In mid-2025, Secureworks Counter Threat Unit (CTU) researchers uncovered a sophisticated cyber campaign where Chinese state-sponsored threat actors from the BRONZE BUTLER group exploited a critical zero-day vulnerability in Motex LANSCOPE Endpoint Manager to gain unauthorized access to corporate networks…
Threat Actors Actively Using Open-Source C2 Framework to Deliver Malicious Payloads
A new wave of cyber threats is emerging as criminals increasingly weaponize AdaptixC2, a free and open-source Command and Control framework originally designed for legitimate penetration testing and red team operations. Security researchers have uncovered a disturbing trend where advanced…
Jamf to Go Private Following $2.2 Billion Acquisition by Francisco Partners
The private equity firm will purchase the outstanding shares of Jamf common stock for $13 per share in an all-cash transaction. The post Jamf to Go Private Following $2.2 Billion Acquisition by Francisco Partners appeared first on SecurityWeek. This article…
CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog
Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation. The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: CISA…
Elevating the Human Factor in a Zero-Trust World
Zero-trust isn’t just technology — it’s a human-centered strategy. Real security depends on context, judgment and collaboration, not automation alone. The post Elevating the Human Factor in a Zero-Trust World appeared first on Security Boulevard. This article has been indexed…
IT Security News Hourly Summary 2025-10-31 12h : 5 posts
5 posts were published in the last hour 10:34 : When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems 10:34 : China’s CXMT Mass-Produces High-End LPDDR5X Memory 10:34 : WhatsApp Implements Passkey System to Boost Backup Privacy…
When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems
Agent session smuggling is a novel technique where AI agent-to-agent communication is misused. We demonstrate two proof of concept examples. The post When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems appeared first on Unit 42. This…
China’s CXMT Mass-Produces High-End LPDDR5X Memory
China’s biggest memory manufacturer challenges Samsung, SK Hynix, Micron with LPDDR5X memory aimed at on-device mobile AI processing This article has been indexed from Silicon UK Read the original article: China’s CXMT Mass-Produces High-End LPDDR5X Memory
WhatsApp Implements Passkey System to Boost Backup Privacy
WhatsApp has announced a significant security upgrade that makes protecting your chat backups simpler and more secure than ever before. The messaging platform is introducing passkey-encrypted backups, a new feature that eliminates the need for complicated passwords or lengthy encryption…
Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks
The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware. The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Facial Recognition Firm Clearview AI Hit with Criminal Complaint in Austria
Clearview AI faces a criminal complaint in Austria for allegedly ignoring EU data protection rulings This article has been indexed from www.infosecurity-magazine.com Read the original article: Facial Recognition Firm Clearview AI Hit with Criminal Complaint in Austria
OpenAI Believed To Prepare $1tn Stock Market Offering
Start-up OpenAI, valued at $500bn, reportedly in initial discussions around $1tn IPO as early as late next year as it seeks fresh capital This article has been indexed from Silicon UK Read the original article: OpenAI Believed To Prepare $1tn…
Chinese Police Break Up Counterfeit Chip Gang
Counterfeiting ring collected discarded chips, polished and rebranded them as originating from Infineon, Texas Instruments, Analog Devices This article has been indexed from Silicon UK Read the original article: Chinese Police Break Up Counterfeit Chip Gang
Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads
Threat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration testers. The discovery reveals how threat actors are exploiting ethical hacking tools to conduct sophisticated cyberattacks,…
How to Hack a Poker Game
This week on Uncanny Valley, we break down how one of the most common card shufflers could be altered to cheat, and why that matters—even for those who don’t frequent the poker table. This article has been indexed from Security…
Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications
A nation-state actor, likely a China-nexus one, hacked the U.S.-based technology company Ribbon Communications. Ribbon Communications is a U.S.-based technology company that provides telecommunications and networking. Ribbon Communications employs approximately 3,052 people as of December 31, 2024. The company reported…
CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as CVE-2025-24893. This flaw allows unauthenticated attackers to execute arbitrary remote code, posing significant risks to organizations…
AzureHound Penetration Testing Tool Weaponized by Threat Actors to Enumerate Azure and Entra ID
AzureHound, an open-source data collection tool designed for legitimate penetration testing and security research, has become a favored weapon in the hands of sophisticated threat actors. The tool, which is part of the BloodHound suite, was originally created to help…
Threat Actors Using Multilingual ZIP File to Attack Financial and Government Organizations
Sophisticated threat actors have orchestrated a coordinated multilingual phishing campaign targeting financial and government organizations across East and Southeast Asia. The campaign leverages carefully crafted ZIP file lures combined with region-specific web templates to deceive users into downloading staged malware…
Kimsuky and Lazarus Hacker Groups Unveil New Tools That Enable Backdoor and Remote Access
Threat actors operating under the control of North Korea’s regime have demonstrated continued technical sophistication by introducing advanced malware toolsets designed to establish persistent backdoor access and remote control over compromised systems. Recent findings have revealed that Kimsuky, known for…
Hackers Weaponizing Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability
Chinese-affiliated threat actor UNC6384 has been actively leveraging a critical Windows shortcut vulnerability to target European diplomatic entities across Hungary, Belgium, Serbia, Italy, and the Netherlands. Arctic Wolf researchers identified this sophisticated cyber espionage campaign operating throughout September and October…
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. “By restricting administrative access, implementing multi-factor…
Dutch Nexperia Seizure In Doubt After US Policy Shift
Netherlands seizure of chipmaker Nexperia faces questions after US agrees to suspend key sanctions rule as part of China deal This article has been indexed from Silicon UK Read the original article: Dutch Nexperia Seizure In Doubt After US Policy…
China Suspends Latest Rare-Earth Controls
China delays new rare-earth controls for one year amid wider US trade deal, but leaves in place earlier restrictions This article has been indexed from Silicon UK Read the original article: China Suspends Latest Rare-Earth Controls