From May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed a sophisticated attack campaign targeting Russia’s public sector and vital industries such as energy, mining, and manufacturing. The coordinated offensive…
Anti-fraud body leaks dozens of email addresses in invite mishap
Calendar cock-up exposed recipients’ details Anti-fraud nonprofit Cifas was left red-faced after sending out a calendar invite that exposed the email addresses of dozens of individuals working across the fraud space.… This article has been indexed from The Register –…
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with…
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased “operations tempo” from the threat actor. The findings come from Google Threat Intelligence Group (GTIG), which said…
Lumma Stealer Developers Doxxed in Underground Rival Cybercrime Campaign
Lumma Stealer operators allegedly exposed in underground doxxing campaign, with sensitive details leaked by rival cybercriminals, according to Trend Micro This article has been indexed from www.infosecurity-magazine.com Read the original article: Lumma Stealer Developers Doxxed in Underground Rival Cybercrime Campaign
Home Depot Halloween phish gives users a fright, not a freebie
Boo! A Home Depot Halloween “giveaway” isn’t a treat—it’s a phishing trick. Fake links, tracking pixels, and compromised sites are the real prizes here. This article has been indexed from Malwarebytes Read the original article: Home Depot Halloween phish gives…
Vets Will Test UK Digital ID Plan
As the UK tests digital ID cards for military veterans ahead of a 2027 nationwide rollout, privacy concerns and cybersecurity warnings are growing. Experts caution that without strong zero-trust principles, encryption, and PAM enforcement, the program could expose citizens and…
Agentic AI security: Building the next generation of access controls
As artificial intelligence (AI) solutions continue to evolve, the rise of agentic AI—intelligent systems that can act autonomously on behalf of an organization—presents new security challenges. Research from Delinea’s 2025 AI in Identity Security Demands a New Playbook report reveals…
AWS outage, NSA hacking accusations, High risk WhatsApp automation
DNS failure leads to AWS outage China accuses NSA of hacking national time center Chrome store flooded with high-risk WhatsApp automation Huge thanks to our sponsor, ThreatLocker Cybercriminals don’t knock — they sneak in through the cracks other tools miss.…
IT Security News Hourly Summary 2025-10-21 09h : 8 posts
8 posts were published in the last hour 7:5 : Decoding UserAuthenticationMethod in Microsoft 365 audit logs: the bitfield mapping 7:4 : Vodafone To Build Data Cable System Across Black Sea 7:4 : AdaptixC2 Emerges in npm Supply-Chain Exploit Against…
Decoding UserAuthenticationMethod in Microsoft 365 audit logs: the bitfield mapping
This undocumented field of sign-in events is a bitfield where each bit represents a different authentication method. La publication suivante Decoding UserAuthenticationMethod in Microsoft 365 audit logs: the bitfield mapping est un article de Sekoia.io Blog. This article has been…
Vodafone To Build Data Cable System Across Black Sea
Vodafone Group, Vodafone Ukraine collaborate on cable system upgrading capacity across Bulgaria, Turkey, Georgia, Ukraine This article has been indexed from Silicon UK Read the original article: Vodafone To Build Data Cable System Across Black Sea
AdaptixC2 Emerges in npm Supply-Chain Exploit Against Developers
Cybersecurity researchers at Kaspersky have uncovered a sophisticated supply chain attack targeting the npm ecosystem, where threat actors distributed the AdaptixC2 post-exploitation framework through a malicious package disguised as a legitimate proxy utility. The discovery highlights the growing risk of…
AWS Declares Major Outage Resolved After Nearly 24 Hours of Disruption
Amazon Web Services (AWS), the world’s largest cloud computing provider, has officially marked a widespread outage in its US-EAST-1 region as resolved, following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident, which began…
CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation in the wild. The security flaw, tracked as CVE-2025-61884, poses significant risks to organizations running…
When the Backbone Breaks: Why the F5 Breach is a Five-Alarm Fire
Alan warns that the F5 breach — involving stolen source code, unpatched vulnerabilities, and customer configurations — is a five-alarm crisis for digital infrastructure. The attack exposes national security risks, vendor concentration dangers, and the fragility of our IT foundations.…
When everything’s connected, everything’s at risk
In this Help Net Security interview, Ken Deitz, CISO at Brown & Brown, discusses how the definition of cyber risk has expanded beyond IT to include IoT, OT, and broader supply chain ecosystems. As organizations connect these assets through cloud…
AWS Crash Causes Outages Across Internet
Amazon Web Services outage on US east coast creates ripple effect, disrupting internet services for millions This article has been indexed from Silicon UK Read the original article: AWS Crash Causes Outages Across Internet
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Pakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials…
Your smart building isn’t so smart without security
The lights switch on as you walk in. The air adjusts to your presence. Somewhere in the background, a server notes your arrival. It’s the comfort of a smart building, but that comfort might come with a cost. Smart buildings…
Over 71,000 WatchGuard Devices Exposed to Remote Code Execution Attacks
The cybersecurity community has raised a serious alarm following the recent daily reporting of vulnerable WatchGuard devices impacted by a major security flaw. According to new data published on October 18, 2025, security researchers at Shadowserver observed over 71,000 WatchGuard…
New LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVER
Russian state-sponsored threat actor COLDRIVER, long known for targeting high-profile NGOs, policy advisors, and dissidents, has been linked to a rapidly evolving malware campaign following the public disclosure of its LOSTKEYS malware in May 2025. After details of LOSTKEYS surfaced,…
CISA Warns of Actively Exploited Windows SMB Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked…
Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily
A persistent campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with attackers deploying over 30,000 new IP addresses daily to exploit timing-based vulnerabilities. This coordinated effort, linked to a global botnet, has seen unique IPs surge past 500,000 since September…