Operation Serengeti 2.0 operators helped recover $97.4m stolen by cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol-Led African Cybercrime Crackdown Leads to 1209 Arrests
Tencent Keen Security Lab joins GENIVI Alliance
Tencent Keen Security Lab (Keen Lab) has joined the GENIVI Alliance, a non-profit alliance focused on delivering open source, in-vehicle infotainment (IVI) and connected vehicle software. This article has been indexed from Keen Security Lab Blog Read the original article:…
Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars
Since 2017, Lexus has equipped several models (including Lexus NX, LS and ES series) with a new generation infotainment, which is also known as AVN (Audio, Visual and Navigation) unit. Compared to some Intelligent connected infotainment units, like Tesla IVI…
Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars
MBUX, Mercedes-Benz User Experience is the infotainment system in Mercedes-Benz cockpits. Mercedes-Benz first introduced MBUX in the new A-Class back in 2018, and is adopting MBUX in their entire vehicle line-up, including Mercedes-Benz E-Class, GLE, GLS, EQC, etc. In this…
Hackers Target Phones of Military-Linked Individuals in South Asia Using New Spy Tools
Cyber threat actors have launched sophisticated phishing operations aimed at military and government personnel in South Asia, leveraging defense-related lures to distribute malicious archives and applications. Recent detections include ZIP files like “Coordination of the Chief of Army Staff’s Visit…
Rogue Go Module Doubles as Fast SSH Brute-Forcer, Sends Stolen Passwords via Telegram
Socket’s Threat Research Team has uncovered a deceptive Go module named golang-random-ip-ssh-bruteforce, which masquerades as an efficient SSH brute-forcing tool but secretly exfiltrates stolen credentials to its creator. Published on June 24, 2022, this package remains active on the Go…
AI Systems Capable of Generating Working Exploits for CVEs in Just 10–15 Minutes
Cybersecurity researchers have developed an artificial intelligence system capable of automatically generating working exploits for published Common Vulnerabilities and Exposures (CVEs) in just 10-15 minutes at approximately $1 per exploit, fundamentally challenging the traditional security response timeline that defenders rely…
Azure’s Default API Connection Vulnerability Enables Full Cross-Tenant Compromise
A critical vulnerability in Microsoft Azure’s API Connection infrastructure enabled attackers to compromise resources across different Azure tenants worldwide. The flaw, which earned Gulbrandsrud a $40,000 bounty and a Black Hat presentation slot, exploited Azure’s shared API Management (APIM) instance…
Colt Confirms Customer Data Stolen in Ransomware Attack
Telecommunications giant Colt Technology Services has confirmed that customer data was compromised in a sophisticated cyber attack that began on August 12, 2025. The company disclosed that threat actors accessed sensitive files containing customer information and subsequently posted document titles…
NIST Releases Control Overlays to Manage Cybersecurity Risks in Use and Developments of AI Systems
The National Institute of Standards and Technology (NIST) has unveiled a comprehensive concept paper outlining proposed NIST SP 800-53 Control Overlays for Securing AI Systems, marking a significant milestone in establishing standardized cybersecurity frameworks for artificial intelligence applications. Released on…
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks. “The adversary has also shown considerable ability to quickly…
How I’m bringing back physical media – and the 5 home theater gadgets helping me do it
I found the best tech for creating a home theater that can handle everything from vinyls to cloud gaming, as well as some storage options to keep it all organized. This article has been indexed from Latest news Read the…
AI Agents Need Data Integrity
Think of the Web as a digital territory with its own social contract. In 2014, Tim Berners-Lee called for a “Magna Carta for the Web” to restore the balance of power between individuals and institutions. This mirrors the original charter’s…
IT Security News Hourly Summary 2025-08-22 12h : 7 posts
7 posts were published in the last hour 10:4 : Microsoft Warns of Hackers Using ClickFix Technique to Attack Windows and macOS Devices 10:4 : AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure 10:4 : CPAP Medical…
Developer Who Hacked Former Employer’s Systems Sentenced to Prison
Davis Lu was sentenced to four years in prison for installing malicious code on employer’s systems and for deleting encrypted data. The post Developer Who Hacked Former Employer’s Systems Sentenced to Prison appeared first on SecurityWeek. This article has been…
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace. Most organizations still rely on traditional reporting methods—static…
Attackers Abuse Virtual Private Servers to Compromise SaaS Accounts
Darktrace observed a coordinated campaign on customer SaaS accounts, all of which involved logins from IP addresses linked to VPS providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Abuse Virtual Private Servers to Compromise SaaS…
Stealth Threat Unpacked: Weaponized RAR Files Deliver VShell Backdoor on Linux Systems
Trellix Advanced Research Center has exposed an infection chain that weaponises nothing more than a filename to compromise Linux hosts. A spam message masquerading as a beauty-product survey offers a small reward and carries a RAR archive, yy.rar. When unpacked,…
Malicious PDFs in Play: UAC-0057 Leveraging Invitations to Trigger Shell Script Attacks
The Belarusian-affiliated threat actor UAC-0057, also known as UNC1151, FrostyNeighbor, or Ghostwriter, has been using weaponized archives that contain phony PDFs that are posing as official invitations and documents to target organizations in Poland and Ukraine in a sophisticated cyber…
Samsung is giving away free 65-inch TVs right now – here’s how to get one
Right now, when you buy a 98-inch QN90F or 100-inch QN80F from Samsung, you’ll get a free 65-inch Crystal UHD U8000F. Here’s what to know. This article has been indexed from Latest news Read the original article: Samsung is giving…
The best photo editing software of 2025: Expert tested and reviewed
There’s more out there than just Photoshop. Check out our top picks for the best photo editing software for professional polishing and creative effects. This article has been indexed from Latest news Read the original article: The best photo editing…
5 ways Mercedes F1 harnesses data and the latest tech to perfect race day performance
From digital twins to AI explorations, the head of IT operations explains how his Formula One team exploits data and technology. This article has been indexed from Latest news Read the original article: 5 ways Mercedes F1 harnesses data and…
The best smart TV VPNs of 2025: Expert tested and reviewed
ZDNET’s favorite smart TV VPNs let you kick back and enjoy content worldwide, providing speedy, secure streaming and a little more privacy. This article has been indexed from Latest news Read the original article: The best smart TV VPNs of…
Colt Discloses Breach After Warlock Ransomware Group Puts Files Up for Sale
Colt Technology Services confirmed a data breach by the WarLock ransomware group; the company is working to restore disrupted systems. Colt Technology Services confirmed that threat actors breached its systems and stole some data. The telecoms company is working to restore…
Former developer jailed after deploying kill-switch malware at Ohio firm
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out…
After SharePoint attacks, Microsoft stops sharing PoC exploit code with China
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after…
Modern vehicle cybersecurity trends
Modern vehicles, their current and future threats, and approaches to automotive cybersecurity. This article has been indexed from Securelist Read the original article: Modern vehicle cybersecurity trends