Check out the latest security news from the Informa TechTarget team. This article has been indexed from Search Security Resources and Information from TechTarget Read the original article: News brief: AI security risks highlighted at RSAC 2025
Category: EN
Hackers Attacking IT Admins by Poisoning SEO to Move Malware on Top of Search Results
Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques to push malicious versions of commonly used administrative tools to the top of search engine…
OpenText Report Shines Spotlight on Malware Infection Rates
A 2025 cybersecurity threat report based on analysis of data collected from tens of millions of endpoints by OpenText shows that the malware infection rate for business PCs now stands at 2.39%, with 87% of that malware being based on…
Congratulations to the Top MSRC 2025 Q1 Security Researchers!
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2025 Q1 Security Researcher Leaderboard are…
A cyber attack briefly disrupted South African Airways operations
A cyberattack briefly disrupted South African Airways’ website, app, and systems, but core flight operations remained unaffected. South African Airways (SAA) is the national flag carrier of South Africa, the airline is wholly owned by the South African government and…
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands
A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named ‘discordpydebug’ appeared on the Python Package Index (PyPI) under the innocuous description “Discord…
COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs
Written by: Wesley Shields Google Threat Intelligence Group (GTIG) has identified a new piece of malware called LOSTKEYS, attributed to the Russian government-backed threat group COLDRIVER (also known as UNC4057, Star Blizzard, and Callisto). LOSTKEYS is capable of stealing files…
Google Chrome will use AI to block tech support scam websites
Google announced it will equip Chrome with an AI driven method to detect and block Tech Support Scam websites This article has been indexed from Malwarebytes Read the original article: Google Chrome will use AI to block tech support scam…
OpenAI’s $3B Windsurf move: the real reason behind its enterprise AI code push
OpenAI’s $3B Windsurf buy puts it on defense as Google & Anthropic surge in AI-powered coding—discover the stakes for agentic development and enterprise teams. This article has been indexed from Security News | VentureBeat Read the original article: OpenAI’s $3B…
VC behemoth Insight Partners fears top-secret financial info swiped by cyber-miscreants
Weapons-grade fuel for fraud Insight Partners, a mega venture capital firm with more than $90 billion in funds under management, fears network intruders got their hands on internal sensitive data about employees, portfolio companies, investors, and more.… This article has…
OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new…
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to…
6 Year Old Sleeper Attack Uncovered, Fake Bank Draft Scam, and Signal Tool Breach
In this episode of Cybersecurity Today, host Jim Love delves into a range of alarming cyber incidents. A six-year sleeper supply chain attack has compromised thousands of e-commerce websites, exploiting vulnerabilities in Magento extensions from vendors Tigren, Meetanshi, and Magesolution.…
Critical Cybersecurity Breaches: OneDrive Default Settings, PowerSchool Ransom, and DOGE Staffer Compromises
In this episode of Cybersecurity Today, host Jim Love discusses recent cybersecurity breaches and vulnerabilities. Key topics include a security flaw in the new default setting of Microsoft OneDrive, a ransom incident involving PowerSchool that compromised student data, and the…
Cyberattackers Targeting IT Help Desks for Initial Breach
Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into granting access to critical systems, according to recent analyses by cybersecurity experts. This tactic exploits inherent human tendencies to defer to perceived authority figures, enabling attackers…
US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car
A CBP spokesperson tells WIRED that the agency plans to expand its program for real-time face recognition at the border, potentially aiding Trump administration efforts to track people who self-deport. This article has been indexed from Security Latest Read the…
FBI and Dutch police seize and shut down botnet of hacked routers
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices. This article has been indexed from Security News | TechCrunch Read the original article: FBI and Dutch police…
Threat Actors Target Job Seekers with Three New Unique Adversaries
Netcraft has uncovered a sharp rise in recruitment scams in 2024, driven by three distinct threat actors employing unique and highly technical strategies to exploit vulnerabilities in the job market. As economic pressures like wage stagnation, the cost-of-living crisis, and…
Hackers Weaponizing Facebook Ads to Deploy Multi-Stage Malware Attacks
A persistent and highly sophisticated malvertising campaign on Facebook has been uncovered by Bitdefender Labs, exploiting the trust associated with major cryptocurrency exchanges to distribute multi-stage malware. This ongoing operation, active for several months as of May 2025, leverages advanced…
New Stealthy .NET Malware Hiding Malicious Payloads Within Bitmap Resources
Cybersecurity researchers at Palo Alto Networks’ Unit 42 have uncovered a novel obfuscation method employed by threat actors to conceal malware within bitmap resources of seemingly benign 32-bit .NET applications. This advanced steganography technique embeds malicious payloads in bitmap files,…