The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe authentication vulnerability affecting Iskra iHUB and iHUB Lite intelligent metering gateways worldwide. Assigned CVE-2025-13510 with a CVSS score of 9.3, this vulnerability represents a significant…
Water Saci Hackers Exploit AI Tools to Target WhatsApp Web Users
The Water Saci campaign targeting Brazilian users has escalated significantly, with threat actors demonstrating remarkable technical sophistication by employing artificial intelligence to enhance their malware propagation capabilities. Security researchers have identified a critical shift in the group’s attack methodology: the…
Multiple Django Vulnerabilities Enables SQL Injection and Denial-of-Service Attacks
The development team has officially released essential security updates to address two significant vulnerabilities found in the popular web framework. These issues range from high to moderate severity. They could allow attackers to compromise database integrity or crash servers through…
Panaseer IQ Suite uses generative AI to explain risk changes and guide remediation
Panaseer has released the Panaseer IQ Suite, a new family of GenAI powered tools designed for organizations facing growing attack surfaces and attackers using AI to expand their reach and precision. By turning cybersecurity controls data into actionable remediation across…
Here’s your worst nightmare: E-tailer can only resume partial sales 45 days after ransomware attack
Japan’s Askul still can’t run all its sites, but at least the fax line held up OK Japanese e-tailer Askul has resumed online sales, 45 days after a ransomware attack.… This article has been indexed from The Register – Security…
Global law enforcement actions put pressure on cybercrime networks
In 2025, law enforcement agencies disrupted the infrastructure and operations of established cybercriminal groups. These groups shift across borders, and the agencies pursuing them are adjusting to that. International operations target cybercrime rings worldwide US investigators carried out one of…
Chrome 143 Released With Fix for 13 Vulnerabilities that Enable Arbitrary Code Execution
Google has officially promoted Chrome 143 to the Stable channel, rolling out version 143.0.7499.40 for Linux and 143.0.7499.40/41 for Windows and Mac. This significant update addresses 13 security vulnerabilities, including several high-severity flaws that could allow attackers to execute arbitrary…
Portmaster: Open-source application firewall
Portmaster is a free and open source application firewall built to monitor and control network activity on Windows and Linux. The project is developed in the EU and is designed to give users stronger privacy without asking them to manage…
Chrome 143 Update Patches 13 Security Vulnerabilities Allowing Arbitrary Code Execution
Google has released Chrome 143 to the stable channel, addressing 13 security vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update is now rolling out to Windows, Mac, and Linux users worldwide. The latest version,…
BPFDoor and Symbiote: Advanced eBPF-Based Rootkits Target Linux Systems
Extended Berkeley Packet Filter (eBPF) represents one of Linux’s most powerful kernel technologies, enabling users to load sandboxed programs directly into the kernel for network packet inspection and system call monitoring. Introduced in 2015 to modernize the 1992 BPF architecture,…
Living off the Land Attacks and Emerging Cyber Threats
This episode of Cybersecurity Today, hosted by Jim Love, delves into various cybersecurity threats and latest news. Topics include ‘living off the land’ attacks using Microsoft’s native utilities, spoofing Calendly invites for phishing Google and Meta credentials, a significant…
MuddyWater: Snakes by the riverbank
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook This article has been indexed from WeLiveSecurity Read the original article: MuddyWater: Snakes by the riverbank
Threat intelligence programs are broken, here is how to fix them
Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear insights, and executives see costs that do not lead to better outcomes. A…
CISOs are questioning what a crisis framework should look like
CISOs increasingly assume the next breach is coming. What concerns them most is whether their teams will understand the incident quickly enough to limit the fallout. A recent report by Binalyze looks at how investigation practices are holding up across…
IT Security News Hourly Summary 2025-12-03 06h : 1 posts
1 posts were published in the last hour 5:2 : Google Confirms Data Breach from 200 Companies
Google Confirms Data Breach from 200 Companies
Google has confirmed that hackers stole data from more than 200 companies after exploiting apps developed by Gainsight, a customer success software provider. The breach targeted Salesforce systems and is being described as one of the biggest supply chain attacks…
Hackers can Hijack Your DashCams in Seconds and Weaponize them for Future Attacks
Dashcams have become essential devices for drivers worldwide, serving as reliable witnesses in case of accidents or roadside disputes. However, a team of Singaporean cybersecurity researchers has uncovered a disturbing reality: these seemingly harmless devices can be hijacked within seconds…
ChatGPT Down – Users Report Outage Worldwide, Conversations Disappeared for Users
Millions of users worldwide faced a significant disruption to their workflows early Wednesday morning as ChatGPT suffered a major service outage. The incident, which began shortly before 6:30 AM, rendered the popular AI chatbot inaccessible for many and caused alarming…
Chrome 143 Released With Fix for 13 Vulnerabilities that Enables Arbitrary Code Execution
Google has officially promoted Chrome 143 to the Stable channel, rolling out version 143.0.7499.40 for Linux and 143.0.7499.40/41 for Windows and Mac. This significant update addresses 13 security vulnerabilities, including several high-severity flaws that could allow attackers to execute arbitrary…
ISC Stormcast For Wednesday, December 3rd, 2025 https://isc.sans.edu/podcastdetail/9722, (Wed, Dec 3rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, December 3rd, 2025…
Indian government reveals GPS spoofing at eight major airports
Extra infosec investments are taxiing towards the runway India’s Civil Aviation Minister has revealed that local authorities have detected GPS spoofing and jamming at eight major airports.… This article has been indexed from The Register – Security Read the original…
The Browser Defense Playbook: Stopping the Attacks That Start on Your Screen
85% of daily work occurs in the browser. Unit 42 outlines key security controls and strategies to make sure yours is secure. The post The Browser Defense Playbook: Stopping the Attacks That Start on Your Screen appeared first on Unit…
Russia Wants This Mega Missile to Intimidate the West, but It Keeps Crashing
One of Vladimir Putin’s favorite sabers to rattle seems to have lost its edge. This article has been indexed from Security Latest Read the original article: Russia Wants This Mega Missile to Intimidate the West, but It Keeps Crashing
Unraveling Water Saci’s New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind Water Saci are quickly upgrading their malware delivery and propagation methods across WhatsApp in Brazil. This article has been indexed…