Luma Infostealer, a malware-as-a-service (MaaS) offering, has emerged as a potent threat targeting high-value credentials such as web browser cookies, cryptocurrency wallets, and VPN/RDP account information. Beyond isolated theft, threat actors are employing Luma in the initial infiltration stages of…
Amazon identifies the issue that broke much of the internet, but is still working to restore services
The outage affected websites like Coinbase and Fortnite, and disrupted services like Signal, Zoom, and Amazon’s own products, including Ring. This article has been indexed from Security News | TechCrunch Read the original article: Amazon identifies the issue that broke…
LANSCOPE Endpoint Manager Vulnerability Let Attackers Execute Remote Code
Motex has disclosed a severe remote code execution vulnerability in its LANSCOPE Endpoint Manager On-Premise Edition. Assigned CVE-2025-61932, the flaw carries a CVSS 3.0 score of 9.8, classifying it as an emergency-level threat. This vulnerability could allow attackers to execute…
New LOSTKEYS Malware Linked to Russia State-Sponsored Hacker Group COLDRIVER
Over the summer of 2025, a novel malware family emerged following the public disclosure of the LOSTKEYS implant. This new strain was rapidly weaponized in a series of highly targeted campaigns against policy advisors, non-governmental organizations, and dissidents. Leveraging a…
CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities
Leading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list. The post CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Windows 10 Support Termination Leaves Devices Vulnerable
Microsoft has officially ended support for Windows 10, marking a major shift impacting hundreds of millions of users worldwide. Released in 2015, the operating system will no longer receive free security updates, bug fixes, or technical assistance, leaving all…
IT Security News Hourly Summary 2025-10-21 15h : 12 posts
12 posts were published in the last hour 13:4 : Veeam acquires Securiti AI for $1.725 billion 13:4 : Ransomware Payouts Surge to $3.6m Amid Evolving Tactics 12:34 : Apache Syncope Groovy Flaw Allows Remote Code Injection 12:34 : Decoding…
WhatsApp Worm Infects Devices and Compromises User Banking Information
There has been a troubling revelation in the cybersecurity community that cybercriminals continue to weaponise trusted digital ecosystems by deploying highly sophisticated malware campaigns that use WhatsApp’s messaging platform to infiltrate users throughout Brazil, demonstrating that cybercriminals continue to…
Veeam acquires Securiti AI for $1.725 billion
Veeam Software has signed a definitive agreement to acquire Securiti AI for $1.725 billion. Veeam and Securiti AI unify data resilience with DSPM, privacy, governance, and AI trust spanning production and secondary data. Together, they will help customers understand their…
Ransomware Payouts Surge to $3.6m Amid Evolving Tactics
According to ExtraHop’s latest threat landscape report, average ransomware payments surged 44% to $3.6m in 2025 despite fewer incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Payouts Surge to $3.6m Amid Evolving Tactics
Apache Syncope Groovy Flaw Allows Remote Code Injection
Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential…
Decoding Microsoft 365 Audit Logs Using Bitfield Mapping: An Investigation Report
Understanding exactly how users authenticate to cloud services is crucial for effective security monitoring. A recently refined bitfield mapping technique decodes the opaque UserAuthenticationMethod values in Microsoft 365 audit logs, transforming numeric codes into actionable, human-readable descriptions. This breakthrough empowers…
China-Linked Salt Typhoon breaches European Telecom via Citrix exploit
China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by China-linked APT group Salt Typhoon (also known as Earth Estries, FamousSparrow,…
Dataminr to Acquire ThreatConnect for $290 Million
The goal is to combine Dataminr’s data signals platform with ThreatConnect’s deep internal data capabilities. The post Dataminr to Acquire ThreatConnect for $290 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Dataminr…
From Reactive to Proactive: A New Jersey School District’s Google & Microsoft Security Transformation
How Monmouth Regional High School District’s Tech Team Improved Cybersecurity and Student Safety Using Cloud Monitor At Monmouth Regional High School District in Eatontown, New Jersey, technology touches nearly every part of daily school life. The district serves about 945…
Sendmarc appoints Dan Levinson as Customer Success Director in North America
Wilmington, Delaware, 21st October 2025, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original article: Sendmarc appoints Dan Levinson as Customer Success Director in North America
Official Xubuntu website compromised to serve malware
The official website for Xubuntu, a community-maintained “flavour” of Ubuntu that ships with the Xfce desktop environment, has been compromised to serve Windows malware instead of the Linux distro. The malicious download Reports about a potential compromise began popping up…
Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p
Envoy Air (American Airlines) confirms a breach by CL0P after they exploited the critical CVE-2025-61882 zero-day flaw in Oracle E-Business Suite. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the…
131 Malicious Extensions Targeting WhatsApp Used Found in Chrome Web Store
Over the past several months, cybersecurity researchers have observed a surge of fraudulent Chrome extensions masquerading as legitimate WhatsApp Web automation tools. These 131 rebranded clones, each presenting as distinct offerings, share an identical codebase designed to automate bulk messaging…
New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions
GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First identified on October 17, 2025, GlassWorm hijacks…
Threat Actors Reportedly Marketing Monolock Ransomware on Dark Web Forums
A recent surge in underground cybercrime chatter has shone a spotlight on Monolock Ransomware V1.0, as multiple posts on dark web forums claim that the malicious software is now available for purchase. Cybersecurity researchers monitoring illicit marketplaces report that threat…
Windows update breaks USB support in recovery mode
Microsoft’s October update disabled USB keyboards and mice in Windows Recovery Mode, leaving unlucky users with two problems for the price of one. This article has been indexed from Malwarebytes Read the original article: Windows update breaks USB support in…
Muji’s minimalist calm shattered as ransomware takes down logistics partner
Japanese retailer halts online orders after attack cripples third-party vendor Japanese retailer Muji is suspending online orders after logistics partner Askul was knocked offline by a ransomware attack.… This article has been indexed from The Register – Security Read the…
Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware
The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns. The post Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…