21 posts were published in the last hour 12:33 : Security Flaw in WordPress Plugin Puts 22,000 Websites at Risk of Cyber Attacks 12:33 : Threat Actors Deploy Bumblebee Malware via Poisoned Bing SEO Results 12:33 : Cloud Security and…
Researchers Scanning the Internet, (Tue, May 20th)
We have been using our data to identify researchers scanning the internet for a few years. Currently, we are tracking 36 groups performing such scans, and our data feed of the IP addresses used contains around 33k addresses [1]. …
Regeneron to Buy 23andMe for $256M Amid Growing Data Privacy Concerns
Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for genetic testing pioneer 23andMe, offering $256 million for the majority of the company’s assets. Announced Monday, the deal would transfer 23andMe’s consumer genomics business and…
Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and sinnercore that automate the…
iPhone Security 101 – Protecting Your Device from Phishing Scams
In an age where smartphones contain our most sensitive information, phishing attacks targeting iPhone users have surged dramatically. According to recent reports, phishing messages have increased by 202% in the second half of 2024, with credential-based phishing attacks skyrocketing by…
Microsoft to Integrate AI With Windows 11 File Explorer
Microsoft is introducing artificial intelligence capabilities directly into Windows 11’s File Explorer, allowing users to manipulate files without opening dedicated applications. Announced in Windows 11 Insider Preview Build 26200.5603 (KB5058488) released to the Dev Channel on May 19, 2025, this…
WordPress Plugin Vulnerability Exposes 22,000 Sites to Cyber Attacks
A critical security vulnerability discovered in the popular Motors WordPress theme has exposed approximately 22,000 websites to significant risk. Security researchers have identified a privilege escalation vulnerability that allows unauthenticated attackers to take over administrative accounts, potentially compromising the entire…
NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch
VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available. The post NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
The OpenSSL Corporation and the OpenSSL Foundation Launch Distinguished Contributor Awards with OpenSSL 3.5 Honorees
The OpenSSL Corporation and the OpenSSL Foundation are launching the Distinguished Contributor Awards, a new programme formally recognising exceptional technical contributions to each OpenSSL Library release. These awards highlight individuals who drive critical advancements and demonstrate technical leadership in the…
Thüringer Polizei modernisiert Leitstellen mit Frequentis
Die Landespolizei Thüringen beauftragt Frequentis mit einem neuen Leitstellensystem – bereit für den künftigen Breitband-Digitalfunk. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Thüringer Polizei modernisiert Leitstellen mit Frequentis
LockBit Leak Shows Affiliates Use Pressure Tactics, Rarely Get Paid
Weeks after LockBit ransomware breach, leaked data reveals how affiliates generate ransomware, set ransom demands, and often walk away unpaid. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article:…
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While the campaign…
CISA Includes MDaemon Email Server XSS Flaw in KEV Catalog
Cybersecurity and Infrastructure Security Agency (CISA) has added a cross-site scripting (XSS) vulnerability affecting MDaemon Email Server to its Known Exploited Vulnerabilities (KEV) Catalog on May 19, 2025. This critical addition, identified as CVE-2024-11182, highlights a security flaw that allows…
Exploiting the AI Boom: How Threat Actors Are Targeting Trust in Generative Platforms like Kling AI
In early 2025, Check Point Research identified a cyber attack campaign exploiting the popularity of generative AI service, Kling AI. The attack began with deceptive social media ads leading to a fake website designed to trick users into downloading malicious…
Cynet boosts AI-powered threat detection accuracy
Cynet announced a major update to CyAI, its proprietary AI engine that powers advanced threat detection across the Cynet platform. By reducing false positives by 90%, CyAI advances Cynet’s mission to maximize purpose-built protection for managed service providers and small-to-medium…
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. “These…
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. “The attackers used spear phishing emails paired with geofenced payloads to ensure that only…
Cyberattack on Serviceaide Compromises Data of 480,000 Catholic Health Patients
Data breach at Serviceaide, Inc., a technology vendor for Catholic Health, exposed sensitive information belonging to approximately 480,000 patients. The incident, caused by an improperly secured Elasticsearch database, left names, Social Security numbers, medical records, and login credentials publicly accessible…
A security key for every employee? Yubikey-as-a-Service goes global
Yubico’s roaming authenticators can now be provisioned and delivered in 175 countries. Here’s what the service offers. This article has been indexed from Latest stories for ZDNET in Security Read the original article: A security key for every employee? Yubikey-as-a-Service…
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks
China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBooker, targeted an international organization in Saudi Arabia using a new backdoor called MarsSnake. The experts…
23andMe and its customers’ genetic data bought by a pharmaceutical org
The bankrupt 23andMe, along with all of its genetic data, has been bought by US drugmaker Regeneron Pharmaceuticals. This article has been indexed from Malwarebytes Read the original article: 23andMe and its customers’ genetic data bought by a pharmaceutical org
Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers
The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization. The post Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Red Hat Enterprise Linux 10 helps mitigate future quantum-based threats
Red Hat Enterprise Linux 10 provides a strategic and intelligent backbone for enterprise IT to navigate complexity, accelerate innovation and build a more secure computing foundation for the future. As enterprise IT grapples with the proliferation of hybrid environments and…
Product showcase: Secure digital and physical access with the Swissbit iShield Key 2
To meet today’s complex security requirements, organizations need solutions that are not only secure, but also practical and scalable. The Swissbit iShield Key 2 offers a compelling answer by combining two critical security functions – digital authentication and physical access…