A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
Phantom Stealer Uses ISO Files to Breach Windows Systems
Operation MoneyMount-ISO uses malicious ISO files to deliver Phantom Stealer to Windows. The post Phantom Stealer Uses ISO Files to Breach Windows Systems appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support
Wireshark 4.6.2, the latest version of the leading open-source network protocol analyzer, addresses critical crash vulnerabilities and plugin compatibility issues. This maintenance release prioritizes stability for users in troubleshooting and security analysis. Developers patched two denial-of-service vulnerabilities identified in recent…
AI-Powered Shopping Is Transforming How Consumers Buy Holiday Gifts
Artificial intelligence is emerging with a new dimension in holiday shopping for consumers, going beyond search capabilities into a more proactive role in exploration and decision-making. Rather than endlessly clicking through online shopping sites, consumers are increasingly turning to…
Online Retail Store Coupang Suffers South Korea’s Worst Data Breach, Leak Linked to Former Employee
33.7 million customer data leaked Data breach is an unfortunate attack that businesses often suffer. Failing to address these breaches is even worse as it costs businesses reputational and privacy damage. A breach at Coupang that leaked the data of…
What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts
The internet stayed busy, brittle, and under constant pressure in 2025. Cloudflare’s annual Radar Year in Review offers a wide view of how traffic moved, where attacks clustered, and what failed when systems were stressed. Cloudflare, which operates a large…
Astra introduces offensive-grade cloud vulnerability scanner to cut noise and prove risk
Astra Security announced the launch of its Cloud Vulnerability Scanner, a new solution designed to help organizations continuously maintain validated cloud security. Cloud infrastructures change constantly as teams create new IAM roles, adjust network rules, and deploy new workloads. Quarterly…
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by Horizon3.ai and reported to the project maintainers…
PayPal closes loophole that let scammers send real emails with fake purchase notices
Scammers exploited a PayPal subscriptions feature to send legitimate emails from service@paypal.com, using fake purchase notifications to push tech support scams. This article has been indexed from Malwarebytes Read the original article: PayPal closes loophole that let scammers send real…
Circle and Aleo Roll Out USDCx With Banking-Level Privacy Features
Aleo and Circle are launching USDCx, a new, privacy-centric version of the USDC stablecoin designed to provide “banking-level” confidentiality while maintaining regulatory visibility and dollar backing. The token is launching first on Aleo’s testnet and was built using Circle’s…
IT Security News Hourly Summary 2025-12-15 15h : 12 posts
12 posts were published in the last hour 14:4 : LLMs & Ransomware | An Operational Accelerator, Not a Revolution 14:4 : 16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records 14:4 : From Fake Deals to Phishing: The…
EN, SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
LLMs & Ransomware | An Operational Accelerator, Not a Revolution
LLMs make competent ransomware crews faster and novices more dangerous. The risk is not superintelligent malware, but rather industrialized extortion. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and tinkerers shedding light on the…
16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records
Cybersecurity researchers discovered an unsecured 16TB database exposing 4.3 billion professional records, including names, emails, and LinkedIn data. Learn what happened, why this massive data leak enables new scams, and how to protect your PII. This article has been indexed…
From Fake Deals to Phishing: The Most Effective Christmas Scams of 2025
Key Insights AI and automation have made holiday scams smarter and harder to detect. Over 33,500 Christmas-themed phishing emails and over 10,000 holiday season-themed social media advertisements flagged in just 14 days. Fake retail sites and social media giveaways are…
Data Is the New Intelligence: How Three Decades of Threat Data Made Check Point Early to AI for Cyber Security
Artificial intelligence’s recent rise to prominence often feels like a revolution — a sudden leap from clever algorithms to systems capable of astonishing accuracy. But beneath the buzz lies a timeless truth: AI is only as good as the data…
Apple Zero-Day Exploits Used in Targeted iPhone Spyware Attacks
Apple confirmed two WebKit zero-days exploited in targeted iPhone spyware attacks. The post Apple Zero-Day Exploits Used in Targeted iPhone Spyware Attacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Apple…
Next Gen Awareness Training: KnowBe4 Unveils Custom Deepfake Training
In today’s world, it can be hard for awareness training to keep up with the modern threats that are constantly emerging. Today, KnowBe4 has announced a new custom deepfake training experience to counteract the risk of ‘deepfake’ attacks as they…
Critical Plesk Vulnerability Allows Plesk Users to Gain Root-Level Access
A severe security vulnerability has been discovered in Plesk for Linux that could allow users to gain root access on affected servers. The flaw, tracked as CVE-2025-66430, exists within Plesk’s Password-Protected Directories feature and allows attackers to inject arbitrary data…
New Android Malware Mimic as mParivahan and e-Challan Attacking Android Users to Steal Login Credentials
A sophisticated Android malware campaign named NexusRoute is actively targeting Indian citizens by impersonating government services. The operation uses fake versions of the official mParivahan and e-Challan applications to harvest login credentials and financial information from unsuspecting users. This coordinated…
New ARTEMIS AI Agent Outperformed 9 out of 10 Human Penetration Testers in Detecting Vulnerabilities
Researchers from Stanford University, Carnegie Mellon University, and Gray Swan AI have unveiled ARTEMIS, a sophisticated AI agent framework that demonstrates remarkable competitive capabilities against seasoned cybersecurity professionals. In the first-ever comprehensive comparison of AI agents against human experts in…
Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery
Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors. The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Google…
More React2Shell Exploits CVE-2025-55182, (Mon, Dec 15th)
Exploits for React2Shell (CVE-2025-55182) remain active. However, at this point, I would think that any servers vulnerable to the “plain” exploit attempts have already been exploited several times. Here is today's most popular exploit payload: This article has been indexed…
PayPal Subscription Feature Exploited to Send Real Emails With Fake High-Value Purchase Alerts
A new email scam is misusing PayPal’s Subscriptions billing system to send genuine PayPal emails that contain fraudulent purchase claims hidden inside the Customer Service URL field. Over the last few months, multiple users have reported receiving PayPal emails…
Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices
New report by Unit 42 reveals the Hamas-linked Ashen Lepus (WIRTE) group is using the AshTag malware suite to target Middle Eastern diplomatic and government entities with advanced, hidden tactics. This article has been indexed from Hackread – Cybersecurity News,…