Critical flaws in Fluent Bit threaten telemetry across platforms according to an advisory published by Oligo Security researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Flaws Expose Risks in Fluent Bit Logging Agent
Iberia Alerts Customers To Data Breach
Iberia, the Spanish flag carrier, has begun notifying its customers that their personal information was compromised following a security incident The post Iberia Alerts Customers To Data Breach first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Delta Dental Virginia Breach Hits 146000
Dental services provider Delta Dental of Virginia (DDVA) is in the process of notifying roughly 146,000 individuals that their personal and health information The post Delta Dental Virginia Breach Hits 146000 first appeared on CyberMaterial. This article has been indexed…
Microsoft To Remove WINS After 2025
Microsoft has issued a clear warning to IT administrators regarding the upcoming removal of the Windows Internet Name Service (WINS) from future Windows The post Microsoft To Remove WINS After 2025 first appeared on CyberMaterial. This article has been indexed…
Scattered Spider Members Deny TfL Charges
Two British teenagers accused of offenses under the Computer Misuse Act in connection with a cyberattack on Transport for London (TfL) formally The post Scattered Spider Members Deny TfL Charges first appeared on CyberMaterial. This article has been indexed from…
Google Adds AirDrop Support To Android
In a surprising announcement on Thursday, Google revealed a significant update to Quick Share, its service for peer-to-peer file transfer. The post Google Adds AirDrop Support To Android first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Amazon Is Using Specialized AI Agents for Deep Bug Hunting
Born out of an internal hackathon, Amazon’s Autonomous Threat Analysis system uses a variety of specialized AI agents to detect weaknesses and propose fixes to the company’s platforms. This article has been indexed from Security Latest Read the original article:…
US banks scramble to assess data theft after hackers breach financial tech firm
U.S. banking giants including JPMorgan Chase, Citi, and Morgan Stanley are working to identify what data was stolen in a recent cyberattack on a New York financial firm. This article has been indexed from Security News | TechCrunch Read the…
Shai-Hulud worm returns, belches secrets to 25K GitHub repos
Trojanized npm packages spread new variant that executes in pre-install phase, hitting thousands within days A self-propagating malware targeting node package managers (npm) is back for a second round, according to Wiz researchers who say that more than 25,000 developers…
Trend Vision One AI Security Package delivers proactive protection for AI environments
Trend Micro will launch the Trend Vision One AI Security Package in December. The package delivers centralized exposure management with analytics for AI-driven environments. It protects the AI application stack from model development to runtime and extends security across every…
IT Security News Hourly Summary 2025-11-24 15h : 16 posts
16 posts were published in the last hour 14:4 : GhostAd: Hidden Google Play Adware Drains Devices and Disrupts Millions of Users 14:4 : Attackers deliver ShadowPad via newly patched WSUS RCE bug 14:4 : Microsoft Highlights Security Risks Introduced…
GhostAd: Hidden Google Play Adware Drains Devices and Disrupts Millions of Users
Check Point researchers uncover a large-scale Android adware campaign that silently drains resources and disrupts normal phone use through persistent background activity. During an internal threat-hunting investigation, Check Point Harmony Mobile Detection Team identified a network of Android applications on…
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the…
Microsoft Highlights Security Risks Introduced by New Agentic AI Feature
Without proper security controls, AI agents could perform malicious actions, such as data exfiltration and malware installation. The post Microsoft Highlights Security Risks Introduced by New Agentic AI Feature appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Russian-linked Malware Campaign Hides in Blender 3D Files
Morphisec has observed a new operation embedding StealC V2 malware in Blender project files, targeting users via 3D assets and launching a multi-stage infection chain This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian-linked Malware Campaign Hides…
Phantom Stores: Retail Impersonation Spreads Ahead of Black Friday Powered by Video Ads and Modular…
Phantom Stores: Retail Impersonation Spreads Ahead of Black Friday Powered by Video Ads and Modular ‘Holiday Skins’ Kit In the frenzied weeks leading up to Black Friday and Cyber Monday, Ad Tech’s busiest season, a new cluster of phantom storefronts has…
Zapier’s NPM Account Hacked – Multiple Packages Infected with Self-Propagating Shai Hulud Malware
A massive supply chain attack targeting the NPM accounts of automation giant Zapier and the Ethereum Name Service (ENS). Identified by Aikido Security, the campaign is being orchestrated by the same threat actors responsible for the “Shai Hulud” self-propagating worm…
ToddyCat APT Accessing Organizations Internal Communications of Employees at Target Companies
The ToddyCat APT group has developed new ways to access corporate email communications at target organizations. Email remains the main way companies handle business communications, whether through their own servers like Microsoft Exchange or through cloud services such as Microsoft…
New EtherHiding Attack Uses Web-Based Attacks to Deliver Malware and Rotate Payloads
A new threat known as EtherHiding is reshaping how malware spreads through the internet. Unlike older methods that rely on traditional servers to deliver harmful code, this attack uses blockchain smart contracts to store and update malware payloads. The approach…
Hackers Leverage Malicious PyPI Package to Attack Users and Steal Cryptocurrency Details
A dangerous malware campaign has surfaced targeting cryptocurrency users through a deceptive Python package hosted on the PyPI repository. The threat actors disguised their malicious code within a fake spell-checking tool, mimicking the legitimate pyspellchecker package that boasts over 18…
FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk
Months after China-linked spies burrowed into US networks, regulator tears up its own response The Federal Communications Commission (FCC) has scrapped a set of telecom cybersecurity rules introduced after the Salt Typhoon espionage campaign, reversing course on measures designed to…
Security is at a Tipping Point: Why Complexity is the New Risk Vector
Security is reaching a breaking point as growing technical complexity becomes a major risk vector. Learn why modern systems amplify threats—and how to stay ahead. The post Security is at a Tipping Point: Why Complexity is the New Risk Vector …
Users Will Soon Text From External Apps Directly Inside WhatsApp
WhatsApp is taking a significant step towards ensuring greater digital openness across Europe by enabling seamless communication that extends beyond the borders of its own platform, making it closer to enabling seamless communication that extends beyond the confines of…
Checkout Refuses ShinyHunters Ransom, Donates Funds to Cybersecurity Research
Checkout, a UK-based financial tech firm, recently suffered a data breach orchestrated by the cybercriminal group ShinyHunters, who have demanded a ransom for stolen merchant data. In response, the company announced it would not pay the ransom but instead…