The Socket Threat Research Team has uncovered a surge in supply chain attacks where threat actors weaponize open source software libraries to deliver malicious payloads such as infostealers, remote shells, and cryptocurrency drainers. With modern development heavily reliant on ecosystems…
Hackers Exploit Google Services to Send Malicious Law Enforcement Requests
Cybersecurity researchers have uncovered a sophisticated phishing campaign where malicious actors exploit Google services to dispatch fraudulent law enforcement requests. This audacious scheme leverages the trust associated with Google’s infrastructure, specifically Google Forms and Google Drive, to craft and distribute…
Intruder vs. Acunetix vs. Attaxion: Comparing Vulnerability Management Solutions
The vulnerability management market is projected to reach US$24.08 billion by 2030, with numerous vendors offering seemingly different solutions to the same problem. How does an organization choose the right vulnerability management tool for its needs? Today, we compare three…
CVE-2024-2928: MLflow Local File Inclusion via URI Fragment Manipulation
Read about an LFI vulnerability disclosed in MLflow which allowed unauthenticated remote attackers to read arbitrary files by exploiting URI fragments containing directory traversal sequences. The post CVE-2024-2928: MLflow Local File Inclusion via URI Fragment Manipulation appeared first on OffSec.…
U.S. officials Investigating Rogue Communication Devices in Solar Power Inverters
U.S. energy officials have launched an investigation after discovering unauthorized communication equipment embedded within Chinese-manufactured solar power inverters connected to critical infrastructure grids across the country. These inverters, which are essential components that convert direct current from solar panels into…
Steel Manufacturer Nucor Shuts Down Production Following Cyber Attacks
Nucor Corporation, the largest steel manufacturer in North America, has temporarily shut down production at several of its facilities after a significant cybersecurity incident involving unauthorized access to its information technology systems. The breach, which was detected earlier this week,…
Threat Actors Weaponizing Open Source Packages to Deliver Malware in Supply Chain Attack
In the first half of 2025, cybersecurity experts have observed a significant rise in threat actors targeting the software supply chain through weaponized open source packages. These attacks leverage the implicit trust developers place in third-party dependencies, transforming seemingly benign…
Windows Defender Application Control Bypassed Using Operationalizing Browser Exploits
Researchers have uncovered a sophisticated technique to bypass Windows Defender Application Control (WDAC), a critical Windows security feature designed to prevent unauthorized code execution. The bypass leverages vulnerabilities in trusted Electron applications, effectively circumventing one of Microsoft’s most robust security…
CISA Warns of Five Actively Exploited Windows 0-Day Vulnerabilities
CISA has issued an urgent alert after adding five new Microsoft Windows zero-day vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities, which affect core Windows components, have been flagged as…
Proofpoint to acquire Hornetsecurity
Proofpoint has entered into a definitive agreement to acquire Hornetsecurity, a pan-European provider of AI-powered Microsoft 365 (M365) security, data protection, compliance, and security awareness services. Terms of the deal are confidential. The acquisition significantly enhances Proofpoint’s ability to provide…
Malware-Ranking April: FakeUpdates bleibt die dominante Malware in Deutschland
Sicherheitsforscher von Check Point enthüllen mehrstufige Malware-Kampagnen, die legitime Prozesse zur Tarnung nutzen. Dieser Artikel wurde indexiert von IT-News Cybersicherheit – silicon.de Lesen Sie den originalen Artikel: Malware-Ranking April: FakeUpdates bleibt die dominante Malware in Deutschland
Insider Threat fetches $400m loss to Coinbase
Coinbase, one of the leading cryptocurrency exchanges in the United States, has been the target of a significant cyber attack, potentially leading to losses ranging from $180 million to $400 million in the current financial year. This forecast comes from…
Socket buys Coana to tell you which security alerts you can ignore
Sometimes, less information is more In its latest gambit to reduce the noise of unnecessary security alerts, Socket has acquired Coana, a startup founded in 2022 by researchers from Aarhus University in Denmark that tells users which vulnerabilities they can…
Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)
Arachnid alarm: Three major British retailers recently attacked, resulting in huge damage. Now we see the self-same scum spotlighting stores in the States. The post Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware) appeared first on Security…
Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m This article has been indexed from www.infosecurity-magazine.com Read the original article: Coinbase Offers $20m Bounty to Take Down Cybercrime…
E-Mail-Sicherheit: Proofpoint kauft Hornetsecurity
Proofpoint verspricht sich mehr Expertise im M365-Umfeld und will die Lösungen aus Hannover weltweit vermarkten. Der Gründer und sein Team bleiben an Bord. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: E-Mail-Sicherheit: Proofpoint kauft Hornetsecurity
Fileless Remcos RAT Attack Evades Antivirus Using PowerShell Scripts
A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Fileless Remcos…
Hackers Steal Customers Banking Details in Nova Scotia Cyber Attack
Nova Scotia Power has confirmed that hackers infiltrated its IT infrastructure and exfiltrated sensitive customer data, including banking details from pre-authorized payment systems, in a cyberattack first detected on March 19, 2025. The energy provider revealed on May 14 that…
Patch Tuesday: Microsoft Patches 78 Vulnerabilities, 5 Zero-Day Flaws
Microsoft patched vulnerabilities for the Common Log File System driver, Microsoft Edge, SharePoint, and more. This article has been indexed from Security | TechRepublic Read the original article: Patch Tuesday: Microsoft Patches 78 Vulnerabilities, 5 Zero-Day Flaws
Microsoft Outlook Down – Millions of Users Affected With This Longest Outage in Microsoft History
A widespread outage affecting Microsoft 365 services has left users across the globe unable to access key platforms, including Outlook, Hotmail, and the main Microsoft 365 website, since Wednesday evening. The disruption, which began at 10:30 PM UTC on May…
Chihuahua Stealer Leverages Google Drive Document to Steal Browser Login Credentials
A newly discovered .NET-based infostealer dubbed “Chihuahua Stealer” has emerged as a significant threat, exploiting Google Drive documents to deliver malicious PowerShell scripts and steal sensitive data. First identified by G DATA analysts in April 2025, the malware targets browser…
New DarkCloud Stealer Uses AutoIt to Evade Detection & Steal Login Credentials
A new variant of the DarkCloud information-stealing malware has emerged, leveraging the AutoIt scripting language to bypass security tools and harvest sensitive credentials from infected systems. Dubbed DarkCloud Stealer v4, the malware has targeted financial institutions, healthcare organizations, and e-commerce…
TransferLoader Malware Allows Attackers to Execute Arbitrary Commands on Compromised System
A newly identified malware loader dubbed TransferLoader has emerged as a critical threat, enabling attackers to execute arbitrary commands on compromised systems and deliver payloads such as the Morpheus ransomware. First detected in February 2025 by Zscaler ThreatLabz researchers, this…
Xerox Issues April 2025 Security Patch Update for FreeFlow Print Server v2
Xerox has announced the release of its April 2025 Security Patch Update for the FreeFlow® Print Server v2 running on Windows® 10, reinforcing the company’s commitment to robust cybersecurity for its production print platforms. The update, officially released on May…