A hacking group known as the Crimson Collective recently made headlines after claiming to have stolen nearly 570 gigabytes of data from the enterprise The post Red Hat Data Breach Escalates Further first appeared on CyberMaterial. This article has been…
Steam And Microsoft Warn Of Unity Flaw
Unity is a popular cross-platform game engine used to develop a wide range of titles for computers, consoles, and mobile devices. Its versatility The post Steam And Microsoft Warn Of Unity Flaw first appeared on CyberMaterial. This article has been…
Rhadamanthys Stealer Evolves Again
First advertised by a threat actor named kingcrete2022, Rhadamanthys has become one of the most widely used information stealers available The post Rhadamanthys Stealer Evolves Again first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
XWorm 6.0 Returns With New Plugins
Since its emergence in 2022, XWorm, a powerful piece of malware developed by the threat actor EvilCoder, has evolved into a highly versatile and modular tool. The post XWorm 6.0 Returns With New Plugins first appeared on CyberMaterial. This article…
Kibana CrowdStrike Connector Flaw Exposes Sensitive Credentials
A security issue in the Kibana CrowdStrike Connector allows attackers to access stored CrowdStrike credentials. The flaw affects multiple versions of Kibana and can expose credentials across spaces within the same deployment. Elastic has released updates to resolve this issue…
Cybersecurity M&A Roundup: 40 Deals Announced in September 2025
Significant cybersecurity M&A deals announced by Check Point, CrowdStrike, F5, Mitsubishi Electric, and SentinelOne. The post Cybersecurity M&A Roundup: 40 Deals Announced in September 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Discord Reveals Data Breach Following Third-Party Compromise
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom This article has been indexed from www.infosecurity-magazine.com Read the original article: Discord Reveals Data Breach Following Third-Party Compromise
From Ransom to Revenue Loss
Discover how ransomware attacks go beyond ransom payments, impacting your company’s bottom line through recovery costs, lost revenue and damaged trust. The post From Ransom to Revenue Loss appeared first on Palo Alto Networks Blog. This article has been indexed…
Red Hat Breach Exposes 5000+ High Profile Enterprise Customers at Risk
A sophisticated cyberattack has compromised Red Hat Consulting’s infrastructure, potentially exposing sensitive data from over 5,000 enterprise customers worldwide. The breach, executed by the extortion group Crimson Collective, has raised serious concerns about the security of critical business documentation and…
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown, as the scripts have…
OPSWAT’s MetaDefender Drive delivers portable, network-free threat scanning
OPSWAT launched MetaDefender Drive with Smart Touch, a portable cybersecurity device designed for malware and compliance scanning of transient cyber assets regardless of network connectivity. It works across servers, desktops, and laptops before they enter secure environments. The device lets…
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. “XWorm’s modular design is built around a core client and an array of specialized…
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise
For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just…
Cavalry Werewolf APT Targets Russian Organizations Using FoalShell and Telegram C2
Cavalry Werewolf, a Russian-focused advanced persistent threat (APT) cluster, has intensified its offensive operations by experimenting with new malware variants and leveraging Telegram-based command-and-control (C2). Security teams must prioritize real-time visibility into the tools employed by this group to maintain…
Red Hat Breach Impacts 5,000+ High-Value Enterprise Customers, Data at Risk
An extortion group calling itself Crimson Collective claimed responsibility for a major breach at Red Hat Consulting. With only 22 followers on Telegram at the time, the group’s rapid rise to notoriety has stunned security experts. By the end of…
Who Governs Your NHIs? The Challenge of Defining Ownership in Modern Enterprise IT
“Ownership” is one of the harder concepts to define in the modern enterprise. This feels deceptive because, from a personal and human level, ownership is a rather straightforward concept. When you own something as a person, like your car or…
AI-Enabled Influence Operation Against Iran
Citizen Lab has uncovered a coordinated AI-enabled influence operation against the Iranian government, probably conducted by Israel. Key Findings A coordinated network of more than 50 inauthentic X profiles is conducting an AI-enabled influence operation. The network, which we refer…
Troops and veterans’ personal information leaked in CPAP Medical data breach
The leak exposed the names, Social Security numbers, and health details of more than 90,000 military patients, troops, veterans, and their families. This article has been indexed from Malwarebytes Read the original article: Troops and veterans’ personal information leaked in…
Filigran Raises $58 Million in Series C Funding
The company plans to expand to new markets, fuel the development of a new module for its platform, and accelerate AI integration. The post Filigran Raises $58 Million in Series C Funding appeared first on SecurityWeek. This article has been…
IT Security News Hourly Summary 2025-10-07 12h : 13 posts
13 posts were published in the last hour 10:3 : Too salty to handle: Exposing cases of CSS abuse for hidden text salting 10:3 : Supreme Court Rejects Google Bid To Halt App Store Changes 10:2 : Hackers Exploit Legitimate…
Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations
BIETA and its subsidiary CIII research develop and sell technologies supporting China’s intelligence, counterintelligence, and military operations. The post Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations appeared first on SecurityWeek. This article has been indexed…
Understanding Eye Vein Biometrics
Explore eye vein biometrics for authentication. Learn about its technology, security, development aspects, and how it compares to passwordless authentication methods. The post Understanding Eye Vein Biometrics appeared first on Security Boulevard. This article has been indexed from Security Boulevard…
Spike in Login Portal Scans Puts Palo Alto Networks on Alert
The Palo Alto Networks login portals have seen a dramatic surge in suspicious scanning activity over the past month, a development that has caught the attention of the cybersecurity community. Evidence suggests that threat actors are trying to coordinate…
Fake SIM Cards Fuel Cybercrime Surge as Eastern Uttar Pradesh Emerges Under Scrutiny
A quiet digital crisis is spreading across India. In the past three months, the Department of Telecommunications (DoT) has disconnected more than 6.1 million mobile numbers after uncovering large-scale fraudulent registrations. Investigators say eastern Uttar Pradesh has become a…