The malware now uses a four-stage infection chain, has an additional persistence mechanism, and also targets Firefox browser data. The post New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner
FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer (data theft) and PureMiner (cryptojacking) to Windows PCs. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI &…
Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters
A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters—three of the most notorious English-speaking cybercrime groups—have increasingly blurred their lines through shared tactics, overlapping membership, and joint…
Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’
During Proofpoint Protect 2025, company leaders detailed how AI is being used in phishing trends and in cyber-defense tactics. The post Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’ appeared first on TechRepublic. This article has been indexed…
UK to roll out mandatory digital ID for right to work by 2029
Prime Minister Starmer revives controversial scheme despite past denials, sparking civil liberties backlash The UK government plans to issue all legal residents a digital identity by the end of the current Parliament, which could run until August 2029, with its…
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module
Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks. “This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the…
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure
Cybersecurity company watchTowr Labs has disclosed that it has “credible evidence” of active exploitation of the recently disclosed security flaw in Fortra GoAnywhere Managed File Transfer (MFT) software as early as September 10, 2025, a whole week before it was…
Interpol Cracks Down on Large-Scale African Scamming Networks
The effort, named Operation Contender 3.0, led to the arrest of 260 suspected cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol Cracks Down on Large-Scale African Scamming Networks
Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise
Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of Windows domains, storing account data, group policies, and password hashes. Compromise of its core file…
JLR Begins Phased Restart of Operations After Cyber-Attack
JLR said it is in a position to start clearing its backlog of payments for suppliers, while its parts logistics center is returning to full operations This article has been indexed from www.infosecurity-magazine.com Read the original article: JLR Begins Phased…
Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software is being actively exploited in the wild. Tracked as CVE-2025-20333, this remote code execution flaw allows an authenticated attacker…
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After…
Critical Cisco Vulnerability Let Remote Attackers Execute Arbitrary Code on Firewalls and Routers
Cisco warns of a Critical remote code execution flaw in web services across multiple Cisco platforms. Tracked as CVE-2025-20363 (CWE-122), this vulnerability carries a CVSS 3.1 Base Score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) and impacts ASA, FTD, IOS, IOS XE, and IOS…
Brits warned as illegal robo-callers with offshored call centers fined half a million
It’s amazing the number of calls Jo, Helen, and Ian get through The UK’s data protection watchdog fined two Brit businesses with offshore call centers £550,000 (c $735,000) over illegal automated marketing calls.… This article has been indexed from The…
Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day
Eight days before patches, a threat actor exploited CVE-2025-10035 as a zero-day to create a backdoor admin account. The post Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Hackers Exploit Cisco ASA 0-Day to Deploy RayInitiator and LINE VIPER Malware
Security teams worldwide have been warned after attackers began exploiting a newly discovered zero-day vulnerability in Cisco Adaptive Security Appliance (ASA) 5500-X Series firewalls. The breach allows hackers to deploy sophisticated malware, dubbed RayInitiator and LINE VIPER, potentially giving them full control of…
The quantum internet just went live on Verizon’s network
Penn engineers have taken quantum networking from the lab to Verizon’s live fiber network, using a silicon “Q-chip” that speaks the same Internet Protocol as the modern web. The system pairs classical and quantum signals like a train engine with…
The New Perimeter is Your Supply Chain
Alan examines why the software supply chain has become the new perimeter in cloud-native security. From SBOMs to SLSA and Sigstore, discover how leaders can defend against attacks that target dependencies, pipelines and trusted updates. The post The New Perimeter…
New LockBit Ransomware Variant Emerges as Most Dangerous Yet
Trend Micro highlighted the new LockBit version’s improved technical improvements and cross-platform functionality compared to previous iterations This article has been indexed from www.infosecurity-magazine.com Read the original article: New LockBit Ransomware Variant Emerges as Most Dangerous Yet
JLR Says Some Systems Back Online After Attack
Jaguar Land Rover says some digital systems restored after cyber-incident, helping to support cash flow to vast UK supplier network This article has been indexed from Silicon UK Read the original article: JLR Says Some Systems Back Online After Attack
LAMEHUG: An LLM-Driven Malware for Dynamic Reconnaissance and Data Exfiltration
A novel AI-driven threat leverages LLMs on Hugging Face to execute adaptive reconnaissance and data exfiltration in real time. Rather than relying on static scripts or prewritten payloads, LAMEHUG dynamically queries a Qwen 2.5-Coder-32B-Instruct model via the Hugging Face API…
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use of the Go-based backdoor BRICKSTORM to maintain persistence in U.S. organizations…
Cisco ASA 0-Day RCE Vulnerability Actively Exploited in the Wild
Cisco has issued an emergency security advisory warning of active exploitation of a critical zero-day vulnerability in its Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) software platforms. The vulnerability, tracked as CVE-2025-20333, carries a maximum…
Hackers Exploiting Cisco ASA Zero-Day to Deploy RayInitiator and LINE VIPER Malware
Cybersecurity authorities are urging organizations to take immediate action following the discovery of a sophisticated espionage campaign targeting Cisco Adaptive Security Appliance (ASA) firewalls. In a significant update, Cisco and the UK’s National Cyber Security Centre (NCSC) have revealed that…