The US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes. The post US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers appeared first on…
Trump Administration Revises Cybersecurity Rules, Replaces Biden and Obama Orders
A new Trump Executive Order limits the use of cybersecurity-related sanctions only against foreign malicious actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump Administration Revises Cybersecurity Rules, Replaces Biden and Obama Orders
IT Security News Hourly Summary 2025-06-09 12h : 10 posts
10 posts were published in the last hour 10:4 : Sleep with one eye open: how Librarian Ghouls steal data by night 10:4 : Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison 9:36 : Tesla Robotaxi Launch…
Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere
This examination of the Amazon Web Services (AWS) Roles Anywhere service looks at potential risks, analyzed from both defender and attacker perspectives. The post Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere appeared first…
Apple AI Launch In China ‘Delayed Over US Tensions’
Apple deal to launch iPhone AI services in China with Alibaba technology faces delays as regulators hold up US deals, says report This article has been indexed from Silicon UK Read the original article: Apple AI Launch In China ‘Delayed…
Tesla’s Head Of Optimus Exits Company
Milan Kovac, head of engineering for Optimus humanoid robot, reportedly departs, creating uncertainty around hyped AI-powered programme This article has been indexed from Silicon UK Read the original article: Tesla’s Head Of Optimus Exits Company
Jenkins Gatling Plugin Flaw Allows CSP Bypass, Exposing Systems to Attack
On June 6, 2025, the Jenkins Project issued a security advisory (SECURITY-3588 / CVE-2025-5806) affecting the Gatling Plugin, a widely used tool for displaying performance test reports within the Jenkins automation server. The vulnerability carries a high severity rating, with…
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
SentinelOne discovered the campaign when they tried to hit the security vendor’s own servers An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted…
Sleep with one eye open: how Librarian Ghouls steal data by night
According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts. This article has been indexed from Securelist Read the original article: Sleep with…
Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison
Kingsley Uchelue Utulu has been sentenced to more than 5 years in prison for his role in a scheme that involved hacking, fraud and identity theft. The post Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison appeared…
Tesla Robotaxi Launch In Austin Expected This Month
Tesla expected to launch Robotaxi autonomous vehicle rides in Austin, Texas this month with small ‘pilot’ fleet and human teleoperators This article has been indexed from Silicon UK Read the original article: Tesla Robotaxi Launch In Austin Expected This Month
US-UAE AI Data Centre Deal ‘Far From Finalised’
Deal announced last month to built 10-square-mile AI data centre in UAE with Nvidia chips reportedly far from finalised over security concerns This article has been indexed from Silicon UK Read the original article: US-UAE AI Data Centre Deal ‘Far…
Beware for Developers: 16 React Native Packages with Millions of Downloads Compromised Overnight
Cybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one million per week. The attack, detected on June 6th, 2025, represents a significant escalation in the…
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
As digital transformation sweeps across the healthcare sector, there has never been more at stake. Healthcare data is worth a lot on the black market. Unlike financial data, which has a short shelf life (accounts can be frozen, and fraud…
US Tries to Claw Back $7m Taken by North Korean IT Workers
The Justice Department has filed a civil forfeiture complaint alleging North Korean IT workers amassed $7m+ This article has been indexed from www.infosecurity-magazine.com Read the original article: US Tries to Claw Back $7m Taken by North Korean IT Workers
Australian Naval Operations Accidentally Jam New Zealand’s Internet and Radio
Residents and businesses across New Zealand’s North and South Islands experienced an unexpected and widespread interruption to wireless internet and radio services. The cause was traced to HMAS Canberra, the Royal Australian Navy’s largest warship, as it navigated the Cook…
New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721
A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of the Mirai botnet that exploits a command injection vulnerability (CVE-2024-3721) in…
FBI Warns Smart Home Users of Badbox 2.0 Botnet Threat
The FBI says mainly Chinese-made IoT devices pose a threat from Badbox 2.0 malware This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Warns Smart Home Users of Badbox 2.0 Botnet Threat
DeepSeek Hires Interns As It Expands Medical Capabilities
DeepSeek posts want ads for interns to process medical data as hospitals in China begin using AI models in clinical settings This article has been indexed from Silicon UK Read the original article: DeepSeek Hires Interns As It Expands Medical…
Stablecoin Company Circle Internet Surges After IPO
Circle Internet Group sees shares more than quadruple after IPO as crypto moves toward regulation and increased mainstream acceptance This article has been indexed from Silicon UK Read the original article: Stablecoin Company Circle Internet Surges After IPO
X Displays Blue Check Disclaimer To Avoid EU Fine
X, formerly Twitter, begins displaying prominent disclaimer explaining blue checkmarks as it seeks to avoid potentially large EU penalty This article has been indexed from Silicon UK Read the original article: X Displays Blue Check Disclaimer To Avoid EU Fine
Critical Salesforce Vulnerability Exposes Global Users to SOQL Injection Attacks
In June 2025, a security researcher uncovered a critical SOQL (Salesforce Object Query Language) injection vulnerability in a default Salesforce Aura controller, affecting potentially thousands of deployments and millions of user records. The discovery highlights the risks of dynamic query…
HelloTDS Malware Spread via FakeCaptcha Infrastructure Infects Millions of Devices
In a Gen Threat Labs, a complex Traffic Direction System (TDS) dubbed “HelloTDS” has been uncovered, orchestrating the delivery of FakeCaptcha and other malicious campaigns to millions of users worldwide. This elaborate infrastructure employs advanced fingerprinting techniques and social engineering…
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias “botsailer” with the associated email anupm019@gmail[.]com, these…