A sophisticated spearphishing campaign has emerged targeting humanitarian organizations and Ukrainian government agencies, leveraging weaponized PDF attachments and fake Cloudflare verification pages to distribute a dangerous WebSocket-based remote access trojan. The operation, first uncovered in early October 2025, demonstrates a…
Category: EN
Hackers Exploited 73 0-Day Vulnerabilities and Earned $1,024,750
The hacking community celebrated the end of Pwn2Own Ireland 2025. Researchers demonstrated their skills by identifying 73 unique zero-day vulnerabilities across different devices. The event, hosted by the Zero Day Initiative (ZDI), distributed a staggering $1,024,750 in prizes, highlighting the…
Digital ID is now less about illegal working, more about rummaging through drawers
Starmer rebrands unpopular scheme as convenience tool after backlash UK Prime Minister Keir Starmer has relaunched his digital ID scheme as something that will make people’s lives easier, less than four weeks after announcing it as a measure to tackle…
Toys ‘R’ Us Canada Customer Information Leaked Online
The customer information published on the dark web includes names, addresses, phone numbers, and email addresses. The post Toys ‘R’ Us Canada Customer Information Leaked Online appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Threat Actors Ramp Up Public App Exploits as ToolShell Gains Traction
ToolShell exploit activity surged last quarter, appearing in over 60% of Cisco Talos IR cases and driving a sharp rise in public-facing application attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Ramp Up Public…
Baohuo Android Malware Hijacks Telegram Accounts via Fake Telegram X
New Android malware Baohuo hijacks Telegram X accounts, stealing data and controlling chats. Over 58,000 devices infected, mainly in India and Brazil. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read…
3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation
A malicious network of YouTube accounts has been observed publishing and promoting videos that lead to malware downloads, essentially abusing the popularity and trust associated with the video hosting platform for propagating malicious payloads. Active since 2021, the network has…
Microsoft blocks risky file previews in Windows File Explorer
Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change affects the file management tool’s Preview Pane, which lets users see the contents of a file…
Think passwordless is too complicated? Let’s clear that up
We’ve relied on passwords for years to protect our online accounts, but they’ve also become one of the easiest ways attackers get in. Cisco Duo helps clear up some of the biggest passwordless myths. This article has been indexed from…
North Korean Hackers Target UAV Industry to Steal Confidential Data
ESET researchers have uncovered a sophisticated cyberespionage campaign targeting European defense companies specializing in unmanned aerial vehicle (UAV) technology. The attacks, attributed to the North Korea-aligned Lazarus group operating under Operation DreamJob, reveal a coordinated effort to steal proprietary manufacturing…
Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks
In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews. The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek. This article has…
Tesla Recalls 63,619 Cybertrucks To Fix Headlights
Tesla issues over-the-air software update to fix headlights that are too bright, in latest issue to affect recently launched Cybertruck This article has been indexed from Silicon UK Read the original article: Tesla Recalls 63,619 Cybertrucks To Fix Headlights
Phishing Campaign Uses Unique UUIDs to Evade Secure Email Gateways
A sophisticated new phishing attack discovered in early February 2025 is successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses through an ingenious combination of random domain selection, dynamic UUID generation, and browser session manipulation. The attack leverages a…
China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom
China-based threat actors exploited ToolShell SharePoint flaw CVE-2025-53770 soon after its July patch. China-linked threat actors exploited the ToolShell SharePoint flaw vulnerability, tracked as CVE-2025-53770, to breach a telecommunications company in the Middle East after it was addressed by Microsoft in…
Amazon Shows Prototype Smart Glasses For Delivery Drivers
Amazon shows prototype smart glasses that it says can reduce delivery times by up to 30 minutes over an eight- to 10-hour shift This article has been indexed from Silicon UK Read the original article: Amazon Shows Prototype Smart Glasses…
Huawei HarmonyOS 6 Adds AirDrop-Like Transfers To iPhones
Updated HarmonyOS 6 can now perform short-range file transfers to and from Apple iPhone devices, says China’s Huawei This article has been indexed from Silicon UK Read the original article: Huawei HarmonyOS 6 Adds AirDrop-Like Transfers To iPhones
Apple’s Giant Foldable iPad Faces Tech Delays
Apple faces technical hurdles in developing 18-inch foldable iPad, as it seeks to join address growing foldables market This article has been indexed from Silicon UK Read the original article: Apple’s Giant Foldable iPad Faces Tech Delays
Apple Loses UK Class-Action Lawsuit Over App Store Fees
London competition tribunal finds Apple abused market power to charge ‘excessive and unfair’ App Store developer fees This article has been indexed from Silicon UK Read the original article: Apple Loses UK Class-Action Lawsuit Over App Store Fees
Ransomware Actors Targeting Global Public Sectors and Critical Infrastructure
The public sector faces an unprecedented cybersecurity crisis as ransomware actors intensify their assault on government entities worldwide. According to Trustwave’s SpiderLabs research team, nearly 200 public sector organizations have been struck with ransomware in 2025 alone, with Babuk and…
HP OneAgent Update Brokes Trust And Disconnect Devices From Entra ID
The HP OneAgent software update has disconnected Windows devices from Microsoft Entra ID. As a result, users can no longer access their corporate identities. Version 1.2.50.9581 of the agent, pushed silently to HP’s Next Gen AI systems like the EliteBook…