A sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed to steal banking credentials and facilitate fraudulent transactions. What initially appeared as isolated incidents in…
Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia
Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter Williams (39) admits stealing US trade secrets and selling cyber exploits…
AI Application Security with MCP Server | Contrast MCP Server | Contrast Security
When we introduced the Contrast Model-Context Protocol (MCP) Server a few months ago (read Supercharge your vulnerability remediation with Contrast MCP), the promise was clear: to give AI agents access to the rich security context within the Contrast Graph, which…
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers’ machines. The campaign has been codenamed PhantomRaven…
ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week’s…
IT Security News Hourly Summary 2025-10-30 12h : 16 posts
16 posts were published in the last hour 11:4 : Postcode Lottery’s lucky dip turns into data slip as players draw each other’s info 11:4 : 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times 11:4 : Proton Claims 300 Million…
Postcode Lottery’s lucky dip turns into data slip as players draw each other’s info
Biz says ‘technical error’ caused short-lived leak affecting small number of users A major UK lottery organization says it has resolved a technical error that exposed customer data to other users.… This article has been indexed from The Register –…
136 NPM Packages Delivering Infostealers Downloaded 100,000 Times
The packages deployed malicious code harvesting system information, credentials, tokens, API keys, and other sensitive information. The post 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Proton Claims 300 Million Records Compromised So Far This Year
A new dark web analysis reveals more than 300 million records have been breached in 2025 to date This article has been indexed from www.infosecurity-magazine.com Read the original article: Proton Claims 300 Million Records Compromised So Far This Year
Critical RediShell RCE Vulnerability Threatens 8,500+ Redis Deployments Worldwide
A critical security vulnerability in Redis’s Lua scripting engine has left thousands of database instances vulnerable to remote code execution attacks. The RediShell RCE vulnerability, tracked as CVE-2025-49844, was publicly disclosed in early October 2025 by cloud security firm Wiz,…
Tata Motors Breach Exposed 70TB of Sensitive Data Before Fix
Security researcher Eaton Zveare discovered that two sets of Amazon Web Services keys were left exposed across Tata Motors’ online platforms. The post Tata Motors Breach Exposed 70TB of Sensitive Data Before Fix appeared first on TechRepublic. This article has…
Microsoft Windows Cloud Files Minifilter Privilege Escalation Vulnerability Exploited
Microsoft has patched a critical race condition vulnerability in its Windows Cloud Files Minifilter driver, known as CVE-2025-55680, which enables local attackers to escalate privileges and create arbitrary files across the system. Discovered by researchers at Exodus Intelligence in March…
Dentsu has Disclosed that its U.S.-based Subsidiary Merkle Suffers Cyberattack
Global advertising and marketing giant Dentsu has confirmed that its U.S.-based subsidiary Merkle experienced a cyberattack, prompting immediate incident response measures and system shutdowns to contain the breach. The company detected abnormal activity within Merkle’s network infrastructure, which led to…
Canada Warns of Hackers Breached ICS Devices Controlling Water and Energy Facilities
Canadian authorities have issued an urgent alert following multiple confirmed incidents where cybercriminals compromised internet-accessible Industrial Control Systems (ICS) devices protecting critical infrastructure across the nation. The Canadian Centre for Cyber Security and the Royal Canadian Mounted Police report that…
New Attack Combines Ghost SPNs and Kerberos Reflection to Elevate Privileges on SMB Servers
A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access. Microsoft designated this as CVE-2025-58726, an “SMB Server Elevation of Privilege” flaw impacting all Windows versions…
PolarEdge Botnet Infected 25,000+ Devices and 140 C2 Servers Exploiting IoT Vulnerabilities
A sophisticated botnet campaign has compromised more than 25,000 IoT devices across 40 countries while establishing 140 command-and-control servers to facilitate cybercrime operations. The PolarEdge botnet, first disclosed in February 2025, exploits vulnerable IoT and edge devices to construct an…
France jacks into the Matrix for state messaging – and pays too
Governments eye comms alternatives as sovereignty worries mount Comment Decentralized communications network Matrix is hoping to be the beneficiary as European public and private sector organizations ponder alternatives to the messaging status quo.… This article has been indexed from The…
Dynamic binary instrumentation (DBI) with DynamoRio
Learn how to build your own dynamic binary instrumentation (DBI) tool with open-source DynamoRIO to enable malware analysis, security auditing, reverse engineering, and more. This article has been indexed from Cisco Talos Blog Read the original article: Dynamic binary instrumentation…
New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks to gain SYSTEM-level access on domain-joined machines, even when previous Kerberos mitigations are in place.…
Deepfake-as-a-Service 2025 – How Voice Cloning and Synthetic Media Fraud Are Changing Enterprise Defenses
Deepfake-as-a-Service 2025. How voice cloning and synthetic media fraud hit enterprises, with case studies, detection tactics, and CISO actions. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original article: Deepfake-as-a-Service 2025…
Former US Defense Contractor Executive Admits to Selling Exploits to Russia
Peter Williams stole trade secrets from his US employer and sold them to a Russian cybersecurity tools broker. The post Former US Defense Contractor Executive Admits to Selling Exploits to Russia appeared first on SecurityWeek. This article has been indexed…
Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker This article has been indexed from www.infosecurity-magazine.com Read the original article: Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
US Telco Services Firm Reports Nation-State Hack
Hack on Ribbon Communications was in place for almost a year, recalling previous long-term cyber-espionage campaigns This article has been indexed from Silicon UK Read the original article: US Telco Services Firm Reports Nation-State Hack
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and public relations company Dentsu, one of the largest marketing agencies in…