A weak spot in WhatsApp’s API allowed researchers to scrape data linked to 3.5 billion registered accounts, including profile photos and “about” text. This article has been indexed from Malwarebytes Read the original article: WhatsApp closes loophole that let researchers…
CISA warns spyware crews are breaking into Signal and WhatsApp accounts
Attackers sidestep encryption with spoofed apps and zero-click exploits to compromise ‘high-value’ mobile users CISA has warned that state-backed snoops and cyber-mercenaries are actively abusing commercial spyware to break into Signal and WhatsApp accounts, hijack devices, and quietly rummage through…
Fake “Windows Update” screens fuels new wave of ClickFix attacks
A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery chain with some offbeat techniques, and infostealer operators have everything they need to slip past…
The Dual-Use Dilemma of AI: Malicious LLMs
The line between research tool and threat creation engine is thin. We examine the capabilities of WormGPT 4 and KawaiiGPT, two malicious LLMs. The post The Dual-Use Dilemma of AI: Malicious LLMs appeared first on Unit 42. This article has…
Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware
Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an information stealer known as StealC V2. “This ongoing operation, active for at least six months, involves implanting malicious .blend files on platforms…
3 SOC Challenges You Need to Solve Before 2026
2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their primary weapon, using it to scale attacks, automate reconnaissance, and craft hyper-realistic social engineering campaigns. The Storm on the Horizon…
Russian spy ship theories sink after Orkney blackout traced to wind farm fault
Timing of Yantar’s visit sparked gossip, but engineers point to a misbehaving protection system Cock-up beats conspiracy most of the time, but that didn’t stop Orkney residents wondering if a Russian warship caused their two-hour power cut.… This article has…
AI and Deepfake-Powered Fraud Skyrockets Amid Identity Fraud Stagnation
In its latest annual identity fraud report, Sumsub observed a “sophistication shift” in global fraud trends This article has been indexed from www.infosecurity-magazine.com Read the original article: AI and Deepfake-Powered Fraud Skyrockets Amid Identity Fraud Stagnation
IT Security News Hourly Summary 2025-11-25 12h : 7 posts
7 posts were published in the last hour 11:2 : Italian Police Raid Amazon Sites In Customs Probe 11:2 : 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack 11:2 : NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy…
Italian Police Raid Amazon Sites In Customs Probe
Police in Italy raid Amazon headquarters in Milan and Bergamo logistics centre in ongoing probe over customs and tax evasion charges This article has been indexed from Silicon UK Read the original article: Italian Police Raid Amazon Sites In Customs…
640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack
The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories. The post 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack appeared first on SecurityWeek. This article has been indexed…
NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation
SANTA CLARA, Calif., Nov 25, 2025 – Recently, NSFOCUS Generative Pre-trained Transformer (NSFGPT) and Intelligent Security Operations Platform (NSFOCUS ISOP) were recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Global Competitive Strategy Leadership for…
Nevada’s Trojan Download, Penn’s 1.2M Donor Breach, and the Malware That Kills Your Defenses First
In Nevada, a state employee downloaded what looked like a harmless tool from a search ad. The file had been tampered with, and that single moment opened the door to months of silent attacker movement across more than 60 agencies. …
Mounting Cyber-Threats Prompt Calls For Economic Security Bill
MPs in the UK want a new economic security regime to tackle cyber and related threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Mounting Cyber-Threats Prompt Calls For Economic Security Bill
Comcast To Pay $1.5m Over Vendor Data Breach
Comcast settlement with US FCC sees it pay $1.5m fine after breach of debt collection firm leaked thousands of customers’ personal data This article has been indexed from Silicon UK Read the original article: Comcast To Pay $1.5m Over Vendor…
Microsoft cracks down on malicious meeting invites
Phishing is shifting into places people rarely check. Meeting invites that plant themselves on calendars can survive long after the malicious email is gone. That leaves a quiet opening for attackers. Microsoft has updated Defender for Office 365 so that…
Meta ‘Halted’ Internal Study On Harmful Effects
Meta allegedly halted internal research that showed people who stopped using Facebook for a week became less depressed and anxious This article has been indexed from Silicon UK Read the original article: Meta ‘Halted’ Internal Study On Harmful Effects
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by the notorious Clop ransomware gang, has impacted dozens of major organizations worldwide. The…
ZTE, China Unicom Liaoning and Dalian Changhai Airport launch 5G-A ISAC private network to elevate low-altitude security and airport safety
Millimeter-wave ISAC and edge AI create unified sensing-communication capabilities for next-generation low-altitude security This article has been indexed from The Register – Security Read the original article: ZTE, China Unicom Liaoning and Dalian Changhai Airport launch 5G-A ISAC private network…
New Shai-Hulud Worm Spells Trouble For npm Users
A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows This article has been indexed from www.infosecurity-magazine.com Read the original article: New Shai-Hulud Worm Spells Trouble For npm Users
China’s CXMT Debuts DRAM Chips For AI Data Centres
DDR5 DRAM range from China’s CXMT aimed at high-end data centre market challenges offerings from Samsung, SK Hynix, Micron This article has been indexed from Silicon UK Read the original article: China’s CXMT Debuts DRAM Chips For AI Data Centres
French Union Challenges Amazon Satellite Broadband Licence
French telecoms trade union asks court to annul regulator’s spectrum licence award to Amazon’s satellite network over competition issues This article has been indexed from Silicon UK Read the original article: French Union Challenges Amazon Satellite Broadband Licence
SitusAMC confirms data breach affecting customer information
SitusAMC says a recent breach exposed customer data; the real-estate financing firm provides back-office services for banks and lenders. SitusAMC, a leading real-estate financing services provider for banks and lenders, disclosed a data breach discovered earlier this month that exposed…
Imperva Named a Leader in KuppingerCole’s Leadership Compass 2025 for Web Application and API Protection
In the latest 2025 KuppingerCole Leadership Compass for Web Application and API Protection (WAAP), Imperva has once again secured a Leadership position; a testament to our unwavering commitment to protecting the modern digital experience. Why This Report Matters The WAAP…