A newly surfaced Ransomware-as-a-Service operation, dubbed GLOBAL GROUP, has begun deploying an AI‐driven negotiation tool that elevates the psychological pressure on victims and streamlines extortion workflows for affiliates. Security researchers at EclecticIQ first identified GLOBAL GROUP’s activity in early June…
Octalyn Stealer Harvests VPN Configs, Passwords, and Cookies in Organized Folder Structure
The Octalyn Forensic Toolkit, which is openly accessible on GitHub, has been revealed as a powerful credential stealer that poses as a research tool for red teaming and digital forensics. This is a worrying development for cybersecurity. Developed with a…
Kafbat UI Vulnerabilities Allow Arbitrary Code Execution via JMX Services
A critical security vulnerability has been discovered in Kafbat UI, a popular web-based interface for managing Apache Kafka clusters, allowing unauthenticated attackers to execute arbitrary code on affected systems through unsafe deserialization attacks. Critical Vulnerability Details The vulnerability, designated as…
Belk hit by May cyberattack: DragonForce stole 150GB of data
Ransomware group DragonForce claims it attacked U.S. retailer Belk in May, stealing over 150GB of data in a disruptive cyberattack. The infamous Ransomware group DragonForce claimed responsibility for the May disruptive attack on US department store chain Belk. The ransomware…
Stronger Together: How Industry and Law Enforcement Can Fight Global Cybercrime
Learn more about the first INTERPOL Cybercrime Expert Group (#CyberEX) meeting at INTERPOL headquarters in Lyon, France. The group discussed deep and wide-ranging insights on how to combat cybercrime through effective disruption strategies, collaborative investigation efforts, innovative prevention mechanisms, and…
F5 accelerates application delivery and security
F5 announced new tools to reduce the immense complexity cross-functional operations (XOps) teams face in managing hybrid, multicloud, and AI-driven application environments. F5 AI Assistant now provides a single natural language interface across F5 BIG-IP, F5 NGINX One, and F5…
Vulnerable firmware for Gigabyte motherboards could allow bootkit installation
UEFI firmware running on 100+ Gigabyte motherboard models is affected by memory corruption vulnerabilities that may allow attackers to install persistent and difficult-to-detect bootkits (i.e., malware designed to infect the computer’s boot process). “While AMI (the original firmware supplier) has…
SaaS Security Adoption Grows Amid Rising Breach Rates
The latest report from AppOmni has revealed 91% confidence in SaaS security while 75% of organizations have faced incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: SaaS Security Adoption Grows Amid Rising Breach Rates
FBI schließt illegale Videospiel-Websites
Ende vergangener Woche hat das FBI mehrere Webseiten stillgelegt, die widerrechtlich kopierte Videospiele angeboten haben. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: FBI schließt illegale Videospiel-Websites
From VPN to Zero Trust: Why It?s Time to Retire Traditional VPNs, Part 2
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: From VPN to Zero Trust: Why It?s Time to Retire Traditional VPNs,…
UK Pet Owners Targeted by Fake Microchip Renewal Scams
Microchip renewal scam targets UK pet owners using leaked data from insecure registries. Emails appear legit but aim to steal money and personal info. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto…
North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware
The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the…
Perplexity offers free AI tools to students worldwide in partnership with SheerID
Perplexity and SheerID launch a global program offering students up to two years of free AI access through secure identity verification. This article has been indexed from Security News | VentureBeat Read the original article: Perplexity offers free AI tools…
Data Breach at Debt Settlement Firm Impacts 160,000 People
Pennsylvania-based Century Support Services is disclosing a data breach after its systems were hacked in November 2024. The post Data Breach at Debt Settlement Firm Impacts 160,000 People appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total
Cloudflare has published its quarterly DDoS threat report for Q2 2025 and the company says it has blocked millions of attacks. The post DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total appeared first on SecurityWeek. This article…
Fingerprint helps enterprises distinguish between legitimate and malicious automated web traffic
Fingerprint announced new Smart Signals and platform enhancements that detect malicious bots and AI agents, distinguishing them from legitimate automated traffic. As agentic commerce experiences explosive growth and autonomous AI agents become increasingly sophisticated, enterprises need advanced tools to protect…
GitGuardian Launches MCP Server to Bring Secrets Security into Developer Workflows
Paris, France, 15th July 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: GitGuardian Launches MCP Server to Bring Secrets Security into Developer Workflows
New AsyncRAT Forks Discovered Featuring Screamer Tool and USB Malware Spreader
Cybersecurity researchers have identified two sophisticated AsyncRAT variants that expand the remote access trojan’s capabilities with a psychological warfare component and enhanced propagation mechanisms. The newly discovered forks introduce a “Screamer” plugin designed to terrorize victims through audio manipulation and…
BaitTrap Reveals Global Web of 17,000+ Fraud-Promoting Fake News Sites
Cybersecurity firm CTM360 has unveiled an extensive network of over 17,000 Baiting News Sites (BNS), engineered by cybercriminals to disseminate investment fraud on a global scale. These deceptive platforms, identified through CTM360’s proprietary WebHunt monitoring system, masquerade as authoritative news…
PoC Exploit Released for High-Severity Git CLI Arbitrary File Write Vulnerability
A critical vulnerability in Git CLI enables arbitrary file writes on Linux and macOS systems, with working proof-of-concept exploits now publicly available. CVE-2025-48384, assigned a CVSS severity score of 8.1/10, allows attackers to achieve remote code execution through maliciously crafted…
British Citizen Jailed for Islamophobic WiFi Hack at UK Train Stations
A British man has been sentenced to 24 months’ imprisonment, suspended for 24 months, after pleading guilty to hijacking WiFi networks at major UK train stations. Also, users were directed to Islamophobic content that referenced prior terrorist acts, causing significant…
The SaaS Security Disconnect: Why Most Organizations Are Still Vulnerable
A new report from AppOmni captures a significant misplaced confidence in the security of software-as-a-service applications and escalating risks associated with these cloud services. The post The SaaS Security Disconnect: Why Most Organizations Are Still Vulnerable appeared first on Security…
Pentera unveils capability to detect Git repository risk exposure
Pentera has introduced a capability to uncover and validate risk exposure from data in Git repositories. Pentera now discovers repositories linked to the organization, identifies embedded credentials, tokens, and other sensitive data, and utilizes them to execute safe-by-design test-attacks against…
At-Bay MXDR boosts security for mid-market and small businesses
At-Bay launched its new Managed Extended Detection and Response (MXDR) platform, designed to give mid-market and small businesses access to enterprise-grade cybersecurity at an affordable cost. Spanning endpoint, cloud, identity, and email, At-Bay Stance MXDR provided by At-Bay Security, gives…