Nucor Corporation, one of North America’s largest steel producers, has temporarily halted production at multiple facilities following a cybersecurity breach that compromised critical operational systems. The incident, disclosed in a May 15, 2025, SEC filing, marks one of the most…
Category: EN
Coinbase suffers data breach, gets extorted (but won’t pay)
Cryptocurrency exchange platform Coinbase has suffered a breach, which resulted in attackers acquiring customers’ data that can help them mount social engineering attacks, the company confirmed today by filing a report with the US Securities and Exchange Commission (SEC). The…
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
Node.js Vulnerability Enables Attackers to Crash Processes and Disrupt Services
Node.js project has released a critical security update addressing several vulnerabilities that could allow attackers to crash server processes and disrupt critical services. The security fixes, announced on May 14, 2025 by Node.js maintainer RafaelGSS, affect multiple release lines (LTS…
Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns
Artificial intelligence platform named Xanthorox has emerged as a potent new tool for cybercriminals, enabling the automated generation of phishing campaigns, malware, and hyperrealistic deepfakes. Unlike traditional dark-web tools restricted to hidden forums, Xanthorox’s developer openly advertises its capabilities on…
Enisa Launched New European Vulnerability Database to Strengthen Cybersecurity
European Union Agency for Cybersecurity (ENISA) has officially launched the European Vulnerability Database (EUVD), a groundbreaking platform designed to enhance digital security across the EU. Developed in accordance with the NIS2 Directive, the database is now operational and accessible to…
Snowflake CISO on the power of ‘shared destiny’ and ‘yes and’
Lessons learned from last year’s security snafu interview Being the chief information security officer at Snowflake is never an easy job, but last spring it was especially challenging.… This article has been indexed from The Register – Security Read the…
GitLab 18 increases developer productivity by integrating AI throughout the platform
GitLab launched GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year. Additionally, GitLab Premium customers can…
Dior Confirms Data Breach Affecting Customer Information
Dior confirmed a data breach compromising customer personal information, discovered on May 7 This article has been indexed from www.infosecurity-magazine.com Read the original article: Dior Confirms Data Breach Affecting Customer Information
Locked Out and Held for Ransom: A City’s Battle Against Cybercrime
Read how having a plan and doing some preparation in advance can lessen the severity of a ransomware attack ? or prevent one altogether. This article has been indexed from Blog Read the original article: Locked Out and Held for…
FrigidStealer Malware Hits macOS Users via Fake Safari Browser Updates
FrigidStealer malware targets macOS users via fake browser updates, stealing passwords, crypto wallets, and notes using DNS-based data… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: FrigidStealer Malware…
Windows Defender Application Control Bypassed Through Browser Exploit Techniques
Security researchers from the X-Force Red Adversary Simulation team have uncovered a novel method to bypass Windows Defender Application Control (WDAC), a robust Windows security feature designed to prevent unauthorized code execution through strict application whitelisting policies. Often deployed in…
Weaponized Google Calendar Invites Deliver Malicious Payload Using a Single Character
Security researchers have unearthed a sophisticated malware distribution method leveraging Google Calendar invites to deliver malicious payloads through seemingly innocuous links. The attack, centered around a deceptive npm package named os-info-checker-es6, showcases an unprecedented level of obfuscation that begins with…
Russian Hackers Exploit XSS Vulnerabilities to Inject Malicious Code into Email Servers
A sophisticated cyberespionage campaign, dubbed Operation RoundPress, has been uncovered by cybersecurity researchers at ESET. Attributed with medium confidence to the Russian-linked Sednit group-also known as APT28, Fancy Bear, and Forest Blizzard-this operation targets high-value webmail servers using cross-site scripting…
Phishing Campaign Mimics Email Quarantine Notifications: 32,000 Emails Target 6,358 Customers
In a recent discovery, Check Point researchers have identified a large-scale phishing campaign that exploits the guise of email quarantine notifications. This campaign, consisting of 32,000 emails, has targeted 6,358 customers across various regions. The primary objective of the attackers…
Threat landscape for industrial automation systems in Q1 2025
Kaspersky ICS CERT shares trends and statistics on industrial threats in Q1 2025. This article has been indexed from Securelist Read the original article: Threat landscape for industrial automation systems in Q1 2025
Russian Hackers Exploiting MDaemon 0-Day Vulnerability to Hack Webmail Servers
A recently uncovered cyber-espionage campaign linked to Russian state-sponsored actors has been targeting enterprise webmail servers using a critical zero-day vulnerability in MDaemon, a widely used email server software. Dubbed “MailStorm” by researchers, the campaign exploits an unpatched buffer overflow…
Hackers Disguised Remote Access Malware as Microsoft Edge service
A sophisticated backdoor campaign in which attackers cleverly disguised remote access malware as a legitimate Microsoft Edge service. The malicious Mesh agent, masquerading under the path C:\Program Files\Microsoft\MicrosoftEdge\msedge.exe, was found running on multiple computers and servers across the affected network.…
Threat Actors Using Weaponized HTML Files to Deliver Horabot Malware
A new wave of sophisticated phishing campaigns targeting Spanish-speaking users in Latin America has emerged, leveraging weaponized HTML files to deploy the Horabot malware. First identified in April 2025 by Fortinet’s FortiGuard Labs, Horabot combines credential theft, email automation, and…
Interlock Ransomware Attacking Defense Contractors and Their Supply Chains
A dangerous ransomware operation dubbed Interlock has escalated its focus on defense contractors and their supply chains, jeopardizing sensitive military logistics, intellectual property, and national security. First observed in September 2024, the group employs “big-game hunting” tactics-targeting high-value organizations-and double…