A sophisticated Chinese hacking group known as Billbug (also tracked as Lotus Blossom, Lotus Panda, and Bronze Elgin) has intensified its espionage campaign across Southeast Asia, employing a new custom Reverse SSH Tool to compromise high-value targets. This group, active…
Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks
A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote Desktop Protocol (RDP) and Microsoft Office applications to compromise systems across multiple sectors and countries.…
Security Tools: First, They’re Good, Then They’re Bad
Security tools can also be vulnerable and so cybersecurity teams must put a premium on ensuring tools are used as intended for defense. The post Security Tools: First, They’re Good, Then They’re Bad appeared first on Security Boulevard. This article…
Hackers Abuse Zoom’s Remote Control to Access Users’ Computers
A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s remote control feature, allowing attackers to take over victims’ computers with a single click. The sophisticated operation, attributed to a threat group known as ELUSIVE…
Russian Hackers Target European Diplomats with ‘Wine-Tasting’ Phishing Scams
A Russian state-linked hacking group is ramping up its cyberattacks against diplomatic targets across Europe, using a new stealthy malware tool known as “GrapeLoader” to deliver malicious payloads through cleverly disguised phishing emails. According to Check Point Research, the campaign…
Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware
Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. Check Point Research team reported that Russia-linked cyberespionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) is behind a sophisticated phishing campaign targeting European diplomatic…
Phishing attacks leveraging HTML code inside SVG files
Attackers are increasingly sending phishing emails with SVG attachments that contain embedded HTML pages or JavaScript code. This article has been indexed from Securelist Read the original article: Phishing attacks leveraging HTML code inside SVG files
IT Security News Hourly Summary 2025-04-21 09h : 5 posts
5 posts were published in the last hour 7:3 : Rental company Hertz reports a cyber incident 7:3 : ASUS Router Flaw Allows Hackers to Remotely Execute Malicious Code 7:3 : Critical PyTorch Vulnerability Allows Hackers to Run Remote Code…
Oracle releases Unbreakable Enterprise Kernel 8 (UEK 8)
Oracle has released version 8 of its Unbreakable Enterprise Kernel (UEK), a custom Linux kernel built for Oracle Linux. UEK 8 includes updates to memory management, better file system support, faster networking, and improvements for specific hardware platforms. It also…
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Cybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations worldwide, according to…
Industrieroboter im Einsatz
Das Potenzial von Robotern in der Industrie und der Security-Branche in Verbindung mit KI ist groß, aber nicht ohne Risiko. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Industrieroboter im Einsatz
Google To Appeal Portions Of Ad Monopoly Ruling
Google says it will appeal ‘adverse’ portions of ruling that found its ad business is illegal monopoly, says decision was ‘mixed’ This article has been indexed from Silicon UK Read the original article: Google To Appeal Portions Of Ad Monopoly…
Speedify VPN Vulnerability on macOS Exposes Users to System Takeover
A major security flaw in the Speedify VPN application for macOS, tracked as CVE-2025-25364, has exposed millions of users to the risk of complete system compromise. Researchers at SecureLayer7 discovered the vulnerability in Speedify’s privileged helper tool. It could potentially allow…
A week in security (April 12 – April 18)
A list of topics we covered in the week of April 12 to April 18 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (April 12 – April 18)
Microsoft Entra lockouts, wine tasting malware, job scam solution
Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client…
Rental company Hertz reports a cyber incident
Popular car rental company Hertz began distributing a “notice of data incident” to customers worldwide, including customers in the USA. The letter mentions a cyber… The post Rental company Hertz reports a cyber incident appeared first on Panda Security Mediacenter.…
ASUS Router Flaw Allows Hackers to Remotely Execute Malicious Code
ASUS has acknowledged multiple critical vulnerabilities affecting its routers that could allow hackers to remotely execute malicious code, thereby compromising network security and user privacy. These flaws highlight the continuous challenges in securing IoT and networking devices against increasingly sophisticated…
Critical PyTorch Vulnerability Allows Hackers to Run Remote Code
A newly disclosed critical vulnerability (CVE-2025-32434) in PyTorch, the widely used open-source machine learning framework, allows attackers to execute arbitrary code on systems loading AI models—even when safety measures like weights_only=True are enabled. The flaw impacts all PyTorch versions ≤2.5.1 and has…
Hackers Exploiting Google’s OAuth System Flaws to Bypass Gmail Security Filters
A highly sophisticated phishing attack exploiting vulnerabilities in Google’s OAuth system has been identified. The attack, which successfully bypasses Gmail’s security filters, appears legitimate to users as it originates from authentic Google domains and passes all standard security checks, including…
Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear’s New Malware, and Canada’s Anti-Fraud Proposals
Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear’s New Malware, and Canada’s Anti-Fraud Proposals In this episode of Cybersecurity Today, hosted by David Shipley, we examine several major cybersecurity stories. A whistleblower accuses Elon Musk’s team’s involvement…
How the China-US Trade Tariff War Is Increasing Cybersecurity Concerns
The ongoing trade dispute between China and the United States, commonly referred to as the “tariff war,” has created far-reaching effects beyond economics and politics. One of the often overlooked consequences of this prolonged conflict is its growing impact on…
Cybercriminals Exploit Google OAuth Loophole to Evade Gmail Security
A sophisticated phishing attack exploiting a loophole in Google’s OAuth infrastructure has surfaced, raising significant concerns about the security of Gmail users worldwide. Security researcher Nick Johnson (@nicksdjohnson) recently shared details of the attack via social media, underscoring the urgent…
Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, API keys, and personal information. “Unlike most open-source tools…
Cisco: Ältere Webex-Apps können Schadcode einschleusen
Zwei Versionen des Webex-Clients können in URLs versteckte Befehle ausführen, wenn ein Link geöffnet wird. Das betrifft alle Betriebssysteme, sagt Cisco. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Cisco: Ältere Webex-Apps können Schadcode einschleusen