Since 2017, Lexus has equipped several models (including Lexus NX, LS and ES series) with a new generation infotainment, which is also known as AVN (Audio, Visual and Navigation) unit. Compared to some Intelligent connected infotainment units, like Tesla IVI…
Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars
MBUX, Mercedes-Benz User Experience is the infotainment system in Mercedes-Benz cockpits. Mercedes-Benz first introduced MBUX in the new A-Class back in 2018, and is adopting MBUX in their entire vehicle line-up, including Mercedes-Benz E-Class, GLE, GLS, EQC, etc. In this…
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis. This article has been indexed from Trend Micro…
Over 70 Domains Used in Months-Long Phishing Spree Against US Universities
Infoblox Threat Intel reports a campaign that used the Evilginx phishing kit to bypass Multi-Factor Authentication (MFA) and steal credentials from 18 US universities between April and November 2025. This article has been indexed from Hackread – Cybersecurity News, Data…
Barts Health seeks High Court block after Clop pillages NHS trust data
Body confirms patient and staff details siphoned via Oracle EBS flaw as gang threatens to leak haul Barts Health NHS Trust has confirmed that patient and staff data was stolen in Clop’s mass-exploitation of Oracle’s E-Business Suite (EBS), and says…
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features
Cybersecurity researchers have disclosed details of two new Android malware families dubbed FvncBot and SeedSnatcher, as another upgraded version of ClayRat has been spotted in the wild. The findings come from Intel 471, CYFIRMA, and Zimperium, respectively. FvncBot, which masquerades…
Cyber Threats to the U.S.: What Policymakers Need to Know for 2026
Cyber attacks against the United States are no longer isolated events or technical headaches. They are now powerful tools of national strategy used by foreign governments, criminal networks, and ideological groups. A new report explains how these attacks have changed…
Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces
Evidence shows that certain people have been targeted by malicious actors, often linked to governments or state-backed groups. The post Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces appeared first on TechRepublic. This article has been indexed…
Critical Apache Tika Vulnerability Leads to XXE Injection
The bug allows attackers to carry out XML External Entity (XXE) injection attacks via crafted XFA files inside PDF files. The post Critical Apache Tika Vulnerability Leads to XXE Injection appeared first on SecurityWeek. This article has been indexed from…
Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell
A critical React2Shell (CVE-2025-55182) RCE flaw in React and Next.js is being actively exploited by China-nexus threat groups, prompting urgent patching and global mitigations. The post Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell appeared…
IT Security News Hourly Summary 2025-12-08 12h : 2 posts
2 posts were published in the last hour 10:32 : Indonesia’s Gambling Ecosystem Exposed With Indicators of National-Level Cyber Operations 10:32 : UK ICO Demands “Urgent Clarity” on Facial Recognition Bias Claims
Indonesia’s Gambling Ecosystem Exposed With Indicators of National-Level Cyber Operations
A sophisticated cybercrime infrastructure operating for over fourteen years has been dismantled through extensive research into Indonesia’s illegal gambling networks. Security researchers have uncovered a sprawling ecosystem spanning hundreds of thousands of domains, thousands of malicious mobile applications, and widespread…
UK ICO Demands “Urgent Clarity” on Facial Recognition Bias Claims
A Home Office report has revealed racial bias in facial recognition technology used by police This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Demands “Urgent Clarity” on Facial Recognition Bias Claims
U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a a Meta React Server Components flaw, tracked as CVE-2025-55182 (CVSS Score of…
Exploitation of React2Shell Surges
An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. The post Exploitation of React2Shell Surges appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Exploitation…
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks
A critical security flaw in the Sneeit Framework plugin for WordPress is being actively exploited in the wild, per data from Wordfence. The remote code execution vulnerability in question is CVE-2025-6389 (CVSS score: 9.8), which affects all versions of the…
Microsoft Gives All Eligible PCs the Green Light for Windows 11 25H2
The timing of this upgrade push comes during a wave of reported Windows issues. The post Microsoft Gives All Eligible PCs the Green Light for Windows 11 25H2 appeared first on TechRepublic. This article has been indexed from Security Archives…
Barts Health Seeks High Court Ban After Oracle EBS Breach
Barts Health NHS Trust has revealed itself to be the latest victim of Cl0p’s Oracle EBS campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Barts Health Seeks High Court Ban After Oracle EBS Breach
Advent of Configuration Extraction – Part 2: Unwrapping QuasarRAT’s Configuration
In the second part of our “Advent of Configuration Extraction” series, we unwrap QuasarRAT, a popular .NET remote access trojan (RAT), and show how to extract its encrypted configuration out of the binary. The article begins by detailing the environment:…
Silicon In Focus Podcast: Building Data Infrastructure for Enterprise Agility
Discover how modern data architectures, cloud-native platforms, and API-first design help CIOs and CTOs remove bottlenecks, boost agility, and future-proof innovation. This article has been indexed from Silicon UK Read the original article: Silicon In Focus Podcast: Building Data Infrastructure…
AI Reasoning Models ‘Use 100 Times More Power’
AI Energy Score project finds AI models using reasoning technology draw an average of 100 times more power than those without it This article has been indexed from Silicon UK Read the original article: AI Reasoning Models ‘Use 100 Times…
Hundreds of Porsche Cars Immobilized Following Malfunction in Installed Satellite Security System
Owners of hundreds of Porsche vehicles across Russia are facing a sudden crisis: their high-performance cars have been rendered completely undrivable due to a widespread malfunction in the German automaker’s factory-installed alarm systems. Reports from the Rolf dealership network, Russia’s…
Pharma Firm Inotiv Confirms Data Breach Following Ransomware Attack
A leading contract research organization specializing in pharmaceutical drug discovery and development services disclosed a significant data breach stemming from a ransomware attack that occurred in early August 2025. The Inotiv company announced the cybersecurity incident in its fiscal 2025…
Shanya EDR Killer Leveraged by Ransomware Groups to Clear the Way for Ransomware Infection
The cybercriminal landscape has recently witnessed the aggressive rise of “Shanya,” a potent packer-as-a-service and EDR killer now fueling major ransomware operations. Emerging on underground forums in late 2024 under the alias “VX Crypt,” this tool was engineered to supersede…