Recorded Future Payment Fraud Intelligence has uncovered a sprawling network of 71 fraudulent e-commerce domains designed to impersonate a prominent German international discount retailer, with lidlorg[.]com identified as the central node of this scam operation. First detected on April 19,…
PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram
A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some reports), has surfaced as a significant cyber threat, targeting sensitive data such as web browser passwords and application session tokens. First observed in the wild around…
Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals
US, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs. This article has been indexed from Security Latest Read the original article: Authorities Carry Out Elaborate Global…
Windows 11 Introduces Enhanced Administrator Protection to Strengthen Security Against Elevated Privilege Attacks
Microsoft has unveiled Administrator Protection, a groundbreaking security feature for Windows 11 designed to safeguard systems against privilege escalation attacks. This new capability creates a security boundary around administrative operations, significantly reducing the attack surface that hackers exploit when targeting…
New Scan Uncovers 150K Industrial Systems Worldwide Vulnerable to Cyberattacks
A groundbreaking study leveraging advanced application-layer scanning has exposed approximately 150,000 industrial control systems (ICS) worldwide that are directly accessible on the public internet, posing severe risks of catastrophic cyberattacks. Conducted over a year from January 2024 to January 2025,…
Judge allows Delta’s lawsuit against CrowdStrike to proceed with millions in damages on the line
CrowdStrike remains hopeful that damages will be limited to seven figures CrowdStrike is “confident” that the worst-case scenario of its pending lawsuit with Delta will result in it paying the airline a sum in the “single-digit millions.”… This article has…
Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway
More than 100 AutomationDirect MB-Gateway devices may be vulnerable to attacks from the internet due to CVE-2025-36535. The post Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Cybercriminals Mimic Kling AI to Distribute Infostealer Malware
A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Mimic Kling AI to Distribute Infostealer Malware
Sicherheitsbehörden warnen vor russischer Spionage mit IP-Kameras
Mit einer dringenden Warnung vor russischen Akteuren wenden sich internationale Sicherheitsbehörden an Betreiber kritischer Infrastrukturen. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Sicherheitsbehörden warnen vor russischer Spionage mit IP-Kameras
New Variant of Crypto Confidence Scam, (Wed, May 21st)
In February, we had a few diaries about crypto wallet scams. We saw these scams use YouTube comments, but they happened via other platforms and messaging systems, not just YouTube [1]. The scam was a bit convoluted: The scammer posted…
M&S Cyberattack To Cost £300m And Upheaval To Last Into July
British retailer Marks & Spencer admits devastating cyberattack in April will impact operating profit by a hefty £300 million This article has been indexed from Silicon UK Read the original article: M&S Cyberattack To Cost £300m And Upheaval To Last…
IoT and Cybersecurity: Addressing Data Privacy and Security Challenges
The Internet of Things has shaken up our lives, connecting everything from smart homes to massive industrial systems in a pretty smooth way. Sure, these tech upgrades make our day-to-day so much easier, but they have also brought some real…
US student agrees to plead guilty to hack affecting tens of millions of students
Prosecutors say the hacker stole information on 60 million students, an incident that matches the data breach at PowerSchool. This article has been indexed from Security News | TechCrunch Read the original article: US student agrees to plead guilty to…
Cortex Cloud — Unified Efficiency, Now with Dual FedRAMP Authority
Cortex Cloud achieved FedRAMP High and Moderate authorizations since its Feb 2025 launch, highlighting its secure cloud commitment. The post Cortex Cloud — Unified Efficiency, Now with Dual FedRAMP Authority appeared first on Palo Alto Networks Blog. This article has…
Now Live: Threat Detection & Incident Response (TDIR) Summit
SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st. The post Now Live: Threat Detection & Incident Response (TDIR) Summit appeared first on SecurityWeek. This article has been indexed from…
Cellcom Confirms Cyberattack Following Widespread Service Outage
After nearly a week of disrupted services, Wisconsin-based telecommunications provider Cellcom has officially confirmed that a cyberattack is responsible for the ongoing service outage affecting thousands of customers across its network. The incident, which began on Wednesday, May 14, has…
VanHelsing Ransomware Builder Leaked on Hacking Forums
A significant development in the cybercriminal landscape occurred on May 20, 2025, when the VanHelsing ransomware-as-a-service (RaaS) operation publicly released its source code after an alleged former developer attempted to sell it on the RAMP cybercrime forum. Security researchers have…
3 Ways MSSPs Can Boost Security Operations With Malware Sandbox
Managed Security Service Providers (MSSPs) face constant pressure to deliver accurate detection, fast response, and efficient training without overloading their teams. With cyberattacks becoming more complex and evasive, the right tools can make all the difference. Let’s explore how fully…
SideWinder APT Hackers Exploiting Old Office Flaws to Deliver Malware Bypassing Detections
In a sophisticated campaign targeting high-level government institutions across South Asia, the SideWinder Advanced Persistent Threat (APT) group has been leveraging years-old Microsoft Office vulnerabilities to deliver malware while evading detection. The threat actors are specifically targeting organizations in Sri…
Google carves out cloudy safe spaces for nations nervous about Uncle Sam’s servers
From air-gapped bunkers to partner-run platforms, sovereignty is suddenly in vogue Google has updated its sovereign cloud services, including an air-gapped solution for customers with strict data security and residency requirements, as customers grow uneasy over US digital dominance.… This…
Flaw in Google Cloud Functions Sparks Broader Security Concerns
Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Flaw in Google Cloud Functions Sparks Broader Security Concerns
BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory
Akamai researchers found a privilege escalation vulnerability in Windows Server 2025 that allows attackers to compromise any user in Active Directory. This article has been indexed from Blog Read the original article: BadSuccessor: Abusing dMSA to Escalate Privileges in Active…
Securing the Future: Best Practices for Privacy and Data Governance in LLMOps
Over the last few years, they have rapidly developed in the field of large language models (LLMs) since these models can now underpin anything, from a customer service chatbot to an enterprise-grade solution. Now that such models are more woven…
IT Security News Hourly Summary 2025-05-21 15h : 8 posts
8 posts were published in the last hour 12:33 : Für Kryptomining: Neuer Zombie-Trojaner beißt sich durch Docker-Container 12:32 : How Private Investigators Handle Digital Forensics? 12:32 : 19-Year-Old Hacker Admits Guilt in Major Cyberattack on PowerSchool 12:32 : IBM…