A critical vulnerability has been discovered in Emby Server that allows unauthenticated attackers to gain full administrative access to affected systems. Tracked as CVE-2025-64113 with a severity score of 9.3 out of 10 (CVSS v4), this weakness affects both stable and beta…
Identity Security Firm Saviynt Raises $700 Million at $3 Billion Valuation
The funding round was led by KKR, with participation from Sixth Street Growth, TenEleven, and Carrick Capital Partners. The post Identity Security Firm Saviynt Raises $700 Million at $3 Billion Valuation appeared first on SecurityWeek. This article has been indexed…
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks. “These methods…
How to Gain Experience in Cybersecurity
Developing meaningful experience in the cybersecurity field is a common challenge for professionals who have already entered the industry and want to advance their cybersecurity skills. As roles become more technical and responsibilities broaden, it becomes clear that foundational exposure…
How Will AI Affect Cybersecurity?
As organizations deploy AI tools to improve detection accuracy, streamline investigations, and strengthen defenses, threat actors are leveraging the same technologies to develop more efficient and adaptive attack methods. This article outlines the current and emerging roles of AI in…
Uncovering Hidden Forensic Evidence in Windows: The Mystery of AutoLogger-Diagtrack-Listener.etl
FortiGuard IR uncovers forensic insights in Windows AutoLogger-Diagtrack-Listener.etl, a telemetry artefact with untapped investigative value. This article has been indexed from FortiGuard Labs Threat Research Read the original article: Uncovering Hidden Forensic Evidence in Windows: The Mystery of AutoLogger-Diagtrack-Listener.etl
New Android Malware SeedSnatcher and FvncBot Found By Experts
New Android malware found Researchers have revealed details of two Android malware strains called SeedSnatcher and FvncBot. Upgraded version of ClayRat was also found in the wild. About the malware FvncBot works as a security app built by mBank and…
IT Security News Hourly Summary 2025-12-09 15h : 11 posts
11 posts were published in the last hour 14:3 : 40,000 Phishing Emails Disguised as SharePoint and and e-Signing Services: A New Wave of Finance-Themed Scams 14:2 : Prompt injection is a problem that may never be fixed, warns NCSC…
40,000 Phishing Emails Disguised as SharePoint and and e-Signing Services: A New Wave of Finance-Themed Scams
The hyperconnected world has made it easier than ever for businesses and consumers to exchange documents, approve transactions, and complete critical financial workflows with just a click. Digital file sharing and electronic signature platforms used widely across banking, real estate,…
Prompt injection is a problem that may never be fixed, warns NCSC
The NCSC warns that prompt injection is unlikely to be mitigated in the same way SQL injection was. How do they compare? This article has been indexed from Malwarebytes Read the original article: Prompt injection is a problem that may…
TransUnion Extends Ability to Detect Fraudulent Usage of Devices
TransUnion today added an ability to create digital fingerprints without relying on cookies that identify, in real time, risky devices and other hidden anomalies to its Device Risk service for combatting fraud. Clint Lowry, vice president of global fraud solutions…
ShadowV2 Botnet Activity Quietly Intensified During AWS Outage
The recently discovered wave of malicious activity has raised fresh concerns for cybersecurity analysts, who claim that ShadowV2 – a fast-evolving strain of malware that is quietly assembling a global network of compromised devices – is quietly causing alarm.…
SimpleX Chat X Account Hacked, Fake Site Promotes Crypto Wallet Scam
SimpleX Chat’s X account hacked to promote fake crypto site urging users to connect wallets. Site mimicked official design to steal funds. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read…
Top 5 Tips to Shrink and Secure Docker Images
I used to settle for Docker images that were massive, sometimes in GBs. I realized that every megabyte matters, impacting everything from deployment speed and cloud costs to security. With time, I realize there are well-known best practices and advanced…
Zoom Rooms for Windows and macOS Flaws Enable Privilege Escalation and Sensitive Data Leaks
Zoom has disclosed two critical security vulnerabilities in its Zoom Rooms software for Windows and macOS, which could allow attackers with local access to escalate privileges or expose sensitive information. Tracked as ZSB-25050 and ZSB-25051, these flaws affect versions prior…
Google Announces 10 New AI Features for Google Chrome Powered by Gemini
Google has unveiled the most significant upgrade to Chrome in its history, integrating advanced AI capabilities powered by Gemini to transform how users browse the web. These features are designed to enhance productivity, improve security, and deliver a more intuitive…
Nudge Security Extends Ability to Secure Data in the AI Era
Nudge Security today extended the scope of its namesake security and governance platform to monitor sensitive data shared via uploads and integrations with an artificial intelligence (AI) service, in addition to now being able to identify individuals sharing that data…
Researchers Warn of New Js#Smuggler Campaign Delivering Netsupport Rat through Compromised Websites
Cybersecurity researchers have sounded the alarm about a new malware campaign called JS#SMUGGLER, which is using hacked websites to distribute the NetSupport remote access trojan (RAT). Securonix analysed the attack method, describing it as a multi-stage sequence designed to evade…
Holly Ventures launches $33 million fund focused on early-stage cyber innovation
Holly Ventures announced the launch of its $33 million debut fund, a solo-led cybersecurity vehicle built around a simple idea that for early-stage cyber start-ups, access and value matter more than capital. Founded by John Brennan, formerly a Senior Partner…
AI-Driven Tools Uncover GhostPenguin Backdoor Attacking Linux Servers
A sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal in July 2025. The threat represents a new breed of stealthy malware designed to maintain…
SAP Security Patch Day Fixes Critical Flaws in Solution Manager, NetWeaver & More
SAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and high‑severity vulnerabilities across key enterprise products. Administrators are strongly advised to review the latest security notes in the SAP Support…
Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of…
New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims…
Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities
Hypervisors the invisible backbone of modern corporate IT have become the new primary battleground for ransomware groups. According to new data from Huntress, attacks targeting hypervisors to deploy ransomware have skyrocketed in late 2025. While hypervisors like VMware ESXi and…