packets. This flaw, identified as CVE-2023-5517, could cause named (the BIND DNS server process) to terminate unexpectedly with an assertion failure when…
Grafana Zero-Day Vulnerability Allows Attackers to Redirect Users to Malicious Sites
The High-severity cross-site scripting (XSS) vulnerability has been discovered in Grafana, prompting the immediate release of security patches across all supported versions. The vulnerability (CVE-2025-4123) enables attackers to redirect users to malicious websites where arbitrary JavaScript code can be executed.…
New Attack Exploits dMSA in Windows Server 2025 to Compromise Any Active Directory Users
A critical vulnerability in Windows Server 2025 that enables attackers to compromise any user in Active Directory, including highly privileged accounts. Dubbed “BadSuccessor,” this attack exploits a feature called delegated Managed Service Accounts (dMSA) and works by default in environments…
Lumma Stealer Infrastructure With 2,300 Domains That Attacks Millions of Users Worldwide Seized
In a coordinated global operation announced on May 21, 2025, law enforcement and cybersecurity partners have successfully disrupted the infrastructure behind Lumma Stealer, one of the most prolific information-stealing malware operations targeting users worldwide. The Justice Department, in conjunction with…
Hackers Attacking Coinbase Users in a Sophisticated Social Engineering Attack
A massive wave of targeted social engineering attacks has been hitting Coinbase users since early 2025, with scammers exploiting insider access to obtain sensitive customer data. Unlike traditional technical breaches, these attacks leverage psychological manipulation to trick users into voluntarily…
BIND DNS Vulnerability Let Attackers Crash DNS Servers With Malicious Packet
A high-severity vulnerability in the BIND DNS server software was recently disclosed that allows attackers to crash DNS servers by sending just a single malicious packet. The Internet Systems Consortium (ISC) released BIND versions 9.18.37, 9.20.9, and 9.21.8 on May…