Over half of page requests for web content are now automated as LLM scrapers take over Over a third of login attempts for the Technology industry are account takeover attacks Healthcare and Hospitality were the most targeted industries on web,…
GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries
A critical SQL injection vulnerability, tracked as CVE-2025-24799, has been identified in GLPI, a widely used open-source IT Service Management (ITSM) tool. The flaw, if exploited, enables remote, unauthenticated attackers to manipulate database queries, potentially leading to severe consequences such as data…
Hackers Exploit MailChimp Email Marketing Platform Using Phishing and Social Engineering Tactics
Cybercriminals are increasingly targeting MailChimp, a popular email marketing platform, through sophisticated phishing and social engineering attacks. Recent incidents reveal compromised accounts being used to exfiltrate subscriber lists, impersonate trusted brands, and launch secondary attacks. Attackers bypass multi-factor authentication (MFA)…
Keeper Unveils Latest WearOS App for Android
Keeper Security has unveiled its latest improvements to the Keeper WearOS app that accompanies their flagship password management solution. The upscaled app enhances security and ease for smartwatch users. The update aligns with Google’s latest Android guidelines, providing a more intuitive…
Redcurl Actors New Ransomware Exclusively Attacking Hyper-V Servers
A new ransomware strain has been discovered targeting virtualized environments, specifically Microsoft Hyper-V servers. This targeted approach marks a significant evolution in ransomware tactics, as the malware focuses exclusively on hypervisors rather than encrypting all endpoint devices, creating maximum damage…
Blacklock Ransomware Infrastructure Intruded to Uncover Their Planned Attacks
Blacklock ransomware, also known as “El Dorado” or “Eldorado,” emerged as one of the most aggressive ransomware-as-a-service (RaaS) operations in early 2025. The group rapidly accelerated attacks across multiple sectors including electronics, academia, religious organizations, defense, healthcare, technology, and government…
Cloudflare Announces OpenPubkey SSH to Integrate Single-Sign-on With SSH
Cloudflare announced the open-sourcing of OPKSSH (OpenPubkey SSH) on March 25, 2025. This technology integrates single sign-on (SSO) with SSH authentication, eliminating the need for manual SSH key management. Previously owned by BastionZero (acquired by Cloudflare), the code has been…
Meta AI Will Begin Rolling Out Across 41 European Countries
After nearly a year of regulatory hurdles, Meta has finally begun deploying its conversational AI assistant across the European Union and neighboring countries this week. The rollout, which covers 41 European countries and 21 overseas territories, marks Meta’s largest global…
GLPI Open-source ITSM Tool Vulnerability Let Attackers Inject Malicious SQL Queries
A critical vulnerability in GLPI, a widely-used open-source IT Service Management (ITSM) platform tracked as CVE-2025-24799, enables unauthenticated attackers to perform SQL injection attacks through the inventory endpoint. This flaw can lead to remote code execution (RCE), potentially resulting in…
Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages. The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and they found it. There’s currently no indication that the Firefox bug (CVE-2025-2857)…
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and…
IT Security News Hourly Summary 2025-03-28 12h : 10 posts
10 posts were published in the last hour 10:39 : Safeguarding Patient Data and Embracing Emerging Technologies 10:39 : Mozilla fixed critical Firefox vulnerability CVE-2025-2857 10:39 : Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe 10:10 : Risiko für…
Safeguarding Patient Data and Embracing Emerging Technologies
The healthcare industry is particularly vulnerable to cybersecurity threats due to the valuable data it processes; Protected Health Information (PHI) is among the most sensitive and valuable data in existence. As the past few years have shown, the consequences of…
Mozilla fixed critical Firefox vulnerability CVE-2025-2857
Mozilla addressed a critical vulnerability, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Mozilla has released security updates to address a critical flaw, tracked as CVE-2025-2857, impacting its Firefox browser for Windows. Recently, Google addressed a similar vulnerability, tracked…
Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Risiko für Netzstabilität: Gefährliche Sicherheitslücken in PV-Systemen entdeckt
Forscher haben Sicherheitslücken in PV-Systemen untersucht und dabei auch neue gefunden. Sie warnen vor folgenschweren Angriffen auf die Netzstabilität. (Sicherheitslücke, Datenschutz) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Risiko für Netzstabilität: Gefährliche Sicherheitslücken in…
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Cisco Talos is actively tracking an ongoing campaign, targeting users in Ukraine with malicious LNK files which run a PowerShell downloader since at least November 2024. This article has been indexed from Cisco Talos Blog Read the original article: Gamaredon…
How businesses can manage their dark web exposure in 2025
The ‘dark web’ – a segment of the internet that often requires distinct access methods – has long been a hub for cybercrime that hackers adopted as a safe haven to trade data leaks, hacking tools and all things related…
Kuala Lumpur Airport Suffered Cyberattack – Hackers Demanded US$10 Million Ransom
Malaysia’s Prime Minister Anwar Ibrahim confirmed on Tuesday that hackers demanded a US$10 million ransom following a sophisticated cyberattack that disrupted critical systems at Kuala Lumpur International Airport (KLIA) over the weekend. The security breach, which occurred on March 23,…
Weaponized Google Ads Attacking DeepSeek Users to Deliver Malware
Cybercriminals have launched a sophisticated attack campaign leveraging Google’s sponsored search results to target users searching for DeepSeek, the increasingly popular AI platform. The attack uses convincingly crafted fake advertisements that appear at the top of Google search results, mimicking…
Mozilla Releases Urgent Patch for Windows Users Following Recently Exploited Chrome Zero-day
Mozilla has released an emergency security update for its Firefox browser on Windows systems to address a critical vulnerability that could allow attackers to escape browser sandboxes and potentially gain control of affected systems. The patch comes shortly after Google…
New Lucid PhAAS Platform Leveraging RCS & iMessage to Bypass Detections
A sophisticated new phishing platform named Lucid has emerged as a significant cybersecurity threat, targeting 169 entities across 88 countries globally. Developed by Chinese-speaking threat actors, this Phishing-as-a-Service (PhAAS) platform operates through 129 active instances and over 1,000 registered domains.…
[UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen nicht näher spezifizierten Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den…