Build a digital backbone faster than adversaries can evolve or lose the information war NATO is in an existential race to develop sovereign cloud-based technologies to underpin its mission, the alliance’s Assistant Secretary General for Cyber and Digital Transformation told…
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky. The Russian cybersecurity vendor said it detected the new activity in October 2025. The origins of…
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine. The activity, observed by Recorded Future’s Insikt…
New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs
A novel attack technique dubbed ”Lies-in-the-Loop” (LITL) has been observed manipulating human approval prompts in agentic AI systems This article has been indexed from www.infosecurity-magazine.com Read the original article: New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs
New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware
Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can…
Google Chrome Extension is Intercepting Millions of Users’ AI Chats
A Chrome browser extension with 6 million users, as well as seven other Chrome and Edge extensions, for months have been silently collecting data from every AI chatbot conversion, packaging it, and then selling it to third parties like advertisers…
Actively Exploited Fortinet Flaws Enable Security Appliance Takeover
Attackers are actively exploiting Fortinet flaws to bypass authentication and take over security appliances. The post Actively Exploited Fortinet Flaws Enable Security Appliance Takeover appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
NATO’s battle for cloud sovereignty: speed is existential
Build a digital backbone faster than adversaries can evovle or lose the information war NATO is in an existential race to develop sovereign cloud based technologies to underpin its mission, the alliance’s Assistant Secretary General for Cyber and Digital Transformation…
Fix SOC Blind Spots: Real-Time Industry & Country Threat Visibility
Modern SOCs are now grappling with a massive visibility problem, essentially “driving through fog” but now with their headlights dimming rapidly. The playbook for many teams is still looking back: analysts wait for an alert to fire, investigate the incident, and…
Chinese Hackers Using Custom ShadowPad IIS Listener Module to Turn Compromised Servers into Active Nodes
The group employs a custom ShadowPad IIS Listener module to transform compromised servers into a resilient, distributed relay network. This approach allows attackers to route malicious traffic through victim infrastructure, effectively turning hacked organizations into a mesh of command-and-control nodes.…
Microsoft Asks IT Admins to Contact for Fix Related to Windows IIS Failure Issues
Microsoft has confirmed that its December 2025 Windows security update (KB5071546, OS Build 19045.6691) is causing Message Queuing (MSMQ) failures, leading to widespread IIS site crashes. First reported on December 12 and last updated December 16, the problem manifests under…
Rockrose Development Notifies Over 47,000 People of July 2025 Data Breach Linked to Play Ransomware Gang
Rockrose Development confirmed over the weekend that it has notified 47,392 individuals about a data breach that occurred in July 2025. The incident exposed sensitive personal information belonging to both residents and employees. According to the company, the compromised…
Critical FreePBX Vulnerabilities Expose Authentication Bypass and Remote Code Execution Risks
Researchers at Horizon3.ai have uncovered several security vulnerabilities within FreePBX, an open-source private branch exchange platform. Among them, one severity flaw could be exploited to bypass authentication if very specific configurations are enabled. The issues were disclosed privately to…
Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)
Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf researchers warned on Tuesday. Configuration files can expose information about the…
ISACA Named Global Credentialing Authority for DoD’s CMMC Program
ISACA has been appointed by the US DoD as the global credentialing authority for its CMMC program This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA Named Global Credentialing Authority for DoD’s CMMC Program
IT Security News Hourly Summary 2025-12-17 15h : 5 posts
5 posts were published in the last hour 14:3 : Inside a purchase order PDF phishing campaign 14:3 : Microsoft security updates breaks MSMQ on older Win systems 14:2 : NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft…
Inside a purchase order PDF phishing campaign
A “purchase order” PDF blocked by Malwarebytes led to a credential-harvesting phishing site. So we analyzed the attack and where the data went next. This article has been indexed from Malwarebytes Read the original article: Inside a purchase order PDF…
Microsoft security updates breaks MSMQ on older Win systems
Folder permission changes cause queue failures and misleading error messages, no real fix yet Microsoft has good news for administrators: while some organizations now pay for security updates on older Windows versions, the inconsistent quality remains free.… This article has…
NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft
The trucking industry group has released its 2026 Transportation Industry Cybersecurity Trends Report. The post NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
New Feature | Spamhaus Reputation Checker: Troubleshoot your listing
It’s not always immediately clear why your IP has been listed or how to fix it. To help, we’ve added a new “troubleshooting” step to the IP & Domain Reputation Checker, specifically for those whose IPs have been listed on…
The 12 Months of Innovation: How Salt Security Helped Rewrite API & AI Security in 2025
As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific – the year APIs, AI agents, and MCP…
Askul data breach exposed over 700,000 records after ransomware attack
Askul disclosed that an October RansomHouse ransomware attack compromised over 700,000 records at the Japanese e-commerce and logistics firm. Askul is a Japanese e-commerce and logistics company best known for supplying office products, stationery, IT equipment, and everyday business consumables…
Partnering with Precision in 2026
Partnering with precision, Palo Alto Networks focuses on deeper integration, built-in AI and a growth-focused ecosystem to secure the future. The post Partnering with Precision in 2026 appeared first on Palo Alto Networks Blog. This article has been indexed from…
CISA Warns of Gladinet CentreStack and Triofox Vulnerability Exploited in Attacks
CISA issued a critical warning regarding a hardcoded cryptographic key vulnerability affecting Gladinet CentreStack and Triofox file management solutions. The vulnerability, tracked as CVE-2025-14611, poses significant risks to organizations using these widely deployed enterprise file-sharing platforms. The flaw lies in…