DoorDash, the food delivery platform serving millions of customers across the U.S., Canada, Australia, and New Zealand, recently disclosed The post Doordash Hit By October User Data Breach first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Hackers Breach NY State Texting Service
Hackers achieved an extremely rare feat by successfully taking over the operation of Mobile Commons, a legitimate bulk text messaging The post Hackers Breach NY State Texting Service first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Akira Ransomware Made 244 Million Dollars
The Akira ransomware group has been identified as a highly prolific and financially successful threat actor, having generated over $244 million The post Akira Ransomware Made 244 Million Dollars first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
Claude AI Linked To Chinese Espionage
A state-sponsored threat actor, believed to be based in China, executed a large-scale espionage campaign that exploited Anthropic’s Claude Code The post Claude AI Linked To Chinese Espionage first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Skripal Hacker Arrested In Thailand
Thai police have reportedly detained a Russian man in Phuket who is believed to be a “world class” hacker and an agent for Russia’s GRU military intelligence The post Skripal Hacker Arrested In Thailand first appeared on CyberMaterial. This article…
IT Security News Hourly Summary 2025-11-14 15h : 5 posts
5 posts were published in the last hour 13:34 : Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser 13:34 : RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR 13:34 : Critical FortiWeb…
Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser
Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol (MCP) servers. Unlike VS Code, Cursor lacks integrity checks on its runtime components, making it…
RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR
Elastic Security Labs has uncovered a sophisticated campaign deploying a newly identified loader, dubbed RONINGLOADER, that weaponizes legitimately signed kernel drivers to systematically disable Microsoft Defender and evade endpoint detection and response (EDR) tools. Attributed to the Dragon Breath APT…
Critical FortiWeb flaw under attack, allowing complete compromise
A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in Fortinet FortiWeb WAF that allows full device takeover. The cybersecurity vendor addressed the…
Checkout.com Discloses Data Breach After Extortion Attempt
The information was stolen from a legacy cloud file storage system, not from its payment processing platform. The post Checkout.com Discloses Data Breach After Extortion Attempt appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
EasyDMARC Integrates with Splunk
Originally published at EasyDMARC Integrates with Splunk by EasyDMARC. Streamline security monitoring. Centralize email threat data. EasyDMARC … The post EasyDMARC Integrates with Splunk appeared first on EasyDMARC. The post EasyDMARC Integrates with Splunk appeared first on Security Boulevard. This…
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and installing ransomware. Security researchers have uncovered an active malware distribution operation using…
NVIDIA NeMo Flaw Enables Code Injection and Privilege Escalation Attacks
NVIDIA has released critical security patches addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute arbitrary code and escalate privileges on affected systems. The vulnerabilities affect all versions of the framework before 2.5.0, and users…
Threat Actors Leverage JSON Storage Services to Host and Deliver Malware Via Trojanized Code Projects
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors abuse legitimate JSON storage services to deliver malware to software developers. The campaign, known as Contagious Interview, represents a significant shift in how attackers are concealing malicious payloads within seemingly…
Your passport, now on your iPhone. Helpful or risky?
Apple’s Digital ID makes travel smoother and saves you from digging for documents, but it comes with privacy and security trade-offs. We break down the pros and cons. This article has been indexed from Malwarebytes Read the original article: Your…
Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack
The media company admitted that cybercriminals attempted to extort a payment after stealing personal information. The post Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Advanced macOS DigitStealer Uses Multi-Stage Attack Chain to Evade Detection
Jamf Threat Labs has identified a new family of malicious stealers tracked as DigitStealer, representing a significant evolution in macOS-targeted malware. Unlike traditional infostealers that follow linear execution paths, DigitStealer introduced sophisticated multi-stage attack techniques, extensive anti-analysis checks, and novel…
Akira Ransomware Group Made $244 Million in Ransom Proceeds
Akira was seen exploiting SonicWall vulnerabilities and encrypting Nutanix Acropolis Hypervisor (AHV) VM disk files this year. The post Akira Ransomware Group Made $244 Million in Ransom Proceeds appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Europe struggles with record-breaking spike in ransomware attacks
Europe is increasingly being targeted by ransomware groups, driving attacks to unprecedented levels as criminal operations become more industrialised and sophisticated. Threat actors have established themselves in this region as a prime hunting ground, and are now relying on…
A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn
A suspected (but currently unidentified) zero-day vulnerability in Fortinet FortiWeb is being exploited by unauthenticated attackers to create new admin accounts on vulnerable, internet-facing devices. Whether intentionally or accidentally, the vulnerability (or this specific path for triggering it) has been…
Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code
Anthropic’s Claude Code AI assistant performed 80% to 90% of the tasks involved in a recent cyber-attack campaign, said Anthropic researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code
Formbook Malware Campaign Uses Malicious ZIP Files and Layered Scripting Techniques
A new campaign leveraging Formbook malware has emerged, showcasing sophisticated multi-stage infection tactics that underscore the importance of analyzing more than just executable files during malware investigations. When teaching malware reverse-engineering in courses like SANS FOR610, it’s critical to addressed…
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors
The Washington Post has publicly disclosed a significant data breach involving external hacking of its Oracle E-Suite system, impacting over 9,700 employees and contractors worldwide. The breach notification, filed with Maine’s Attorney General, reveals the incident occurred on July 10,…
Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years
Security researcher Paul McCarty uncovered a significant coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, as it has been named, consists of more than 43,000 spam packages published across at least eleven user accounts over almost two years.…