Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday is the biggest day in the retail calendar. It’s also the riskiest. As you gear…
Russia-linked crooks bought a bank for Christmas to launder cyber loot
UK cops trace street-level crime to sanctions-busting networks tied to Moscow’s war economy On Christmas Day 2024, a Russian-linked laundering network bought itself a very special present: a controlling stake in a Kyrgyzstan bank, later used to wash cybercrime profits…
Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise
The number of participants in the cyber and physical grid security exercise increased by nearly 50% compared to two years ago. The post Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise appeared first on SecurityWeek. This article…
Hyundai faces security incident with potential data exposure
In the past few months, Hyundai AutoEver America, a division of Hyundai Motor Group, has confirmed a recent data breach that exposed sensitive personal information after hackers infiltrated its internal IT environment earlier this year, revealing a recent data…
ClickFix: The Silent Cyber Threat Tricking Families Worldwide
ClickFix has emerged as one of the most pervasive and dangerous cybersecurity threats in 2025, yet remains largely unknown to the average user and even many IT professionals. This social engineering technique manipulates users into executing malicious scripts—often just…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices. The…
Hidden Comet Browser API Allowed Dangerous Local Command Execution
A hidden MCP API in Comet let extensions execute local commands on user devices. The post Hidden Comet Browser API Allowed Dangerous Local Command Execution appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data…
Scaling Cyber: meet the next cybersecurity global leaders
Agentic Threat Hunting, Predictive Threat Intelligence, Disinformation Security & Cyber Deception and more The post Scaling Cyber: meet the next cybersecurity global leaders appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
Allies Sanction Russian Network Behind Major Cyberattacks
The UK, US, and Australia sanctioned Media Land, a Russian network enabling major cyberattacks. The post Allies Sanction Russian Network Behind Major Cyberattacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
Critical ASUSTOR Vulnerability Let Attackers Execute Malicious Code with Elevated Privileges
A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers to execute malicious code with elevated system privileges. The flaw, tracked as CVE-2025-13051, affects two widely used ASUSTOR applications and poses a significant risk to…
Critical Grafana Vulnerability Let Attackers Escalate Privilege
Grafana Labs has disclosed a critical security vulnerability affecting Grafana Enterprise that could allow attackers to escalate privileges and impersonate users. The flaw, tracked as CVE-2025-41115, has received the maximum CVSS score of 10.0, making it one of the most severe…
Broadcom Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The Cl0p ransomware group has claimed responsibility for infiltrating Broadcom’s internal systems as part of an ongoing exploitation campaign targeting Oracle E-Business Suite vulnerabilities. The hack uses a critical zero-day vulnerability (CVE-2025-61882) rated 9.8 on the CVSS scale, allowing attackers…
China-linked APT24 Hackers New BadAudio Compromised Legitimate Public Websites to Attack Users
APT24, a sophisticated cyber espionage group linked to China’s People’s Republic, has launched a relentless three-year campaign delivering BadAudio, a highly obfuscated first-stage downloader that enables persistent network access to targeted organizations. The threat actor has demonstrated remarkable adaptability by…
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance
The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories. The post SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance appeared first on SecurityWeek. This article has been indexed…
Salesforce Gainsight compromise: Early findings and customer guidance
In the wake of Salesforce’s announcement about “unusual activity involving Gainsight-published applications” and the company’s revocation of access and refresh tokens associated with them, Gainsight has been doing a good job keeping customers updated on current investigation findings. On the…
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign. “While earlier operations relied on broad strategic web…
Why IT Admins Choose Samsung for Mobile Security
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams…
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks
APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads. The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
This Hacker Conference Installed a Literal Anti-Virus Monitoring System
At New Zealand’s Kawaiican cybersecurity convention, organizers hacked together a way for attendees to track CO2 levels throughout the venue—even before they arrived. This article has been indexed from Security Latest Read the original article: This Hacker Conference Installed a…
SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability
SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake. The post SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability appeared first on SecurityWeek. This…
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized…
Runlayer Emerges From Stealth Mode With $11 Million in Funding
The company has operated in stealth mode for four months and has signed dozens of customers, including eight unicorns. The post Runlayer Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek. This article has been indexed…
IT Security News Hourly Summary 2025-11-21 12h : 5 posts
5 posts were published in the last hour 10:31 : ToddyCat: your hidden email assistant. Part 1 10:31 : New Gainsight Supply Chain Hack Could Affect Salesforce Customers 10:6 : Use of CSS stuffing as an obfuscation technique?, (Fri, Nov…