Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques to push malicious versions of commonly used administrative tools to the top of search engine…
IT Security News Hourly Summary 2025-05-09 21h : 10 posts
10 posts were published in the last hour 19:4 : A cyber attack briefly disrupted South African Airways operations 19:4 : Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands 18:31 : COLDRIVER Using New Malware To…
OpenText Report Shines Spotlight on Malware Infection Rates
A 2025 cybersecurity threat report based on analysis of data collected from tens of millions of endpoints by OpenText shows that the malware infection rate for business PCs now stands at 2.39%, with 87% of that malware being based on…
Congratulations to the Top MSRC 2025 Q1 Security Researchers!
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2025 Q1 Security Researcher Leaderboard are…
A cyber attack briefly disrupted South African Airways operations
A cyberattack briefly disrupted South African Airways’ website, app, and systems, but core flight operations remained unaffected. South African Airways (SAA) is the national flag carrier of South Africa, the airline is wholly owned by the South African government and…
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands
A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named ‘discordpydebug’ appeared on the Python Package Index (PyPI) under the innocuous description “Discord…
COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs
Written by: Wesley Shields Google Threat Intelligence Group (GTIG) has identified a new piece of malware called LOSTKEYS, attributed to the Russian government-backed threat group COLDRIVER (also known as UNC4057, Star Blizzard, and Callisto). LOSTKEYS is capable of stealing files…
Google Chrome will use AI to block tech support scam websites
Google announced it will equip Chrome with an AI driven method to detect and block Tech Support Scam websites This article has been indexed from Malwarebytes Read the original article: Google Chrome will use AI to block tech support scam…
OpenAI’s $3B Windsurf move: the real reason behind its enterprise AI code push
OpenAI’s $3B Windsurf buy puts it on defense as Google & Anthropic surge in AI-powered coding—discover the stakes for agentic development and enterprise teams. This article has been indexed from Security News | VentureBeat Read the original article: OpenAI’s $3B…
VC behemoth Insight Partners fears top-secret financial info swiped by cyber-miscreants
Weapons-grade fuel for fraud Insight Partners, a mega venture capital firm with more than $90 billion in funds under management, fears network intruders got their hands on internal sensitive data about employees, portfolio companies, investors, and more.… This article has…
OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new…
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to…
6 Year Old Sleeper Attack Uncovered, Fake Bank Draft Scam, and Signal Tool Breach
In this episode of Cybersecurity Today, host Jim Love delves into a range of alarming cyber incidents. A six-year sleeper supply chain attack has compromised thousands of e-commerce websites, exploiting vulnerabilities in Magento extensions from vendors Tigren, Meetanshi, and Magesolution.…
Critical Cybersecurity Breaches: OneDrive Default Settings, PowerSchool Ransom, and DOGE Staffer Compromises
In this episode of Cybersecurity Today, host Jim Love discusses recent cybersecurity breaches and vulnerabilities. Key topics include a security flaw in the new default setting of Microsoft OneDrive, a ransom incident involving PowerSchool that compromised student data, and the…
Cyberattackers Targeting IT Help Desks for Initial Breach
Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into granting access to critical systems, according to recent analyses by cybersecurity experts. This tactic exploits inherent human tendencies to defer to perceived authority figures, enabling attackers…
US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car
A CBP spokesperson tells WIRED that the agency plans to expand its program for real-time face recognition at the border, potentially aiding Trump administration efforts to track people who self-deport. This article has been indexed from Security Latest Read the…
FBI and Dutch police seize and shut down botnet of hacked routers
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices. This article has been indexed from Security News | TechCrunch Read the original article: FBI and Dutch police…
Sicherheitsexperten erklären: Darum sollte dein Passwort mindestens 16 Zeichen lang sein
Ein Klick, ein vermeintlich sicherer Log-in – Alltag. Doch was, wenn dieser Schutzwall in Sekunden bröckelt? Neue Daten zeigen eine alarmierende Realität für die Sicherheit im Netz. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den…
Diese KI bestimmt das biologische Alter nur per Foto: So sollen Patienten davon profitieren
Eine neue KI namens FaceAge soll das biologische Alter von Menschen nur anhand eines Fotos errechnen können. Wie das Tool entstanden ist und welche Herausforderungen es trotz erster Erfolge noch gibt. Dieser Artikel wurde indexiert von t3n.de – Software &…
Retro-Charme trifft auf künstliche Intelligenz: Diese App verbindet Karl Klammer mit KI
Karl Klammer sollte schon in den 90er Jahren das machen, was heute KI-Chatbots tun: die Arbeit mit hilfreichen Informationen erleichtern. Ein Open-Source-Programm verbindet jetzt die Kult-Büroklammer mit generativer KI – und vereint damit Retro-Charme und moderne Technik. Dieser Artikel wurde…
Netflix bekommt ein neues Design: Was sich auf deinem Fernseher ändert
Einfacher, cleaner und intuitiver soll es werden. Nach Jahren modelt Netflix die Nutzeroberfläche auf deinem Fernseher um. Außerdem sollen Empfehlungen künftig in Echtzeit angepasst werden. Und die Mobile-App bekommt Reels und KI-Unterstützung. Dieser Artikel wurde indexiert von t3n.de – Software…
Whatsapp auf der Smartwatch: So nutzt du den Messenger am Handgelenk
Für jede Whatsapp-Nachricht das Smartphone aus der Tasche kramen? Muss doch nicht sein! Der Messenger funktioniert auch auf Smartwatches. Auf einigen allerdings besser als auf anderen. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den originalen…
Threat Actors Target Job Seekers with Three New Unique Adversaries
Netcraft has uncovered a sharp rise in recruitment scams in 2024, driven by three distinct threat actors employing unique and highly technical strategies to exploit vulnerabilities in the job market. As economic pressures like wage stagnation, the cost-of-living crisis, and…
Hackers Weaponizing Facebook Ads to Deploy Multi-Stage Malware Attacks
A persistent and highly sophisticated malvertising campaign on Facebook has been uncovered by Bitdefender Labs, exploiting the trust associated with major cryptocurrency exchanges to distribute multi-stage malware. This ongoing operation, active for several months as of May 2025, leverages advanced…