Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with schemes that shift through accounts, intermediaries, and digital channels. A new academic…
PyStoreRAT Campaign Uses Fake GitHub Projects to Target OSINT and IT Professionals
Cybersecurity researchers have identified a previously undocumented malware operation that leverages GitHub to distribute a threat known as PyStoreRAT. The campaign primarily targets individuals working in information technology, cybersecurity, and open-source intelligence research, exploiting their reliance on open-source tools.…
Zabbix: Open-source IT and OT observability solution
Zabbix is an open source monitoring platform designed to track the availability, performance, and integrity of IT environments. It monitors networks along with servers, virtual machines, applications, services, databases, websites, and cloud resources. For cybersecurity professionals, this visibility matters because…
React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach
In this episode of Cybersecurity Today, host Jim Love discusses a range of pressing cybersecurity threats. The show covers the escalating React2Shell vulnerability, which has led to widespread automated exploitation campaigns involving crypto miners and back doors. Additionally, Jim reports…
How exposure management changes cyber defense
In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story. Drawing on his work as an incident responder, engagement manager, and ransomware negotiator, he…
AI breaks the old security playbook
AI has moved into enterprise operations faster than many security programs expected. It is embedded in workflows, physical systems, and core infrastructure. Some AI tools reach hundreds of millions of users each week. Inference costs have fallen 280 fold, but…
What is the Difference Between LDAP and Single Sign-On?
Explore the differences between LDAP and Single Sign-On (SSO) for user authentication. Understand their use cases, benefits, and how they fit into your enterprise security strategy. The post What is the Difference Between LDAP and Single Sign-On? appeared first on…
Assura Named to MSSP Alert and Cyber Alliance’s 2025 “Top 250 MSSPs,” Ranking at Number 94
FOR IMMEDIATE RELEASE Richmond, VA — December 11, 2025 — Assura is proud to announce that it has been named to the MSSP Alert and CyberRisk Alliance partnership’s prestigious Top 250 MSSPs list for 2025, securing the #94 position among the world’s leading Managed…
IT Security News Hourly Summary 2025-12-17 03h : 1 posts
1 posts were published in the last hour 2:2 : ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th)
ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, December 17th, 2025…
A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations
A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, over the weekend, disrupting its export operations. Venezuela’s state oil company PDVSA was hit by a cyberattack over the weekend that disrupted export operations. The company says the…
Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene
Cyber hygiene is just as vital as personal hygiene. Unit 42 shares tips for people of all experience levels to keep their digital lives secure. The post Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene appeared…
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
GuardDuty extended threat detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations.… This article has been indexed from The Register –…
IT Security News Hourly Summary 2025-12-17 00h : 4 posts
4 posts were published in the last hour 23:3 : SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users 22:55 : IT Security News Daily Summary 2025-12-16 22:34 : Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw 22:34 :…
SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users
SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with follow-up DoS attacks by unnamed attackers while media reports allege involvement of ShinyHunters. This article has been indexed from Hackread…
IT Security News Daily Summary 2025-12-16
141 posts were published in the last hour 22:34 : Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw 22:34 : Cryptomining campaign targeting Amazon EC2 and Amazon ECS 22:2 : Azure CLI Trust Abused in ConsentFix Account Takeovers 22:2 :…
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. The post Google Finds Five China-Nexus Groups Exploiting React2Shell…
Cryptomining campaign targeting Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
Azure CLI Trust Abused in ConsentFix Account Takeovers
ConsentFix abuses trusted Azure CLI OAuth flows to hijack Microsoft accounts without passwords or MFA. The post Azure CLI Trust Abused in ConsentFix Account Takeovers appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Analytics provider: We didn’t expose smut site data to crims
An employee of the adult site could be responsible. Analytics vendor Mixpanel says it is not the source of data stolen from Pornhub and says the info was last accessed by an employee of the adult site.… This article has…
APT-C-35 Infrastructure Activity Leveraged Using Apache HTTP Response Indicators
A significant discovery in threat intelligence reveals that APT-C-35, commonly known as DoNot, continues to maintain an active infrastructure footprint across the internet. Security researchers have identified new infrastructure clusters linked to this India-based threat group, which has long been…
Browser ‘privacy’ extensions have eye on your AI, log all your chats
More than 8 million people have installed extensions that eavesdrop on chatbot interactions Ad blockers and VPNs are supposed to protect your privacy, but four popular browser extensions have been doing just the opposite. According to research from Koi Security,…