On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian identified 14,206 secrets across 487 organizations, with 2,485 still valid. The post…
Hack of SitusAMC Puts Data of Financial Services Firms at Risk
SitusAMC, a services provider with clients like JP MorganChase and Citi, said its systems were hacked and the data of clients and their customers possibly compromised, sending banks and other firms scrambling. The data breach illustrates the growth in the…
IT Security News Hourly Summary 2025-11-24 18h : 10 posts
10 posts were published in the last hour 17:3 : DOGE days are over as Trump disbands Elon Musk’s team of federal cost-cutters 17:3 : Dropping Elephant Hacker Group Attacks Defense Sector Using Python Backdoor via MSBuild Dropper 17:2 :…
DOGE days are over as Trump disbands Elon Musk’s team of federal cost-cutters
DOGE members are reportedly worried that they could face prosecution for some of their activities conducted while under the leadership of Elon Musk. This article has been indexed from Security News | TechCrunch Read the original article: DOGE days are…
Dropping Elephant Hacker Group Attacks Defense Sector Using Python Backdoor via MSBuild Dropper
India-aligned threat group Dropping Elephant has launched a sophisticated multi-stage cyberattack targeting Pakistan’s defense sector using a Python-based remote access trojan disguised within an MSBuild dropper. Idan Tarab has identified this advanced campaign that leverages fake defense-related phishing lures to…
Sha1-Hulud Supply Chain Attack: 800+ npm Packages and Thousands of GitHub Repos Compromised
A massive resurgence of the Sha1-Hulud supply chain malware has struck the open-source ecosystem, compromising over 800 npm packages and tens of thousands of GitHub repositories in a campaign the attackers have dubbed “The Second Coming.” This sophisticated wave targets…
PoC released for W3 Total Cache Vulnerability that Exposes 1+ Million Websites to RCE Attacks
A proof-of-concept exploit has been publicly released for CVE-2025-9501, a critical, unauthenticated command-injection vulnerability affecting W3 Total Cache, one of WordPress’s most widely deployed caching plugins. With over 1 million active installations, the vulnerability poses a significant risk to countless…
Chinese-Linked Hackers Exploit Claude AI to Run Automated Attacks
Anthropic has revealed a major security incident that marks what the company describes as the first large-scale cyber espionage operation driven primarily by an AI system rather than human operators. During the last half of September, a state-aligned Chinese…
Matrix Push C2 abuses browser notifications to deliver phishing and malware
Attackers can send highly realistic push notifications through your browser, including fake alerts that can lead to malware or phishing pages. This article has been indexed from Malwarebytes Read the original article: Matrix Push C2 abuses browser notifications to deliver…
When the Browser Becomes the Battleground for AI and Last-Mile Attacks
For years we treated the browser as just another application. That era is over. As Vivek Ramachandran points out, the browser has quietly become the new endpoint—and attackers have noticed. Users now live in the browser for work, banking, crypto,…
Apple’s Digital ID Tool Sparks Privacy Debate Despite Promised Security
Apple’s newly introduced Digital ID feature has quickly ignited a divide among users and cybersecurity professionals, with reactions ranging from excitement to deep skepticism. Announced earlier this week, the feature gives U.S. iPhone owners a way to present their…
Cybercriminals Speed Up Tactics as AI-Driven Attacks, Ransomware Alliances, and Rapid Exploitation Reshape Threat Landscape
Cybercriminals are rapidly advancing their attack methods, strengthening partnerships, and harnessing artificial intelligence to gain an edge over defenders, according to new threat intelligence. Rapid7’s latest quarterly findings paint a picture of a threat environment that is evolving at…
Hackers steal sensitive data from major banking industry vendor
The incident highlights how supply-chain compromises threaten even well-defended industries. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Hackers steal sensitive data from major banking industry vendor
Shai Hulud npm Worm Impacts 26,000+ Repos in Supply Chain Attack
The Shai Hulud worm’s “Second Coming” has compromised over 26,000 public repositories. We detail the attacker’s mistake, the target packages, and mandatory security tips. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and…
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects “allow attackers to bypass authentication, perform path traversal, achieve remote code…
Delta Dental of Virginia data breach impacts 145,918 customers
Delta Dental of Virginia suffered a data breach that exposed personal and health data of about 146,000 customers after the hack of an email account. A security breach at the dental care provider Delta Dental of Virginia (DDVA) exposed data…
CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability
CISA has added CVE-2025-61757 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: CISA Confirms Exploitation…
Years-old bugs in open source tool left every major cloud open to disruption
Fluent Bit has 15B+ deployments … and 5 newly assigned CVEs A series of “trivial-to-exploit” vulnerabilities in Fluent Bit, an open source log collection tool that runs in every major cloud and AI lab, was left open for years, giving…
CrowdStrike Insider Helped Hackers Falsely Claim System Breach
The company has confirmed that it terminated an insider who shared screenshots of his computer with cybercriminals. The post CrowdStrike Insider Helped Hackers Falsely Claim System Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Conflicts between URL mapping and URL based access control., (Mon, Nov 24th)
We continue to encounter high-profile vulnerabilities that relate to how URL mapping (or “aliases”) interac\|zsh:1: parse error near `&' ts with URL-based access control. Last week, we wrote about the Oracle Identity Manager vulnerability. I noticed some scans for an…
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuels the Development of Fully Autonomous Malware
Large language models like GPT-3.5-Turbo and GPT-4 are transforming how we work, but they are also opening doors for cybercriminals to create a new generation of malware. Researchers have demonstrated that these advanced AI tools can be manipulated to generate…
Tenda N300 Vulnerabilities Let Attacker to Execute Arbitrary Commands as Root User
Tenda N300 wireless routers and 4G03 Pro portable LTE devices face severe security threats from multiple command injection vulnerabilities that allow attackers to execute arbitrary commands with root privileges. The affected devices currently lack vendor patches, leaving users vulnerable. The…
APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods
In October 2025, a significant breach exposed the internal workings of APT35, also known as Charming Kitten, a cyber unit operating within Iran’s Islamic Revolutionary Guard Corps Intelligence Organization. Thousands of leaked documents revealed the group’s systematic approach to targeting…
Intrusion at real estate finance biz sparks concern for big banks
SitusAMC rules out ransomware, but accounting records for major institutions potentially affected Real estate finance business SitusAMC says thieves sneaked into its systems earlier this month and made off with confidential client data.… This article has been indexed from The…