DragonForce has swiftly risen as a formidable player in 2025, embodying a hybrid threat that blends ideological ambiguity with ruthless opportunism. First identified in December 2023 with the debut of its “DragonLeaks” dark web portal, DragonForce may trace its origins…
Lampion Banking Malware Uses ClickFix Lures to Steal Banking Credentials
Unit 42 researchers at Palo Alto Networks, a highly targeted malicious campaign orchestrated by the threat actors behind the Lampion banking malware has been uncovered. Active since at least 2019, Lampion is an infostealer notorious for extracting sensitive banking information.…
Researchers Simulate DPRK’s Largest Cryptocurrency Heist Through Compromised macOS Developer and AWS Pivoting
Security researchers at Elastic have recreated the intricate details of the February 21, 2025, ByBit cryptocurrency heist, where approximately 400,000 ETH-valued at over a billion dollars-was stolen. Attributed to North Korea’s elite cyber unit, TraderTraitor, this attack exploited a trusted…
State of ransomware in 2025
Kaspersky researchers review ransomware trends for 2024, analyze the most active groups and forecast how this threat will evolve in 2025. This article has been indexed from Securelist Read the original article: State of ransomware in 2025
UK Cyber Insurance Claims Second Highest on Record
Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Insurance Claims Second Highest on Record
UK Government Warns Retail Attacks Must Serve as a “Wake-up Call”
UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Warns Retail Attacks Must Serve…
Mirai Botnet Actively Targeting GeoVision IoT Devices for Command Injection Exploits
The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices. The vulnerabilities, tracked as CVE-2024-6047 and CVE-2024-11120, were initially disclosed in June and November 2024, respectively,…
NSO Group must pay WhatsApp over $167M in damages for attacks on its users
NSO Group must pay WhatsApp over $167M in damages for a 2019 hack targeting 1,400+ users, per U.S. jury ruling after a five-year legal battle. A U.S. jury ordered NSO Group to pay WhatsApp over $167M for using Pegasus spyware…
Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day
At least two ransomware groups exploited the Windows zero-day CVE-2025-29824 before it was patched by Microsoft. The post Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that…
Second OttoKit Vulnerability Exploited to Hack WordPress Sites
Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges. The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Talent Shortages Bite as 80% of UK Firms Hit with AI Threats
Half of UK firms have over 10 cyber positions unfilled, according to Cisco This article has been indexed from www.infosecurity-magazine.com Read the original article: Talent Shortages Bite as 80% of UK Firms Hit with AI Threats
Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal
During our monitoring of Agenda ransomware activities, we uncovered campaigns that made use of the SmokeLoader malware and a new loader we’ve named NETXLOADER. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
IBM Cognos Analytics Security Vulnerability Allowed Unauthorized File Uploads
IBM has issued a security bulletin addressing two newly discovered, high-severity vulnerabilities in its Cognos Analytics platform. These flaws, tracked as CVE-2024-40695 (Malicious File Upload) and CVE-2024-51466 (Expression Language Injection), potentially expose enterprise systems to unauthorized file uploads and the risk of sensitive data…
Chrome Security Patch Addresses WebAudio Vulnerability Allowing Code Execution
Google has released a critical security update for Chrome, addressing a vulnerability that could allow attackers to execute malicious code through the browser’s WebAudio component. According to an announcement published on Tuesday, May 6, 2025, the stable channel has been…
Mirai Botnet Actively Exploiting GeoVision IoT Devices Command Injection Vulnerabilities
The cybersecurity landscape has once again been disrupted by the resurgence of the notorious Mirai botnet, which has been actively exploiting command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices. This latest campaign leverages two critical vulnerabilities-CVE-2024-6047 and…
160-Year-Old Haulage Firm Folds Following Cyber-Attack: Director Sounds Alarm
A devastating ransomware attack has forced Knights of Old, a 160-year-old haulage firm based in Kettering, Northamptonshire, into administration, resulting in 730 job losses and prompting a stark warning from its director to other businesses. Paul Abbott, who served on…
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan. The package in question is discordpydebug, which was uploaded to PyPI on…
Critical AWS Amplify Studio Flaw Allowed Attackers to Execute Arbitrary Code
Amazon Web Services (AWS) has addressed a critical security flaw (CVE-2025-4318) in its AWS Amplify Studio platform, which could have allowed authenticated attackers to execute malicious JavaScript code during component rendering. The vulnerability, publicly disclosed on May 5, 2025, affects the amplify-codegen-ui package, a…
Essential Cybersecurity Controls (ECC-1:2018) – A Comprehensive Guide
Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment,…
MIWIC25: Kiranjit Kaur Shergill, Developer at Barclays
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected…
US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations
The US government warns of threat actors targeting ICS/SCADA systems at oil and natural gas organizations. The post US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Blue Shield health data of nearly 5 million Californians leaked to Google
Last month, Blue Shield of California began notifying its customers that the health data of approximately 4.7 million patients had been leaked to Google. The… The post Blue Shield health data of nearly 5 million Californians leaked to Google appeared…
U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FreeType flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a FreeType flaw, tracked as CVE-2025-27363 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog.…
IT Security News Hourly Summary 2025-05-07 09h : 6 posts
6 posts were published in the last hour 7:2 : IT Guy Let Girlfriend Enter into Highly Restricted Server Rooms 7:2 : Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable 7:2 : NSO Group Fined $168M for Targeting 1,400…
Severe Kibana Flaw Allowed Attackers to Run Arbitrary Code
A newly disclosed security vulnerability in Elastic’s Kibana platform has put thousands of businesses at risk, with attackers able to execute arbitrary code on vulnerable systems. The flaw, identified as CVE-2025-25014, carries a critical CVSS score of 9.1, underscoring the urgency for…
Podcast Episode: Digital Autonomy for Bodily Autonomy
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> We all leave digital trails as we navigate the internet – records of what we searched for, what we bought, who we talked to, where we went or want to go…