Hackers are turning to Evilginx, a powerful adversary-in-the-middle tool, to get around multi-factor authentication and take over cloud accounts. The framework acts as a reverse proxy between the victim and real single sign-on pages, so the login screen looks and…
Ukraine Hackers Attacking Russian Aerospace Companies and Other Defence-Related Sectors
Ukraine-linked hackers are stepping up cyberattacks against Russian aerospace and wider defence-related companies, using new custom malware to steal designs, schedules, and internal emails. The campaign targets both prime contractors and smaller suppliers, aiming to map production chains and expose…
Nisos Details Earlier Signs of Insider Detection via Authentication and Access Controls
Insider threats remain one of the most challenging security problems that organizations face today. These threats typically do not show obvious warning signs at first. Instead, they reveal themselves through small, unusual activities that often blend into normal daily operations.…
Rapidly Evolving Arkanix Stealer Hits Credentials and Wallets
Arkanix Stealer is a fast-evolving infostealer spreading through Discord to harvest credentials, wallets, and system data. The post Rapidly Evolving Arkanix Stealer Hits Credentials and Wallets appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
IT Security News Hourly Summary 2025-12-02 21h : 7 posts
7 posts were published in the last hour 20:2 : 100,000 WordPress Sites Affected by Remote Code Execution Vulnerability in Advanced Custom Fields: Extended WordPress Plugin 19:32 : 2025-11-10: Ten days of scans and probes and web traffic hitting my…
100,000 WordPress Sites Affected by Remote Code Execution Vulnerability in Advanced Custom Fields: Extended WordPress Plugin
On November 18th, 2025, we received a submission for an unauthenticated Remote Code Execution vulnerability in Advanced Custom Fields: Extended, a WordPress plugin with more than 100,000 active installations. This vulnerability can be leveraged to execute code remotely. The post…
2025-11-10: Ten days of scans and probes and web traffic hitting my web server
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-11-10: Ten days of scans and probes and web…
2025-11-23: Ten days of scans and probes and web traffic hitting my web server
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-11-23: Ten days of scans and probes and web…
Your Data Might Determine How Much You Pay for Eggs
A newly enacted New York law requires retailers to say whether your data influences the price of basic goods like a dozen eggs or toilet paper, but not how. This article has been indexed from Security Latest Read the original…
Researchers Expose Lazarus Recruitment Pipeline Live on Camera Through Honeypot Operation
A collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has provided unprecedented visibility into how North Korean threat actors from the Lazarus Group recruit and operate against Western companies. Researchers documented the complete attack cycle in real-time,…
Water Saci Hackers Leveraging AI Tools to Attack WhatsApp Web Users
Cybercriminals targeting Brazilian users have aggressively escalated their tactics, launching a highly sophisticated campaign dubbed “Water Saci.” This new wave of attacks weaponizes WhatsApp Web, a platform implicitly trusted by millions, to deliver banking trojans and steal sensitive financial data.…
Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials
A new type of phishing attack that combines two different phishing kits: Salty2FA and Tycoon2FA. This marks a significant change in the Phishing-as-a-Service (PhaaS) landscape. While phishing kits typically maintain unique signatures in their code and delivery mechanisms, recent campaigns…
Two Android 0-day bugs disclosed and fixed, plus 105 more to patch
Christmas comes early for attackers this year Two high-severity Android bugs were exploited as zero-days before Google issued a fix, according to its December Android security bulletin. … This article has been indexed from The Register – Security Read the original…
Undetected Firefox WebAssembly Flaw Put 180 Million Users at Risk
Cybersecurity startup Aisle discovered a subtle but dangerous coding error in a Firefox WebAssembly implementation sat undetected for six months despite being shipped with a regression testing capability created by Mozilla to find such a problem. The post Undetected Firefox…
India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse
India’s Department of Telecommunications (DoT) has issued directions to app-based communication service providers to ensure that the platforms cannot be used without an active SIM card linked to the user’s mobile number. To that end, messaging apps like WhatsApp, Telegram,…
Everest Ransomware Claims ASUS Breach and 1TB Data Theft
Everest ransomware group claims it breached ASUS, stealing over 1TB of data including camera source code. ASUS has been given 21 hours to respond via Qtox. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI,…
How to build forward-thinking cybersecurity teams for tomorrow
To secure the future, we must future-proof our cybersecurity talent and develop teams that are agile, innovative, and perpetually learning. The post How to build forward-thinking cybersecurity teams for tomorrow appeared first on Microsoft Security Blog. This article has been…
“Sleeper” browser extensions woke up as spyware on 4 million devices
After seven years of acting like normal add-ons, five popular Chrome and Edge extensions with millions of installs suddenly turned malicious. This article has been indexed from Malwarebytes Read the original article: “Sleeper” browser extensions woke up as spyware on…
Stealth RCE in Codex Exposes Developer Workflows
A Codex CLI flaw lets attackers turn simple repo files into hidden execution triggers. The post Stealth RCE in Codex Exposes Developer Workflows appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
University of Pennsylvania joins list of victims from Clop’s Oracle EBS raid
Ivy League school warns more than 1,400 people after attackers siphon data via zero-day The University of Pennsylvania has become the latest victim of Clop’s smash-and-grab spree against Oracle’s E-Business Suite (EBS) customers, with the Ivy League school now warning…
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
As we look at the remainder of 2025 and beyond, the pace and sophistication of cyber attacks targeting the financial sector show no signs of slowing. In fact, based on research from Check Point’s Q2 Ransomware Report, the financial cybersecurity…
Closing the Document Security Gap: Why Document Workflows Must Be Part of Cybersecurity
Organizations are spending more than ever on cybersecurity, layering defenses around networks, endpoints, and applications. Yet a company’s documents, one of the most fundamental business assets, remains an overlooked weak spot. Documents flow across every department, cross company boundaries, and…
ServiceNow to Acquire Identity Security Firm Veza
ServiceNow Inc. announced on Tuesday plans to acquire Veza in a move aimed at fortifying security for identity and access management. The acquisition will integrate Veza’s technology into ServiceNow’s Security and Risk portfolios, helping organizations monitor and control access to…
Security’s Next Control Plane: The Rise of Pipeline-First Architecture
For years, security operations have relied on monolithic architectures built around centralized collectors, rigid forwarding chains, and a single “system of record” where all data must land before action can be taken. On paper, that design promised simplicity and control.…