CISA released five Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-336-01 Industrial Video & Control Longwatch ICSA-25-336-02 Iskra iHUB and iHUB Lite ICSMA-25-336-01 Mirion Medical EC2 Software NMIS…
Mirion Medical EC2 Software NMIS BioDose
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mirion Medical Equipment: EC2 Software NMIS BioDose Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Use of Client-Side Authentication, Use of Hard-coded Credentials 2. RISK EVALUATION Successful…
PostHog Details “Most Impactful” Security Breach as Shai-Hulud 2.0 npm Worm Spreads Through JavaScript SDKs
PostHog has described the Shai-Hulud 2.0 npm worm incident as “the largest and most impactful security incident” the company has ever faced, after attackers managed to push tainted versions of its JavaScript SDKs and attempted to automatically harvest developer…
Hackers Use Look-Alike Domain Trick to Imitate Microsoft and Capture User Credentials
A new phishing operation is misleading users through an extremely subtle visual technique that alters the appearance of Microsoft’s domain name. Attackers have registered the look-alike address “rnicrosoft(.)com,” which replaces the single letter m with the characters r and…
IT Security News Hourly Summary 2025-12-02 18h : 9 posts
9 posts were published in the last hour 17:2 : NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware 17:2 : 4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack 17:2 : Zafran Security Raises $60 Million in Series C…
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. This article has been indexed…
4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack
ShadyPanda spent years hiding inside Google-verified extensions before unleashing an RCE backdoor that compromised 4.3 million users. The post 4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…
Zafran Security Raises $60 Million in Series C Funding
The cybersecurity startup will use the investment to accelerate product innovation and global expansion. The post Zafran Security Raises $60 Million in Series C Funding appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Fortinet FortiWeb flaws found in unsupported versions of web application firewall
Security researchers raise new concerns after the company previously failed to issue prompt security guidance. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Fortinet FortiWeb flaws found in unsupported versions of web application…
Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24)
This week on the Lock and Code podcast, we revisit three stories about smart devices that want to collect more data than people may know. This article has been indexed from Malwarebytes Read the original article: Air fryer app caught…
A data breach at analytics giant Mixpanel leaves a lot of open questions
We sent over a dozen questions to Mixpanel’s CEO about the company’s data breach. Here’s what we want to know. This article has been indexed from Security News | TechCrunch Read the original article: A data breach at analytics giant…
Fortinet at AWS re:Invent 2025: Expanding What’s Possible in Cloud Security
At AWS re:Invent, Fortinet is proud to support several key AWS launches that make securing the cloud simpler, smarter, and more integrated than ever. This article has been indexed from Industry Trends & Insights Read the original article: Fortinet…
Europol nukes Cryptomixer laundering hub, seizing €25M in Bitcoin
Operation Olympia pulls Swiss servers offline and scoops up 12TB of data in latest crime infrastructure crackdown Law enforcement agencies in Germany and Switzerland have shut down cryptocurrency laundering platform Cryptomixer in Europe’s latest pushback against cybercrime infrastructure.… This article…
North Korean APT Collaboration Signals Escalating Cyber Espionage and Financial Cybercrime
Security analysts have identified a new escalation in cyber operations linked to North Korea, as two of the country’s most well-known threat actors—Kimsuky and Lazarus—have begun coordinating attacks with unprecedented precision. A recent report from Trend Micro reveals that…
MuddyWater strikes Israel with advanced MuddyViper malware
Iran-linked threat actor MuddyWater targeted multiple Israeli sectors with a new MuddyViper backdoor in recent attacks. ESET researchers uncovered a new MuddyWater campaign targeting Israeli organizations and one confirmed Egyptian target. The Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static…
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners. The package in question is eslint-plugin-unicorn-ts-2, which masquerades as a TypeScript extension of the popular ESLint plugin. It was uploaded to the…
GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
The supply chain campaign known as GlassWorm has once again reared its head, infiltrating both Microsoft Visual Studio Marketplace and Open VSX with 24 extensions impersonating popular developer tools and frameworks like Flutter, React, Tailwind, Vim, and Vue. GlassWorm was…
Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network…
Critical PickleScan Vulnerabilities Expose AI Model Supply Chains
3 critical zero-day flaws in PickleScan, affecting Python and PyTorch, allowed undetected attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical PickleScan Vulnerabilities Expose AI Model Supply Chains
SmartTube YouTube App for Android TV Compromised Following Exposure of Signing Keys
The Android TV community faces a significant security crisis as SmartTube, a popular third-party YouTube client, has been compromised due to exposed signing keys. Security researchers have identified malicious code embedded within official releases, prompting Google to forcibly disable the…
Kensington and Chelsea confirms IT outage was a data breach after all
Borough says attackers copied ‘historical’ info as three-council cyber woes drag on Kensington and Chelsea Council has admitted that data was quietly lifted from its systems during last week’s cyber meltdown, confirming that the outage was not just an IT…
ShadyPanda’s Seven-Year Campaign Infects 4.3M Chrome and Edge Users
Infected 4.3 million Chrome and Edge users via extensions; ShadyPanda exploited browser marketplaces This article has been indexed from www.infosecurity-magazine.com Read the original article: ShadyPanda’s Seven-Year Campaign Infects 4.3M Chrome and Edge Users
The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security
When familiar security concepts carry unfamiliar meanings for different audiences, teams talk past each other without even realizing it. This silent disconnect weakens communication, clarity, and outcomes. The post The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security appeared…
X’s New Location Feature Exposes Foreign Manipulation of US Political Accounts
X’s new location feature has revealed that many high-engagement US political accounts, particularly pro-Trump ones, are actually operated from countries outside the United States such as Russia, Iran, and Kenya. This includes accounts that strongly claim to represent American…