CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently being exploited in the wild. This flaw allows local adversaries to bypass access controls and execute arbitrary commands as…
Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results
Researchers found more methods for tricking an AI assistant into aiding sensitive data theft. The post Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
CISA says it will fill the gap as some federal funding for MS-ISAC dries up
The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the agency has announced on Monday, and CISA will take it upon itself to offer support to US…
New Android RAT Klopatra Targets Financial Data
New Android RAT Klopatra is targeting financial institutions using advanced evasion techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: New Android RAT Klopatra Targets Financial Data
Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations
Written by: Omar ElAhdan, Matthew McWhirt, Michael Rudden, Aswad Robinson, Bhavesh Dhake, Laith Al Background Protecting software-as-a-service (SaaS) platforms and applications requires a comprehensive security strategy. Drawing from analysis of…
New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite
China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the Middle East, and Asia, deploying a newly discovered .NET malware suite called NET-STAR. First tracked by Unit 42 in June…
Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload
Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying a new PowerShell-based loader that abuses Windows Scheduled Tasks to execute its final payload. Active since at least 2015 and…
IT Security News Hourly Summary 2025-09-30 15h : 20 posts
20 posts were published in the last hour 13:3 : Learning from the Inevitable 13:3 : New Android Banking Trojan Uses Hidden VNC for Full Remote Control of Devices 13:3 : Beer Maker Asahi Shuts Down Production Due to Cyberattack…
Google’s Latest AI Ransomware Defense Only Goes So Far
Google has launched a new AI-based protection in Drive for desktop that can shut down an attack before it spreads—but its benefits have their limits. This article has been indexed from Security Latest Read the original article: Google’s Latest AI…
UK convicts Chinese national in £5.5B crypto fraud, marks world’s largest Bitcoin seizure
A Chinese national was convicted in the UK for crypto fraud as police seized £5.5B (61,000 Bitcoin), the world’s largest cryptocurrency seizure. UK authorities raided the London home of Chinese national Zhimin Qian (47), also known as Yadi Zhang, and…
Why Threat-Led Defense & Adversary Behavior Are Driving Security Priorities
Security teams used to set priorities based on vulnerabilities and assets. They would monitor CVE feeds, build patch schedules, and measure success by the number of exposures closed. This work is vital to operational security, but it doesn’t always align…
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is…
Stop Alert Chaos: Context Is the Key to Effective Incident Response
The Problem: Legacy SOCs and Endless Alert Noise Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine, analysts scrambling to keep pace. The harder they try to scale people or buy…
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it’s also releasing a…
Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits
Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google’s Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft. “They made Gemini vulnerable to search-injection attacks on its Search…
Hackers Use Cellular Router API to Send Malicious SMS with Weaponized Links
The monitoring and analysis of vulnerability exploitations are among the primary responsibilities of Sekoia.io’s Threat Detection & Research (TDR) team. Using honeypots, the team monitors traffic targeting edge devices and internet-facing applications. On 22 July 2025, suspicious network traces appeared…
Hackers Posing as Google Careers Recruiter to Steal Gmail Login Details
An emerging phishing campaign is targeting job seekers by masquerading as Google Careers recruiters, delivering seemingly legitimate emails that lead victims to malicious sites designed to harvest Gmail credentials. Security researchers have uncovered a sophisticated multi-stage attack that leverages Salesforce…
The Rising Cyber Threat to Manufacturing: A Call to Action for Executives
Key Insights Manufacturing faces an average of 1,585 weekly attacks per organization, a 30% year-over-year increase. Ransomware remains the dominant threat, with incidents costing hundreds of millions in losses and in some cases forcing insolvency. Supply chain connectivity magnifies risk.…
Beer Brewing Giant Asahi Halts Production Following Cyberattack
Japanese beverage conglomerate Asahi Group Holdings has halted production at its domestic factories following a significant cyberattack that crippled its systems on Monday. A company spokesperson confirmed on Tuesday that production has not resumed and that there is no foreseeable…
Lunar Spider Infected Windows Machine in Single Click to Harvest Login Credentials
Lunar Spider, a newly observed malware strain, has emerged as a potent threat to Windows environments by compromising systems in a single click. First detected in mid-September 2025, its operators have quickly refined delivery and payload strategies to evade traditional…
Tesla’s Telematics Control Unit Vulnerability Let Attackers Gain Code Execution as Root
A security vulnerability in Tesla’s Telematics Control Unit (TCU) allowed attackers with physical access to bypass security measures and gain full root-level code execution. The flaw stemmed from an incomplete lockdown of the Android Debug Bridge (ADB) on an external…
Linux 6.17 Released With Fix for use-after-free Vulnerabilities
Linus Torvalds has announced the release of Linux Kernel 6.17, a new version focused on stability and incremental improvements rather than groundbreaking features. The update brings a host of bug fixes, security enhancements, and driver updates across various subsystems. In…
Empowering defenders in the era of agentic AI with Microsoft Sentinel
Microsoft Sentinel is expanding into an agentic platform with general availability of the Sentinel data lake, and the public preview of Sentinel graph and Sentinel Model Context Protocol (MCP) server. The post Empowering defenders in the era of agentic AI with Microsoft Sentinel appeared…
US Cuts Federal Funding for MS-ISAC Cybersecurity Program
The Trump administration wants CISA to transition to a “new model” for supporting local government agencies’ cyber strategy This article has been indexed from www.infosecurity-magazine.com Read the original article: US Cuts Federal Funding for MS-ISAC Cybersecurity Program