Cybersecurity researchers have uncovered a sophisticated attack campaign leveraging a fraudulent website that impersonates the Indian Post Office to deliver malware to both Windows and Android users. The fake website, hosted at postindia[.]site, employs device detection techniques to serve tailored…
CodeQLEAKED – GitHub Supply Chain Attack Allows Code Execution Using CodeQL Repositories
A significant vulnerability in GitHub’s CodeQL actions could have permitted attackers to execute malicious code across hundreds of thousands of repositories. The vulnerability, assigned CVE-2025-24362, originated from a publicly exposed GitHub token in workflow artifacts that created a small but…
New Sophisticated Linux-Backdoor Attacking OT Systems Exploiting 0-Day RCE
A sophisticated Linux-based backdoor dubbed “OrpaCrab” has emerged as a significant threat to operational technology (OT) systems, particularly those managing gas station infrastructure. Security researchers discovered the malware after it was uploaded to VirusTotal in January 2024 from the United…
OpenAI Offering Up to $100,000 for Critical Vulnerabilities in its Infrastructure
OpenAI has dramatically increased its maximum bug bounty reward to $100,000 for exceptional critical security vulnerabilities, up from the previous cap of $20,000. This fivefold increase highlights the AI leader’s growing emphasis on cybersecurity as its models advance toward artificial…
PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
A recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit…
New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants
Security researchers at SentinelOne have discovered that ReaderUpdate, a macOS malware loader platform that has been active since at least 2020, has significantly evolved with new variants written in multiple programming languages. The malware, which previously went relatively unnoticed by…
Advanced CoffeeLoader Malware Evades Security to Deliver Rhadamanthys Shellcode
Security researchers at Zscaler ThreatLabz have identified a new sophisticated malware family called CoffeeLoader, which emerged around September 2024. This advanced loader employs numerous techniques to bypass security solutions and evade detection while delivering second-stage payloads, particularly the Rhadamanthys stealer.…
runZero’s expanded platform offers new approach to detecting and prioritizing risk
runZero releases new product capabilities, welcomes executive leadership with deep industry expertise, and gains channel momentum. runZero’s expanded platform offers a new approach to effectively manage the risk lifecycle, enabling security teams to find, prioritize, and remediate broad classes of…
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. “The threat actor has slightly revamped their interface but is still relying on an iframe…
Innovative Lösungen für Haftanstalten
Haftanstalten müssen höchsten Sicherheitsanforderungen gerecht werden, von Einbruchschutz und Vandalismus bis hin zur Drohnenabwehr. Technik und Einrichtung spielen dabei eine Schlüsselrolle. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Innovative Lösungen für Haftanstalten
Datentransfer-Software CrushFTP ermöglicht unbefugten Zugriff
In der Datentransfer-Software CrushFTP klafft eine Sicherheitslücke, die Angreifern aus dem Netz unbefugten Zugriff verschafft. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Datentransfer-Software CrushFTP ermöglicht unbefugten Zugriff
Which Top Cybersecurity Role of 2024 Was Featured in 64,000+ Job Postings?
IT and security workforce management firm CyberSN surveyed job listings from 2022 to 2024. Yes, decreases in demand for some job titles may be related to AI. This article has been indexed from Security | TechRepublic Read the original article:…
NHS vendor Advanced to pay £3M fine following 2022 ransomware attack
NHS vendor Advanced will pay just over £3 million ($3.8 million) in fines for not implementing basic security measures before it suffered a ransomware attack in 2022, the U.K.’s data protection regulator has confirmed. It’s half the fine that the…
GetReal Security platform combats AI-fueled attacks
GetReal Security launched unified platform to help enterprises, government agencies and media organizations manage risk and mitigate threats from the growing presence of AI-fueled attacks. The platform brings together GetReal’s products and service offerings into a unified digital experience for…
Microsoft bestätigt: Windows-Updates nerven Nutzer seit Januar mit RDP-Problemen
Seit Wochen brechen RDP-Sitzungen unter Windows 11 und Windows Server 2025 immer wieder unerwartet ab. Nun hat auch Microsoft das Problem erkannt. (Windows, Microsoft) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Microsoft bestätigt: Windows-Updates…
The Four Fundamentals of Cybersecurity to Build a Resilient SOC
Imagine the following scenario: The latest threat report comes out on a group that targets your vertical. The SOC quickly disseminates the report and starts to search for tactics, techniques and procedures (TTPs). Everything’s clear, no results are found. Two…
Exim Use-After-Free Vulnerability Allows Privilege Escalation
A critical security vulnerability has been identified in the widely used Exim mail transfer agent (MTA), potentially allowing attackers with command-line access to escalate privileges on affected systems. The vulnerability, tracked as CVE-2025-30232, affects Exim versions 4.96 through 4.98.1 and…
IT Security News Hourly Summary 2025-03-27 09h : 6 posts
6 posts were published in the last hour 7:36 : Ransomware group claims attack on US telecom firm, New ReaderUpdate malware variants target macOS users, Oracle customers claim stolen data 7:7 : Digital identity fatigue: The hidden impact on security,…
Ransomware group claims attack on US telecom firm, New ReaderUpdate malware variants target macOS users, Oracle customers claim stolen data
New ransomware group claims attack on US Telecom firm WideOpenWest NSA warned of vulnerabilities in Signal app a month before Houthi strike chat New ReaderUpdate malware variants target macOS users Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a…
Digital identity fatigue: The hidden impact on security, engagement, and business longevity
Faced with a dreaded login page and a forgotten password, often the easiest way in for users is to simply hit forgot my password. If customers were aware that every time they request a reset, it costs companies an average…
CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories
A recent discovery has revealed a potential supply chain attack vulnerability in GitHub’s CodeQL repositories, which could have led to wide-ranging consequences for hundreds of thousands of GitHub users. The exploit hinges on a publicly exposed secret found in a…
12 Cybercriminals Arrested Following Takedown of Ghost Communication Platform
Irish and Spanish law enforcement authorities have successfully apprehended 12 members of a high-risk criminal network in a coordinated operation spanning both countries. The arrests, announced on March 26, 2025, included six suspects in Ireland and six in Spain, all…
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that’s used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability…
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below –…