A Pakistan-based cyber espionage group known as APT36 or Transparent Tribe has launched a highly sophisticated phishing campaign targeting Indian defense personnel, utilizing credential-stealing malware designed to establish long-term infiltration within sensitive military networks. The campaign represents a significant escalation…
Vulnerability Summary for the Week of June 16, 2025
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info _CreativeMedia_–Elite Video Player Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in _CreativeMedia_ Elite Video Player allows Stored XSS. This issue affects Elite Video Player: from…
Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users
A cyber-attack on CoinMarketCap exposed users to a fake Web3 wallet prompt, draining $43,266 from wallets This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users
Zero-Trust Architecture in the Era of Quantum Computing: A Proactive Defense Strategy
The cybersecurity world is on the brink of a revolution, driven by quantum computing. Quantum computers can also break the encryption systems we depend on daily while powering breakthroughs in… The post Zero-Trust Architecture in the Era of Quantum Computing:…
SparkKitty Targets iOS and Android Devices via App Store and Google Play Attacks
A sophisticated spyware campaign, dubbed SparkKitty, has emerged as a significant threat to both iOS and Android users, infiltrating even the official app stores like Google Play and the App Store. First detected in connection with the earlier SparkCat campaign…
US insurance giant Aflac says customers’ personal data stolen during cyberattack
The U.S. insurance giant provides supplemental insurance to around 50 million customers. This article has been indexed from Security News | TechCrunch Read the original article: US insurance giant Aflac says customers’ personal data stolen during cyberattack
Microsoft will start removing legacy drivers from Windows Update
Microsoft will start removing legacy drivers from Windows Update to improve driver quality for Windows users but, most importantly, to increase security, the company has announced. This is intended to be an ongoing process and Microsoft is planning to introduce…
Mike Lynch’s Bayesian Superyacht Lifted From Ocean Floor
Investigation into death of British tech entrepreneur Dr Mike Lynch and others to continue, after his superyacht is raised from ocean This article has been indexed from Silicon UK Read the original article: Mike Lynch’s Bayesian Superyacht Lifted From Ocean…
North Korean Hackers Weaponize GitHub Infrastructure to Distribute Malware
Cybersecurity researchers have uncovered a sophisticated spearphishing campaign orchestrated by the North Korean threat group Kimsuky, leveraging GitHub as a critical piece of attack infrastructure to distribute malware since March 2025. This operation, identified through analysis of a malicious PowerShell…
DDoS Attack on Financial Sector Triggers Multi-Day Service Outages
In an analysis by FS-ISAC and Akamai, the financial services sector has emerged as the primary target of Distributed Denial of Service (DDoS) attacks, with a dramatic surge in both the frequency and volume of malicious traffic. These attacks, designed…
The illusion of control: Can we ever fully secure autonomous industrial systems?
In the rapidly evolving world of industrial IoT (IIoT), the integration of AI-driven decision-making into operational technology (OT) systems has created the impression of tighter control, smarter response times and predictive efficiency. This feeling of having control might actually be…
Defeating PumaBot: How Check Point Quantum IoT Protect Nano Agent Shields Surveillance Devices
The threat at a glance Darktrace researchers have identified PumaBot, a Go-based Linux botnet that focuses on embedded surveillance cameras and other IoT devices.Unlike spray-and-pray botnets that scan the whole internet, PumaBot pulls a curated IP list from its C2…
Update Kali Linux to the latest software repository key
Kali Linux users might encounter errors when they update or download new software, exposing systems to security threats. A new repository key will eliminate those problems. This article has been indexed from Search Security Resources and Information from TechTarget Read…
McLaren Health Care data breach impacted over 743,000 people
The ransomware attack that hit McLaren Health Care in 2024 exposed the personal data of 743,000 individuals. McLaren Health Care is notifying over 743,000 people of a data breach discovered on August 5, 2024. McLaren discovered suspicious activity on its…
Quantum dice: Scientists harness true randomness from entangled photons
Scientists at NIST and the University of Colorado Boulder have created CURBy, a cutting-edge quantum randomness beacon that draws on the intrinsic unpredictability of quantum entanglement to produce true random numbers. Unlike traditional methods, CURBy is traceable, transparent, and verifiable…
China’s Salt Typhoon Hackers Target Canadian Telecom Firms
Canada’s Centre for Cyber Security and the FBI warn of Chinese hackers targeting telecommunications and other companies in Canada. The post China’s Salt Typhoon Hackers Target Canadian Telecom Firms appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
RapperBot Attacking DVRs to Gain Access Over Surveillance Cameras to Record Video
A sophisticated botnet campaign targeting digital video recorders (DVRs) has emerged as a significant threat to surveillance infrastructure worldwide, with cybercriminals exploiting vulnerable IoT devices to build massive botnets capable of large-scale distributed denial-of-service attacks. RapperBot, a variant of the…
New AI Jailbreak Bypasses Guardrails With Ease
New “Echo Chamber” attack bypasses advanced LLM safeguards by subtly manipulating conversational context, proving highly effective across leading AI models. The post New AI Jailbreak Bypasses Guardrails With Ease appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
CoinMarketCap, Cointelegraph compromised to serve pop-ups to drain crypto wallets
The CoinMarketCap and CoinTelegraph websites have been compromised over the weekend to serve clever phishing pop-ups to visitors, asking them to verify/connect their crypto wallets. The CoinMarketCap compromise CoinMarketCap (aka CMC) is a website popular with crypto investors as it…
IT Security News Hourly Summary 2025-06-23 15h : 16 posts
16 posts were published in the last hour 13:3 : Fake DMV Texts Scam Thousands in Widespread Phishing Campaign 13:3 : BlueNoroff Hackers Exploit Zoom App to Deploy Infostealer Malware in Targeted Attacks 13:3 : Shadow Vector Malware Weaponizes SVG…
Okta Cross App Access secures AI agents in the enterprise
Okta announced Cross App Access, a new protocol to help secure AI agents. As an extension of OAuth, it brings visibility and control to both agent-driven and app-to-app interactions, allowing IT teams to decide what apps are connecting and what…
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks
Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part…
Fake DMV Texts Scam Hit Thousands in Widespread Phishing Campaign
A series of fraudulent text messages impersonating state Departments of Motor Vehicles (DMVs) has spread throughout the United… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Fake DMV…
Critical Teleport Vulnerability Allows Remote Authentication Bypass
A critical security vulnerability, tracked as CVE-2025-49825, has been discovered in Teleport, a widely used open-source platform for secure access to servers, cloud applications, and infrastructure. This flaw enables remote attackers to bypass authentication controls, potentially granting unauthorized access to…
Confucius Hackers Target Government and Military Entities Using WooperStealer Malware
The notorious Confucius hacking organization, first exposed by foreign security vendors in 2016, continues to pose a significant threat to government and military entities across South and East Asia. With attack activities dating back to 2013, this group has recently…
This Linux distro routes all your traffic through the Tor network – and it’s my new favorite for privacy
I could easily see myself defaulting to Securonis when I need serious security. This article has been indexed from Latest stories for ZDNET in Security Read the original article: This Linux distro routes all your traffic through the Tor network…
Fortinet Partners with FIRST on New Initiative to Build Global Cyber Capacity
Fortinet is the inaugural partner for FIRST’s new Community, Operational capacity, Resilience, and Empowerment initiative to empower cybersecurity and incident response teams worldwide through capacity building and community development. Learn more about CORE. This article has been indexed from…