A sophisticated new malware strain called “Arcane” that specifically targets network utilities, VPN clients, and file transfer applications. The malware, discovered in late 2024, is being distributed through seemingly innocent YouTube videos that promote game cheats and cracks, putting thousands…
New AI Jailbreak Technique Bypasses Security Measures to Write Malware for Google Chrome
A new report indicates that individuals lacking technical knowledge can create advanced malware using widely recognized AI systems, thereby turning ordinary people into significant cybersecurity threats. The 2025 Cato CTRL™ Threat Report, published on March 18, details how a threat…
Cloudflare Launches Cloudforce One Threat Platform to Analyze IoCs, IP, Hashes & Domains
Cloudflare has unveiled its new threat events platform for Cloudforce One customers, offering a comprehensive solution to one of the most significant challenges in cybersecurity today: contextualizing threat intelligence data. The platform provides security practitioners with actionable insights by analyzing indicators…
The “free money” trap: How scammers exploit financial anxiety
With financial stress at an all-time high, people are desperately seeking relief. Sadly, scammers know this all too well. This article has been indexed from Malwarebytes Read the original article: The “free money” trap: How scammers exploit financial anxiety
1Kosmos 1Key secures shared login environments and OT systems
1Kosmos announced 1Kosmos 1Key for shared account login environments. With FIDO-compliant biometric authentication, 1Kosmos 1Key addresses the pressing need for security, accountability, and auditability in settings where multiple users access shared accounts, such as operational technology (OT) systems, hospitality services,…
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day Initiative have warned on…
Vanta unveils features and capabilities to strengthen security collaboration
Vanta announced a series of new features and capabilities to help security and GRC teams seamlessly collaborate across their organization and extended network. These releases—including team-based collaboration and granular user access, an integrated Vanta Exchange for vendor security reviews, enhanced…
Report: The State of Secrets Sprawl 2025
GitGuardian’s State of Secrets Sprawl 2025 report shows no progress in combating secrets sprawl, with 23.8 million secrets leaked on public GitHub repositories in 2024—a 25% year-over-year increase. Despite GitHub Push Protection’s efforts, secrets sprawl is accelerating, especially with generic…
752,000 Browser Phishing Attacks Mark 140% Increase YoY
A surge in browser-based phishing attacks has been recorded over the past year, with a 140% increase compared to 2023 according to Menlo Security This article has been indexed from www.infosecurity-magazine.com Read the original article: 752,000 Browser Phishing Attacks Mark…
IT Security News Hourly Summary 2025-03-19 15h : 18 posts
18 posts were published in the last hour 13:35 : Firmware angreifbar: Kritische BMC-Lücke lässt Hacker fremde Serversysteme kapern 13:34 : mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control 13:34 : Elastic expands partnership with Tines to scale…
Firmware angreifbar: Kritische BMC-Lücke lässt Hacker fremde Serversysteme kapern
Eine kritische Schwachstelle in der BMC-Firmware gefährdet zahlreiche Server. Hacker können Malware einschleusen und sogar Hardware beschädigen. (Sicherheitslücke, Lenovo) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Firmware angreifbar: Kritische BMC-Lücke lässt Hacker fremde Serversysteme…
mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control
Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more. However, this digital transformation also brings with it a heightened vulnerability to cyber threats. Recent research by our…
Elastic expands partnership with Tines to scale security operations
Elastic announced an expanded partnership with an integrated offering that includes Tines Workflow Automation and the Elastic Search AI Platform to simplify security and observability workflow automation. The partnership equips security teams with security orchestration, automation and response (SOAR) and…
AI In Software Development: Balancing Innovation and Security in An Era of Lowered Barriers
AI is reshaping software development. The advent of sophisticated AI models such as DeepSeek and Ghost GPT has democratized access to powerful AI-assisted coding tools, pushing the boundaries of innovation… The post AI In Software Development: Balancing Innovation and Security…
Attackers Hide Malicious Word Files Inside PDFs to Evade Detection
A newly identified cybersecurity threat involves attackers embedding malicious Word files within PDFs to deceive detection systems. This technique, confirmed by JPCERT/CC, exploits the fact that files created using MalDoc in PDF can be opened in Microsoft Word, even though…
Sante PACS Server Flaws Allow Remote Attackers to Download Arbitrary Files
Recently, several critical vulnerabilities were discovered in Sante PACS Server version 4.1.0, leaving it susceptible to severe security breaches. These vulnerabilities, identified by CVE-2025-2263, CVE-2025-2264, CVE-2025-2265, and CVE-2025-2284, expose the server to potential attacks that can lead to unauthorized access, data breaches, and denial-of-service…
Is Firebase Phishing a Threat to Your Organization?
Check Point researchers have uncovered a sophisticated credential harvesting attack that leverages Firebase, a popular web application hosting service. This attack involves the creation of highly convincing and professionally designed phishing web pages that impersonate well-known services. The attackers also…
Linux Foundation’s trust scorecards aim to battle rising open-source security threats
How do you tell the difference between trustworthy open-source developers and hackers? Here’s one idea. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Linux Foundation’s trust scorecards aim to battle rising open-source…
Ex-US Cyber Command chief: Europe and 5 Eyes can’t fully replicate US intel
Cue deepening existential European dread as Rest of World contemplates Trump turning off the info tap If the United States stopped sharing cyber-threat intel with Ukraine, its European allies and the rest of the Five Eyes nations wouldn’t be able…
Researchers name several countries as potential Paragon spyware customers
The Citizen Lab said it believes several governments may be customers of spyware maker Paragon Solutions. © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the original article:…
Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources
Recent security findings reveal that threat actors are actively exploiting misconfigured Azure application proxies to gain unauthorized access to organizations’ internal resources. When Azure app proxy pre-authentication is set to “Passthrough” instead of the default “Microsoft Entra ID” setting, private…
PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems
Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems. The vulnerability, tracked as CVE-2024-4577, has been actively exploited since June 2024,…
MirrorFace Hackers Customized AsyncRAT Execution Chain to Run Within Windows Sandbox
The China-aligned advanced persistent threat (APT) group MirrorFace has updated its tactics, techniques, and procedures (TTPs) with a sophisticated approach to deploying malware. Known primarily for targeting Japanese entities, the group has expanded its operations to include a Central European…
Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads
Cybersecurity researchers have identified a concerning new attack vector where threat actors are actively exploiting a vulnerability in Google Chrome version 133.0.6943.126 through DLL side-loading techniques. This sophisticated attack allows malicious code execution through Chrome’s trusted subprocesses, creating a significant…