As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4…
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7R2.5 or earlier or Pulse Connect Secure 9.1x. The vulnerability…
50,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Uncanny Automator WordPress Plugin
On March 5th, 2025, we received a submission for an Arbitrary File Upload vulnerability in Uncanny Automator, a WordPress plugin with more than 50,000 active installations. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to…
Judge Rejects Government’s Attempt to Dismiss EFF Lawsuit Against OPM, DOGE, and Musk
Court Confirms That, If Proven, DOGE’s Ongoing Access to Personnel Records Is Illegal < div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> NEW YORK—A lawsuit seeking to stop the U.S. Office of Personnel Management (OPM) from disclosing tens of millions…
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Elon Musk Dismisses Reports Of Imminent Departure From DOGE
Elon Musk dismisses report that Trump told cabinet that he expects Musk to leave his DOGE role within weeks This article has been indexed from Silicon UK Read the original article: Elon Musk Dismisses Reports Of Imminent Departure From DOGE
Android quietly installed a feature that scans your photos for ‘sensitive content’ – how to remove it
Google didn’t tell Android users much about Android System SafetyCore before it hit their phones. Fortunately, you can disable it. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Android quietly installed a…
IT Security News Hourly Summary 2025-04-03 18h : 15 posts
15 posts were published in the last hour 15:35 : Wordfence Intelligence Weekly WordPress Vulnerability Report (March 24, 2025 to March 30, 2025) 15:35 : EvilCorp join with RansomHub to launch global cyber attacks 15:35 : Mark Zuckerberg Lobbies Trump…
Operation HollowQuill Uses Malicious PDFs to Target Academic and Government Networks
A newly uncovered cyber-espionage campaign, dubbed Operation HollowQuill, has been identified as targeting academic, governmental, and defense-related networks in Russia using weaponized PDF documents. The operation, tracked by SEQRITE Labs APT-Team, leverages decoy research invitations to infiltrate systems associated with…
Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access
In a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a Managed Service Provider (MSP) by mimicking the login page of ScreenConnect, a popular Remote Monitoring and Management (RMM) tool. The attack, which occurred in January…
Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems
Hunters International, a ransomware group suspected to be a rebrand of the infamous Hive ransomware, has been linked to widespread attacks targeting Windows, Linux, FreeBSD, SunOS, and ESXi systems. Emerging in October 2023, the group has gained notoriety for its…
UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
In a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware…
New Phishing Campaign Targets Investors to Steal Login Credentials
Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a prominent online securities company in Japan formed through the merger of Monex, Inc. and Nikko Beans, Inc. The company provides individual investors with a range…
This sneaky Android spyware needs a password to uninstall. Here’s how to remove it without one.
A simple trick can remove malicious Android spyware apps that require a password to uninstall. This article has been indexed from Security News | TechCrunch Read the original article: This sneaky Android spyware needs a password to uninstall. Here’s how…
EFF Joins Amicus Brief Supporting Perkins Coie Law Firm Against Unconstitutional Executive Order
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> EFF has joined the American Civil Liberties Union and other legal advocacy organizations across the ideological spectrum in filing an amicus brief asking a federal judge to…
Anzeige: Weg von AWS & Co. – mit Stackit Cloud
Unternehmen stehen vor der Herausforderung, Daten sicher und souverän in der Cloud zu verwalten. Wie Stackit als Alternative zu Hyperscalern genutzt werden kann, zeigt dieser Onlinekurs – mit Strategien und Umsetzungstipps. (Golem Karrierewelt, Internet) Dieser Artikel wurde indexiert von Golem.de…
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
Cybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News Read the original article: Hackers Exploit…
How to detect and remove malware from an Android device
Mobile malware can come in many forms, but users might not know how to identify it. Understand the signs to be wary of on Android devices, as well as what to do to remove malware. This article has been indexed…
Hunters International Overlaps Hive Ransomware Attacking Windows, Linux, and ESXi Systems
A sophisticated ransomware operation known as Hunters International emerged in October 2023, with strong evidence suggesting connections to the formerly dismantled Hive ransomware group. The initial attack was documented on October 13, 2023, when the group disclosed their first victim—an…
DarkCloud Stealer Attacking Organizations with Weaponized .TAR Archive to Steal Passwords
A sophisticated cyber campaign leveraging the DarkCloud information stealer has targeted Spanish organizations across multiple critical sectors since early April 2025. The malware, distributed via weaponized .TAR archives embedded in phishing emails, exploits billing-themed lures to compromise technology, legal, financial,…
QR codes sent in attachments are the new favorite for phishers
Phishers are putting QR codes as images in attachments because it helps them bypass email filters. This article has been indexed from Malwarebytes Read the original article: QR codes sent in attachments are the new favorite for phishers
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
China’s FamousSparrow APT Hits United States Via SparrowDoor Malware
A China-linked cyberespionage gang known as ‘FamousSparrow’ was caught utilising a new modular version of its signature backdoor ‘SparrowDoor’ against a US-based trade organisation. Security experts at ESET spotted the activities and new malware version, uncovering evidence that the…
Major Online Platform for Child Exploitation Dismantled
An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users This article has been indexed from www.infosecurity-magazine.com Read the original article: Major Online Platform for Child Exploitation Dismantled