Apple has issued threat notifications to users across 100 countries, warning them that their devices may have been targeted by sophisticated commercial spyware. The alerts, sent earlier this week, were confirmed by at least two recipients, including Italian journalist…
Category: EN
Now You Can Hire AI Tools Like Freelancers — Thanks to This Indian Startup
A tech startup based in Ahmedabad is changing how businesses use artificial intelligence. The company has launched a platform that allows users to hire AI tools the same way they hire freelancers— on demand and for specific tasks. Over…
Carolina Anaesthesiology Firm’s Massive Data Breach Impacts Nearly 21,000 Patients
Jeremiah Fowler, a security researcher, uncovered a non-password-protected database thought to be owned by Carolina Anaesthesiology PA, a healthcare organisation based in North Carolina. This dataset included several states, had 21,344 records, and was about 7GB in size. The…
Jammu Municipal Corporation Targeted in Major Cyberattack, Sensitive Data Allegedly Stolen
In a significant breach of digital infrastructure, the Jammu Municipal Corporation (JMC) has fallen victim to a cyberattack believed to have resulted in the loss of vast amounts of sensitive data. According to high-level intelligence sources, the attackers managed…
Claude AI Abused in Influence-as-a-Service Operations and Campaigns
Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of adversarial operations, most notably a financially motivated “influence-as-a-service” campaign. This operation leveraged Claude’s advanced language capabilities to manage over 100 social media bot accounts across…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 44
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape io_uring Is Back, This Time as a Rootkit I StealC You: Tracking the Rapid Changes To StealC Interesting WordPress Malware Disguised…
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
Hitachi Vantara, a subsidiary of Japan’s Hitachi conglomerate, temporarily shut down several servers over the weekend after falling victim to a ransomware incident attributed to the Akira group. The company, known for offering data infrastructure, cloud operations, and cyber…
Altman’s eyeball-scanning biometric blockchain orbs officially come to America
El Reg checks out shop in SF On Thursday, six stores across America opened their doors with a curious proposition: Come on in, let a metal orb scan your irises, and walk out with a new online profile that promises…
Big Game Ransomware: the myths experts tell board members
There’s a piece in The Sunday Times today about the DragonForce ransomware incident at Marks and Spencer which caught my eye. It’s a great piece, e.g. it looks at M&S containing the threat to eradicate it. For example, the incident…
Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Rhysida Ransomware gang…
Why Ransomware Isn’t Just a Technology Problem (It’s Worse)
Ransomware isn’t a tech failure – it’s a market failure. If you think the hardest part is getting hacked, wait until the lawyers, insurers, and PR firms show up. The post Why Ransomware Isn’t Just a Technology Problem (It’s Worse)…
Why NHIs Leave Security Experts Satisfied
Why is Satisfaction with NHIs Paramount in Security Expertise? When it comes to managing security, Non-Human Identities (NHIs) have become a critical focus for many CISOs and security professionals. This growing importance prompts the question: Why does satisfaction with NHIs…
Are Your NHIs Capable of Handling New Threats?
Are Your Non-Human Identities Prepared for Emerging Cybersecurity Threats? Understanding the readiness and response efficiency of your Non-Human Identities (NHIs) to new cybersecurity threats is crucial. This post seeks to shed light on the criticality of managing NHIs robustly and…
Threat Alert: Hackers Using AI and New Tech to Target Businesses
Hackers are exploiting the advantages of new tech and the availability of credentials, commercial tools, and other resources to launch advanced attacks faster, causing concerns among cybersecurity professionals. Global Threat Landscape Report 2025 The 2025 Global Threat Landscape Report by…
US Targets Chinese Hacker with $10 Million Bounty.
There has been a rare and pointed move by the Federal Bureau of Investigation (FBI), which highlights the growing threat of state-sponsored cyberespionage. This was announced through a public announcement earlier this week, stating they would offer a reward…
Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 Conference RSAC 2025 Conference took place at the Moscone Center in San Francisco. Check out our microsite for related news, photos, product releases,…
Threat Actors Attacking U.S. Citizens Via Social Engineering Attack
As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S. citizens, according to a detailed report from Seqrite Labs. Security researchers have uncovered a malicious campaign exploiting the tax season through sophisticated social engineering tactics,…
TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise
Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious financially motivated threat actor Golden Chickens, also known as Venom Spider. Active between January and April 2025, these tools signal a persistent evolution in the…
MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques
MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in the arsenal of multiple threat actors, including the notorious TAG-124 (LandUpdate808) and SocGholish groups. This malware, identified in phishing and drive-by download campaigns, employs advanced…
Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA
Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging reverse proxies to intercept sensitive data. As phishing tactics grow more advanced, traditional defenses like spam filters and user training are proving insufficient. Attackers deploy…