Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper. The activity…
Glassworm Malware Strikes Again In VS Code
The Glassworm campaign is a serious, ongoing malware attack targeting the developer community, specifically through malicious extensions The post Glassworm Malware Strikes Again In VS Code first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Smarttube Breach Pushes Malicious Update
The popular open-source SmartTube YouTube client for Android TV experienced a significant security breach when an attacker managed to gain access The post Smarttube Breach Pushes Malicious Update first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Shadypanda Extensions Hit Millions Users
The long-running malicious operation known as “ShadyPanda” has successfully amassed over 4.3 million installations of browser extensions for Chrome and Edge The post Shadypanda Extensions Hit Millions Users first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Phishing 3.0: AI and Deepfake-Driven Social Engineering Attacks
Phishing is no longer an easy-to-detect cyberattack. With the rise of artificial intelligence, attackers now launch AI-driven phishing campaigns to mimic human behavior. They can now generate flawless emails and use deepfake phishing attacks. Email security threats are more prominent…
Hackers Leverages Telegram, WinSCP, Google Chrome, and Microsoft Teams to Deploy ValleyRat
A new malware campaign has emerged that exploits the trust users place in popular applications. Threat actors are distributing trojanized installers for Telegram, WinSCP, Google Chrome, and Microsoft Teams to deploy ValleyRat, a remote access trojan designed for long-term system…
Glassworm Malware Hits OpenVSX and Microsoft Visual Studio Platforms with 24 New Packages
The Glassworm malware campaign has resurfaced with unprecedented scale, deploying 24 malicious extensions across Microsoft Visual Studio Marketplace and OpenVSX over the past week. This latest wave of attacks demonstrates the persistent threat posed by supply chain compromises targeting developer…
Raspberry Pi 5 Now Available With 1GB RAM With Dual-Band Wi-Fi and PCI Express Port Support
The Raspberry Pi Foundation has announced immediate availability of a new 1GB version of the Raspberry Pi 5, marking a significant expansion of its affordable computing platform. The new entry-level model arrives at $45, making high-performance computing more accessible to…
Microsoft Investigates Defender Portal Access Issues Following Traffic Spike
Microsoft is currently investigating a service disruption affecting the Microsoft Defender portal, which has blocked numerous security professionals from accessing critical threat management tools. The issue, tracked under the identifier DZ1191468 in the Microsoft 365 admin center, sparked concerns early…
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors
The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access. The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek. This article has been indexed from…
Cyber Startup Frenetik Launches with Patented Deception Technology That Bets Against the AI Arms Race
Bethesda, USA / Maryland, 2nd December 2025, CyberNewsWire Cyber Startup Frenetik Launches with Patented Deception Technology That Bets Against the AI Arms Race on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has…
India plans to verify and record every smartphone in circulation
The Indian government has ordered smartphone makers to preinstall its Sanchar Saathi app on all devices, a move that is raising fresh privacy concerns. This article has been indexed from Security News | TechCrunch Read the original article: India plans…
‘Korea’s Amazon’ Coupang discloses a data breach impacting 34M customers
Coupang disclosed a five-month data breach that exposed the personal information of nearly 34 million South Korean customers. South Korean e-commerce giant disclosed a data breach affecting nearly 34 million customers, exposing personal information over a period of more than…
Unit 42 Incident Response Retainer for AWS Security Incident Response
Unit 42 and AWS launch a no-cost Incident Response Retainer for AWS Security, including 250 free hours and a 2-hour response time agreement. The post Unit 42 Incident Response Retainer for AWS Security Incident Response appeared first on Palo Alto…
Like Social Media, AI Requires Difficult Choices
In his 2020 book, “Future Politics,” British barrister Jamie Susskind wrote that the dominant question of the 20th century was “How much of our collective life should be determined by the state, and what should be left to the market…
CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote Code Execution
At the end of October 2025, Oracle released an emergency security alert addressing CVE-2025-61757, a high-severity authentication-bypass flaw that enables remote code execution in the Identity Manager product of Oracle Fusion Middleware (versions 12.2.1.4.0 and 14.1.2.1.0). Multiple threat actors are already exploiting the vulnerability…
Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers
The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution. The post Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Saporo Raises $8 Million for Identity Security Platform
The Swiss cybersecurity firm will scale its R&D, sales and marketing teams as it pursues expansion across Europe. The post Saporo Raises $8 Million for Identity Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Span Cyber Security Arena 2026 to offer new perspectives on the development of cybersecurity
Through lectures, deep-dive presentations, best practice examples, and masterclasses, the focus of Span Cyber Security Arena 2026 will be on what strengthens our defense against cyber threats. Span Cyber Security Arena 2026 will be held in Poreč from May 20…
Proxyearth Tool Lets Anyone Trace Users in India with Just a Mobile Number
Proxyearth is a new site that shows names, Aadhaar numbers, and live locations of users in India using only mobile numbers, raising serious privacy and security concerns. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech,…
AI Adoption Surges While Governance Lags — Report Warns of Growing Shadow Identity Risk
Baltimore, MD, 2nd December 2025, CyberNewsWire AI Adoption Surges While Governance Lags — Report Warns of Growing Shadow Identity Risk on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed from…
Apache Struts Vulnerability Let Attackers Trigger Disk Exhaustion Attacks
A critical security flaw in Apache Struts could allow attackers to trigger disk exhaustion attacks, rendering affected systems unusable. The vulnerability, tracked as CVE-2025-64775, stems from a file leak in multipart request processing that enables denial-of-service conditions. Apache Struts researcher…
Charging Cable that Hacks your Device to Record Keystrokes and Control Wi-Fi
The Evil Crow Cable Wind is a stealthy tool for red teamers that hides a powerful hacking implant inside what appears to be a standard USB charging cable. Designed by security researcher Joel Serna Moreno, this device functions as a…
Google patches 107 Android flaws, including two being actively exploited
Google’s December update fixes two Android bugs that criminals are actively exploiting. Update as soon as you can. This article has been indexed from Malwarebytes Read the original article: Google patches 107 Android flaws, including two being actively exploited