A sophisticated malware campaign has emerged that deploys stealthy NodeJS backdoors through deceptive CAPTCHA verification screens, security researchers revealed today. This campaign represents a growing trend of threat actors exploiting seemingly legitimate security measures to distribute malicious code, targeting users…
Category: EN
Microsoft Exchange Online Flagging Gmail Emails as Spam – Fixes Issued
Microsoft has resolved a widespread issue with its Exchange Online service that caused legitimate emails from Gmail accounts to be incorrectly identified as spam and quarantined. The problem, which began on April 25, affected numerous organizations using Microsoft 365 and…
Hackers Weaponizing Go Modules to Deliver Disk-Wiping Malware Leads to Data Loss
A devastating new supply-chain attack has emerged in the Go ecosystem, with attackers deploying highly destructive disk-wiping malware through seemingly legitimate modules. This sophisticated attack exploits the inherent openness of Go’s package ecosystem, where developers routinely source modules directly from…
ANY.RUN Unveils Q1 2025 Malware Trends Report, Highlighting Evolving Cyber Threats
ANY.RUN, a leading cybersecurity firm, has released its Q1 2025 Malware Trends Report, offering critical insights into the dynamic cyber threat landscape. Drawing from data analyzed by 15,000 companies and 500,000 analysts within ANY.RUN’s Interactive Sandbox delivers actionable intelligence to…
Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures
The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations. The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on SecurityWeek. This article has…
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
Ireland’s Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users’ data to China. “TikTok infringed the GDPR regarding its transfers of EEA…
White House Warns China of Cyber Retaliation Over Infrastructure Hacks
NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Warns China of Cyber Retaliation Over Infrastructure…
Apple Warns Trump’s Tariffs Will Raise Costs By $900m
Apple says iPhones sold in US will no longer come from China, as Q2 results show it has so far mostly avoided Trump’s tariff impact This article has been indexed from Silicon UK Read the original article: Apple Warns Trump’s…
In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down
Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code Leak, $17,500 for iPhone…
macOS Sandbox Escape Vulnerability Allows Keychain Deletion and Replacement
A security vulnerability in macOS has been discovered. It allows malicious actors to escape the App Sandbox protection by manipulating security-scoped bookmarks. Tracked as CVE-2025-31191, this vulnerability enables a threat actor to delete and replace a keychain entry critical for authenticating file…
Unmasking AI in Cybersecurity – From Dark-Web Tactics to Next-Gen Defenses
Artificial intelligence is fundamentally reshaping the cybersecurity landscape, introducing both unprecedented defensive capabilities and alarming new attack vectors. The rapid evolution of generative AI and large language models (LLMs) has created a technological inflection point where digital identity verification mechanisms-including…
State-Sponsored Hacktivism Attacks on The Rise, Rewrites Cyber Threat Landscape
The global cybersecurity landscape is witnessing an alarming paradigm shift as state-sponsored hacktivism attacks have surged dramatically in recent months, blurring the traditional boundaries between politically motivated activism and sophisticated nation-state operations. These hybrid threats combine the ideological zeal of…
NCSC Guidance on “Advanced Cryptography”
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic…
New Microsoft accounts will be “passwordless by default”
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the default behavior for new accounts,” Vasu…
MIWIC25: Marine Ruhamanya, Cybersecurity Senior Manager
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected…
15 Billion User Gain Passwordless Access to Microsoft Account Using Passkeys
As the first-ever World Passkey Day replaces the traditional World Password Day, Microsoft joins the FIDO Alliance in celebrating a milestone achievement: over 15 billion online accounts now have access to passwordless authentication through passkeys. This significant shift marks a…
15 PostgreSQL Monitoring Tools – 2025
PostgreSQL monitoring tools are essential for database administrators to ensure the optimal performance, availability, and reliability of PostgreSQL databases. These tools provide real-time insights into performance metrics, such as query execution times, CPU usage, memory consumption, and disk I/O, helping…
UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks
Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks. The post UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Use AI-Driven Reconnaissance to Identify Cyber Threats
Surviving in the digital world is not about stopping the next attack. It’s about preventing any new attack from surfacing. It’s about cyberdefense – predictively and not just reactively. Like the time when GPS revolutionized navigation by showing us what…
How to Automate CVE and Vulnerability Advisory Response with Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent standout…