Threat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systems This article has been indexed from www.infosecurity-magazine.com…
CyCOS Expands UK SME Cybersecurity Support
A UK pilot program designed to provide peer-led cybersecurity support to small and medium enterprises is preparing for significant expansion. This article has been indexed from CyberMaterial Read the original article: CyCOS Expands UK SME Cybersecurity Support
JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware
A newly identified threat actor tracked as JINX-0164 is targeting cryptocurrency organizations through sophisticated LinkedIn-based social engineering campaigns. The financially motivated group has been active since at least mid-2025. It is leveraging custom macOS malware, credential theft, and CI/CD pipeline…
DIL Observatory: when the World Escalates, the Underground Responds
Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the connection between real-world events and cyber activity is no longer…
Signal users targeted in backup-stealing phishing attacks
Cybercriminals are impersonating Signal Support to steal backup recovery keys, giving them access to victims’ entire message archives. This article has been indexed from Malwarebytes Read the original article: Signal users targeted in backup-stealing phishing attacks
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian…
Typosquatted npm Packages Steal Cloud Secrets
A supply chain attack targeting the npm ecosystem has been discovered, with malicious actors deploying typosquatted packages designed to steal sensitive credentials from developers. This article has been indexed from CyberMaterial Read the original article: Typosquatted npm Packages Steal Cloud…
Trusted Dev Tools Abused in Supply Chain Attacks
Cybersecurity authorities are warning of an escalating threat to software development environments as attackers increasingly abuse trusted developer tools to breach supply chains. This article has been indexed from CyberMaterial Read the original article: Trusted Dev Tools Abused in Supply…
Iranian Hackers Hit LA Transit Network
A cyberattack that disrupted Los Angeles public transit systems in March 2024 has been linked to Iranian intelligence services, according to research published by Tel Aviv-based cybersecurity firm Gambit Security. This article has been indexed from CyberMaterial Read the original…
Email Deliverability Tools Market Growth
Email deliverability has become a critical infrastructure challenge as global inbox placement rates fell to 83.5% in 2024, according to Validity’s annual benchmark. This article has been indexed from CyberMaterial Read the original article: Email Deliverability Tools Market Growth
Google engineer charged with insider trading
Federal authorities have charged a Google security engineer with insider trading after the individual allegedly used confidential company information to win approximately $1.2 million on Polymarket, a decentralized prediction market platform that operates using cryptocurrency. This article has been indexed…
GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations
Threat actors are increasingly turning to generative AI tools such as ChatGPT and Google Gemini to accelerate cyberattack operations, lowering technical barriers and reshaping modern threat landscapes. A recent report by WithSecure highlights a Russia-linked threat group, tracked as GREYVIBE,…
Russia-linked threat group put ChatGPT to work from lure to payload
Researchers say ‘GREYVIBE’ crew used AI tools throughout a campaign targeting Ukrainian military and government This article has been indexed from www.theregister.com – Articles Read the original article: Russia-linked threat group put ChatGPT to work from lure to payload
ChatGPT blindly trusts browser content, turning the page into a payload
You and me go ChatGPhish-ing in the dark This article has been indexed from www.theregister.com – Articles Read the original article: ChatGPT blindly trusts browser content, turning the page into a payload
New infostealer reaches enterprise devices through FortiClient EMS vulnerability
Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” Arctic Wold…
Malicious NuGet Package Disguised as Sicoob SDK Exfiltrates Banking Passwords
A newly discovered malicious NuGet package disguised as a legitimate Sicoob software development kit (SDK) has been caught exfiltrating sensitive banking credentials, highlighting a dangerous evolution in software supply chain attacks. Security researchers from Socket revealed that the package, published…
Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild. Microsoft is angry. The researcher says Microsoft ignored them first. Over the past month, a researcher going by Chaotic Eclipse, also known as Nightmare-Eclipse,…
Chilling Effects
Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration, college campus protests nationwide have gone silent. And at many schools, student…
Acumen Cyber and AttackIQ Partner to Strengthen Cyber Defense Validation
Acumen Cyber has announced a strategic partnership with AttackIQ to help organizations continuously validate their cyber defenses against real-world threats and reduce exposure to modern attacks. The partnership combines Acumen Cyber’s engineering-led security operations expertise with AttackIQ’s Continuous Threat Exposure…
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
Attorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March. The post California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach appeared first on SecurityWeek.…
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
Shadow AI used to mean employees pasting things they shouldn’t into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in…
Trusted Dev Tools Abused to Steal Code and Secrets
Attackers are increasingly weaponizing trusted developer tools to infiltrate software supply chains, with CISA warning of multiple ongoing campaigns targeting CI/CD ecosystems and developer workflows. Recent incidents, including a compromised Visual Studio Code extension and a large-scale operation dubbed “Megalodon,”…
MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration
A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and developers worldwide. The malware disguises itself as a legitimate Microsoft process, making…
Websites can spy on user activity by analyzing SSD behavior
Websites have spent years collecting information about visitors through browser fingerprinting, tracking scripts, and other techniques designed to identify devices and monitor behavior. Researchers have demonstrated another method that relies on something most users would never expect a website to…