In a significant shift within the ransomware landscape, global ransom payments plummeted by 35% in 2024, falling from $1.25 billion in 2023 to $813.55 million, according to a report by blockchain analytics firm Chainalysis. This marked the first substantial decline…
XE Group shifts from credit card skimming to exploiting zero-days
The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed light on the recent operations of the XE Group. Active since…
Quishing via QR Codes Emerging As a Top Attack Vector Used by Hackers
QR codes have become an integral part of our digital lives, offering quick access to websites, services, and even payment systems. However, their widespread use has also made them a prime target for scammers. A new threat, known as “quishing,”…
LLM Hijackers Gained Stolen Access to DeepSeek-V3 Model Very Next Day After Release
With the release of DeepSeek-V3 on December 25, 2024, the number of LLMjacking attacks in the cybersecurity space has significantly increased. Within hours of its launch, malicious actors had compromised the model, integrating it into OpenAI Reverse Proxy (ORP) systems…
1M+ Malware Samples Analysis Reveal Application Layer Abused for Stealthy C2
A recent analysis of over 1 million malware samples unveiled a trend where adversaries increasingly exploit the Application Layer of the Open System Interconnection (OSI) model to conduct stealthy Command-and-Control (C2) operations. By leveraging trusted Application Layer Protocols, attackers are…
GitHub Copilot’s New Agent Mode Let Developers Autonomously Complete Coding Tasks
GitHub has unveiled a groundbreaking update to its AI-powered coding assistant, GitHub Copilot, with the introduction of Agent Mode. This new feature, available in preview for Visual Studio Code (VS Code) Insiders, empowers developers to autonomously complete complex coding tasks…
Trump’s AI Ambition and China’s DeepSeek Overshadow an AI Summit in Paris
French organizers said “the summit aims at promoting an ambitious French and European AI strategy” as advances in the sector have been led by the U.S. and China. The post Trump’s AI Ambition and China’s DeepSeek Overshadow an AI Summit…
Privacy Concerns Rise Over Antivirus Data Collection
To maintain the security of their devices from cyberattacks, users rely critically on their operating systems and trusted anti-virus programs, which are among the most widely used internet security solutions. Well-established operating systems and reputable cybersecurity software need to…
19 US States Sue to Prevent DOGE From Accessing Americans’ Private Data
In an effort to prevent Elon Musk’s Department of Government Efficiency from gaining access to Treasury Department documents that hold private information like Social Security numbers and bank account numbers for millions of Americans, 19 Democratic attorneys general filed…
North Yorkshire Hospital Adopts AI for Faster Lung Cancer Detection
A hospital in North Yorkshire has introduced artificial intelligence (AI) technology to improve the detection of lung cancer and other serious illnesses. Harrogate and District NHS Foundation Trust announced that the AI-powered system would enhance the efficiency and accuracy…
Malicious ML models found on Hugging Face Hub
Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, the malicious payload checks…
Veridas helps companies combat AI-driven injection attacks
Generative AI is fueling a new wave of identity fraud, making digital security more critical than ever. In response, Veridas has introduced an advanced injection attack detection capability to combat the growing threat of synthetic identities. This new feature strengthens…
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]
In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we’ve…
IT Security News Hourly Summary 2025-02-10 15h : 12 posts
12 posts were published in the last hour 13:33 : Small praise for modern compilers – A case of Ubuntu printing vulnerability that wasn’t 13:33 : How These Decentralized AI Solutions Secure Their Services in a Disruptive Industry 13:32 :…
Small praise for modern compilers – A case of Ubuntu printing vulnerability that wasn’t
By Aleksandar Nikolich Earlier this year, we conducted code audits of the macOS printing subsystem, which is heavily based on the open-source CUPS package. During this investigation, IPP-USB protocol caught our attention. IPP over USB specification defines how printers that…
How These Decentralized AI Solutions Secure Their Services in a Disruptive Industry
This article looks at the measures AI solutions take to secure their offering with insights from platforms like OORT and Filecoin who are creating new security models for their AI infrastructure. This article has been indexed from Hackread – Latest…
Quishing via QR Codes Emerging as a Top Attack Vector Used by Hackers
QR codes, once a symbol of convenience and security in digital interactions, have become a significant target for cybercriminals. The Rise of Fake QR Code Scams A new form of cyberattack, dubbed “quishing,” involves the use of counterfeit QR codes…
NetSupport RAT Grant Attackers Full Access to Victims Systems
The eSentire Threat Response Unit (TRU) has reported a significant rise in incidents involving the NetSupport Remote Access Trojan (RAT) since January 2025. This malicious software, originally designed as a legitimate IT support tool, has been weaponized by cybercriminals to…
How Electric AI Strengthened Its Cloud Security with AI-Powered Solutions
Electric AI, a New York-based IT platform provider serving nearly 1,000 customers and over 55,000 end-users, faced the critical challenge of securing not only their own infrastructure but also protecting sensitive data across multiple industries. As a managed security provider…
US news org still struggling to print papers a week after ‘cybersecurity event’
Publications across 25 states either producing smaller issues or very delayed ones US newspaper publisher Lee Enterprises is one week into tackling a nondescript “cybersecurity event,” saying the related investigation may take “weeks or longer” to complete.… This article has…
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]
In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we’ve…
Seit Januar: Brute-Force-Attacken von Millionen IP-Adressen beobachtet
Die Angriffe sind in der Spitze von bis zu 2,8 Millionen IP-Adressen an einem Tag ausgegangen. Auch Deutschland steuert ein paar Quellgeräte bei. (Brute Force, Netzwerk) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Seit…
5 Best NIS2 Compliance Software and Solution Providers
The European Union’s Network and Information Systems Directive 2 (NIS2) is now in effect. And, throughout 2025, governments across the continent will be transposing it into national law. Complying with the regulation involves a combination of changes to workflows, employee…
Why the Growing Risk of Cyber Inequity Threatens Critical Infrastructure
Cyber inequity is a growing chasm that continues to separate organizations with robust cybersecurity and technology capabilities from those without. This digital divide is a global cybersecurity crisis in the… The post Why the Growing Risk of Cyber Inequity Threatens…