Several cyberattacks on major British retailers including Marks & Spencer, the Co-op Group, and others have been attributed to social engineering, the practice of deceiving internal support teams by impersonating legitimate employees to deceive internal support teams. It has…
Category: EN
Magento Extension Supply Chain Attack Backdoors Hundreds of E-Commerce Sites
A coordinated supply chain attack has compromised between 500 and 1,000 Magento-based e-commerce websites through 21 backdoored extensions, according to new research from cybersecurity firm Sansec. The breach affected sites globally, including the one being operated by a multinational…
DOGE Employee Computer Infected with Malware and Leaked Data Found Info-Stealer Logs
Kyle Schutt, a 37-year-old DOGE employee identified in federal payroll records, has had his personal email address and associated passwords exposed in at least four distinct “stealer log” datasets published between late 2023 and early 2024. The revelations follow earlier…
Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services
Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects. Authorities dismantled a 20-year-old botnet tied to Anyproxy and 5socks as part of an international operation codenamed “Operation Moonlander”; four men, including three Russians,…
Google Chrome Uses Advanced AI to Combat Sophisticated Online Scams
Google has integrated artificial intelligence into its cybersecurity toolkit to shield users from financial and data theft scams. On Friday, May 09, 2025, the company unveiled a comprehensive report detailing its latest AI-driven initiatives across Search, Chrome, and Android, marking…
Why CISOs Must Prioritize Cybersecurity Culture in Remote Work
In the era of remote and hybrid work, Chief Information Security Officers (CISOs) are now tasked with cultivating a strong cybersecurity culture in remote work, extending far beyond traditional responsibilities like managing firewalls and monitoring networks. The shift to distributed…
Feds disrupt proxy-for-hire botnet, indict four alleged net miscreants
The FBI also issued a list of end-of-life routers you need to replace Earlier this week, the FBI urged folks to bin aging routers vulnerable to hijacking, citing ongoing attacks linked to TheMoon malware. In a related move, the US…
North Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOS
A North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and FinTech companies globally. Since 2023, their infamous Contagious Interview campaign has utilized malware such as…
“PupkinStealer” A New .NET-Based Malware Steals Browser Credentials & Exfiltrate via Telegram
A newly identified information-stealing malware, dubbed PupkinStealer, Developed in C# using the .NET framework, this lightweight yet effective malware targets sensitive user data, including browser credentials, desktop files, messaging app sessions, and screenshots. According to a CYFIRMA detailed analysis shared…
Steganography Challenge: My Solution, (Sat, May 10th)
When I tried to solve “Steganography Challenge” with the same method as I used in “Steganography Analysis With pngdump.py: Bitstreams”, I couldn't recover the text message. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the…
ICE’s Deportation Airline Hack Reveals Man ‘Disappeared’ to El Salvador
Plus: A DOGE operative’s laptop reportedly gets infected with malware, Grok AI is used to “undress” women on X, a school software company’s ransomware nightmare returns, and more. This article has been indexed from Security Latest Read the original article:…
Five things we learned from WhatsApp vs. NSO Group spyware lawsuit
The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here. This article has been indexed from Security News | TechCrunch Read the original article: Five things we learned from WhatsApp vs. NSO…
UK Ministry of Defence is spending less with US biz, and more with Europeans
France’s share of MOD cash is growing while the US’s shrinks The UK’s Ministry of Defence (MOD) is gradually shifting its spending from the US to Europe, according to research from Tussell.… This article has been indexed from The Register…
Your Android phone is getting a new security secret weapon – and it’s a big deal
This new security feature will make your Android phone more difficult to access if you haven’t used it in a while. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Your Android phone…
Beware! Fake AI Video Generation Platforms Drop Stealer Malware on Your Computers
As artificial intelligence (AI) tools gain mainstream traction for content creation, cybercriminals are capitalizing on the hype with a sophisticated new attack vector, fake AI platforms promising advanced video and image editing capabilities. These fraudulent sites, amplified through viral social…
20 Years old Proxy Botnet Network Dismantled That Exploits 1000 Unique Unpatched Devices Weekly
In a coordinated effort, Lumen Technologies’ Black Lotus Labs, the U.S. Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Dutch National Police have dismantled a sophisticated criminal proxy network that has operated since 2004. The botnet,…
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data
Germany’s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on April…
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users’ personal location and maintaining their facial recognition data without consent. The $1.375 billion payment dwarfs the…
Building IDP Resilience
In today’s digital economy, identity is more than just an authentication checkpoint—it’s the backbone of user access, security, and continuity. And as CISOs and IAM architects work to modernize their identity systems, one imperative has moved from the sidelines to…
How to rationalize IDPs (without painful migrations)
For enterprise CIOs, CISOs, and IT leaders, managing multiple identity providers (IDPs) is a costly, complex, and security-intensive challenge. Whether due to M&A activities, multi-cloud strategies, or regulatory requirements, fragmented identity ecosystems drive up expenses, increase security risks, and hinder…