A sophisticated campaign of cyber sabotage unfolded against Iran’s maritime communications infrastructure in late August 2025, cutting off dozens of vessels from vital satellite links and navigation aids. Rather than targeting each ship individually—a logistical nightmare across international waters—the attackers…
How AI is Changing the Game for SaaS Sales Teams
AI is transforming how SaaS companies find and convert customers. While traditional companies struggle with 32% conversion rates, AI-native firms hit 56%. Learn how automated GTM agents work 24/7 to spot prospects, track competitors, and optimize revenue—with real results. The…
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container. The vulnerability, tracked as CVE-2025-9074, carries…
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing’s strategic interests. “This multi-stage attack chain leverages advanced social engineering including…
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-8069 Citrix Session Recording Deserialization of Untrusted Data Vulnerability CVE-2024-8068 Citrix Session Recording Improper Privilege Management Vulnerability CVE-2025-48384 Git Link Following Vulnerability…
A new security flaw in TheTruthSpy phone spyware is putting victims at risk
Exclusive: Hackers can take over the accounts of TheTruthSpy spyware customers, putting their victims’ private phone data at risk thanks to a new security flaw. This article has been indexed from Security News | TechCrunch Read the original article: A…
AI browsers could leave users penniless: A prompt injection warning
Prompt injection attacks could be coming to an AI browser near you. Read on to understand what these attacks do and how to stay safe. This article has been indexed from Malwarebytes Read the original article: AI browsers could leave…
AI Data Security: Core Concepts, Risks, and Proven Practices
AI is everywhere now, and cybersecurity is no exception. If you’ve noticed your spam filter getting smarter or your bank flagging sketchy transactions faster, there’s a good chance AI is behind it. But the same tech that helps defend data…
AT&T will give you a free Google Pixel 10 Pro for a limited time – how the deal works
Along with free smartphones, AT&T is offering eligible customers 50% off Google’s new PixelSnap accessories. This article has been indexed from Latest news Read the original article: AT&T will give you a free Google Pixel 10 Pro for a limited…
5 rumored Apple iPhone Fold features that have me excited (and frustrated at the same time)
The first-ever Apple iPhone Fold could be the most expensive model yet, but it also holds the potential to move the folding phone segment forward. This article has been indexed from Latest news Read the original article: 5 rumored Apple…
Red teams and AI: 5 ways to use LLMs for penetration testing
<p>Large language models, such as ChatGPT, Gemini and Claude, are redefining how people obtain information and perform their daily tasks. The cybersecurity industry is no different. Teams are using LLMs for everything from security operations center automation to defending against…
New Android Spyware Disguised as an Antivirus Attacking Business Executives
In recent months, security teams have observed the emergence of a highly versatile Android backdoor, Android.Backdoor.916.origin, masquerading as a legitimate antivirus application. Distributed via private messaging services under the guise of “GuardCB,” its icon closely mimics the emblem of the…
Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure
In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging commercial proxy and VPN services to mask their attack infrastructure. The emergence of this tactic coincides with a broader shift toward…
Hackers Using PUP Advertisements to Silently Drop Windows Malware
In recent weeks, cybersecurity investigators have uncovered a novel campaign in which hackers leverage seemingly benign potentially unwanted program (PUP) advertisements to deliver stealthy Windows malware. The lure typically begins with ads promoting free PDF tools or desktop assistants that…
Proxyware Malware Mimic as YouTube Video Download Site Delivers Malicious Javascripts
Cybersecurity researchers have observed a surge in deceptive sites masquerading as YouTube video download services to deliver Proxyware malware in recent weeks. Victims seeking to grab videos in MP4 format are redirected through ad pages that sporadically present a download…
OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail
Researchers unveil OneFlip, a Rowhammer-based attack that flips a single bit in neural network weights to stealthily backdoor AI systems without degrading performance. The post OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail…
Vulnerability Summary for the Week of August 18, 2025
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 7ritn–VaulTLS VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL…
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn’t just a matter of…
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
Cybersecurity researchers have flagged a new phishing campaign that’s using fake voicemails and purchase orders to deliver a malware loader called UpCrypter. The campaign leverages “carefully crafted emails to deliver malicious URLs linked to convincing phishing pages,” Fortinet FortiGuard Labs…
Changing these 6 settings on my Samsung TV greatly improved the performance
Most people stick with default TV settings, but if you own a Samsung, tweaking a few key options can significantly improve your picture quality. This article has been indexed from Latest news Read the original article: Changing these 6 settings…
Fake Telegram Premium Website Spreads Lumma Stealer Malware
Cybersecurity researchers have uncovered a malicious campaign that uses a fraudulent Telegram Premium website to distribute a dangerous variant of the Lumma Stealer malware. According to a report by Cyfirma, the fake domain telegrampremium[.]app closely imitates the official Telegram…
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn’t just a matter of…
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn’t just a matter of…
IT Security News Hourly Summary 2025-08-25 18h : 15 posts
15 posts were published in the last hour 16:4 : The Apple AirTag just dropped to $17 each when you buy four – Here’s the deal 16:3 : Apple’s iPhone 17 event is right around the corner – here’s everything…
15,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Dokan Pro WordPress Plugin
On June 5th, 2025, we received a submission for a Privilege Escalation vulnerability in Dokan Pro, a WordPress plugin with more than 15,000 sales. This vulnerability makes it possible for an authenticated attacker, with vendor-level permission, to change the password…
Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities globally. GTIG assesses this was likely…
What 17,845 GitHub Repos Taught Us About Malicious MCP Servers
Spoiler: VirusTotal Code Insight’s preliminary audit flagged nearly 8% of MCP (Model Context Protocol) servers on GitHub as potentially forged for evil, though the sad truth is, bad intentions aren’t required to follow bad practices and publish code with critical…