Phishing is no longer an easy-to-detect cyberattack. With the rise of artificial intelligence, attackers now launch AI-driven phishing campaigns to mimic human behavior. They can now generate flawless emails and use deepfake phishing attacks. Email security threats are more prominent…
Hackers Leverages Telegram, WinSCP, Google Chrome, and Microsoft Teams to Deploy ValleyRat
A new malware campaign has emerged that exploits the trust users place in popular applications. Threat actors are distributing trojanized installers for Telegram, WinSCP, Google Chrome, and Microsoft Teams to deploy ValleyRat, a remote access trojan designed for long-term system…
Glassworm Malware Hits OpenVSX and Microsoft Visual Studio Platforms with 24 New Packages
The Glassworm malware campaign has resurfaced with unprecedented scale, deploying 24 malicious extensions across Microsoft Visual Studio Marketplace and OpenVSX over the past week. This latest wave of attacks demonstrates the persistent threat posed by supply chain compromises targeting developer…
Raspberry Pi 5 Now Available With 1GB RAM With Dual-Band Wi-Fi and PCI Express Port Support
The Raspberry Pi Foundation has announced immediate availability of a new 1GB version of the Raspberry Pi 5, marking a significant expansion of its affordable computing platform. The new entry-level model arrives at $45, making high-performance computing more accessible to…
Microsoft Investigates Defender Portal Access Issues Following Traffic Spike
Microsoft is currently investigating a service disruption affecting the Microsoft Defender portal, which has blocked numerous security professionals from accessing critical threat management tools. The issue, tracked under the identifier DZ1191468 in the Microsoft 365 admin center, sparked concerns early…
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors
The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access. The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek. This article has been indexed from…
Cyber Startup Frenetik Launches with Patented Deception Technology That Bets Against the AI Arms Race
Bethesda, USA / Maryland, 2nd December 2025, CyberNewsWire Cyber Startup Frenetik Launches with Patented Deception Technology That Bets Against the AI Arms Race on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has…
India plans to verify and record every smartphone in circulation
The Indian government has ordered smartphone makers to preinstall its Sanchar Saathi app on all devices, a move that is raising fresh privacy concerns. This article has been indexed from Security News | TechCrunch Read the original article: India plans…
‘Korea’s Amazon’ Coupang discloses a data breach impacting 34M customers
Coupang disclosed a five-month data breach that exposed the personal information of nearly 34 million South Korean customers. South Korean e-commerce giant disclosed a data breach affecting nearly 34 million customers, exposing personal information over a period of more than…
Unit 42 Incident Response Retainer for AWS Security Incident Response
Unit 42 and AWS launch a no-cost Incident Response Retainer for AWS Security, including 250 free hours and a 2-hour response time agreement. The post Unit 42 Incident Response Retainer for AWS Security Incident Response appeared first on Palo Alto…
Like Social Media, AI Requires Difficult Choices
In his 2020 book, “Future Politics,” British barrister Jamie Susskind wrote that the dominant question of the 20th century was “How much of our collective life should be determined by the state, and what should be left to the market…
CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote Code Execution
At the end of October 2025, Oracle released an emergency security alert addressing CVE-2025-61757, a high-severity authentication-bypass flaw that enables remote code execution in the Identity Manager product of Oracle Fusion Middleware (versions 12.2.1.4.0 and 14.1.2.1.0). Multiple threat actors are already exploiting the vulnerability…
Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers
The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution. The post Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Saporo Raises $8 Million for Identity Security Platform
The Swiss cybersecurity firm will scale its R&D, sales and marketing teams as it pursues expansion across Europe. The post Saporo Raises $8 Million for Identity Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Span Cyber Security Arena 2026 to offer new perspectives on the development of cybersecurity
Through lectures, deep-dive presentations, best practice examples, and masterclasses, the focus of Span Cyber Security Arena 2026 will be on what strengthens our defense against cyber threats. Span Cyber Security Arena 2026 will be held in Poreč from May 20…
Proxyearth Tool Lets Anyone Trace Users in India with Just a Mobile Number
Proxyearth is a new site that shows names, Aadhaar numbers, and live locations of users in India using only mobile numbers, raising serious privacy and security concerns. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech,…
AI Adoption Surges While Governance Lags — Report Warns of Growing Shadow Identity Risk
Baltimore, MD, 2nd December 2025, CyberNewsWire AI Adoption Surges While Governance Lags — Report Warns of Growing Shadow Identity Risk on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed from…
Apache Struts Vulnerability Let Attackers Trigger Disk Exhaustion Attacks
A critical security flaw in Apache Struts could allow attackers to trigger disk exhaustion attacks, rendering affected systems unusable. The vulnerability, tracked as CVE-2025-64775, stems from a file leak in multipart request processing that enables denial-of-service conditions. Apache Struts researcher…
Charging Cable that Hacks your Device to Record Keystrokes and Control Wi-Fi
The Evil Crow Cable Wind is a stealthy tool for red teamers that hides a powerful hacking implant inside what appears to be a standard USB charging cable. Designed by security researcher Joel Serna Moreno, this device functions as a…
Google patches 107 Android flaws, including two being actively exploited
Google’s December update fixes two Android bugs that criminals are actively exploiting. Update as soon as you can. This article has been indexed from Malwarebytes Read the original article: Google patches 107 Android flaws, including two being actively exploited
Radiant Logic expands RadiantOne with composable remediation and unified identity observability
Radiant Logic announced major enhancements to its RadiantOne Platform. The release introduces new AI-powered collaborative remediation, an agentic AI-first approach that leverages the Model Context Protocol (MCP) standard, and support for the Shared Signals Framework (SSF) with the Continuous Access…
SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities
Vulnerability management is a core component of every cybersecurity strategy. However, businesses often use thousands of software without realising it (when was the last time you checked?), and keeping track of all the vulnerability alerts, notifications, and updates can be…
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage…
OpenVPN Flaws Allow Hackers to Launch DoS Attacks and Bypass Security Checks
Security researchers have uncovered three significant vulnerabilities in OpenVPN, one of the world’s most trusted open-source virtual private network (VPN) solutions. The discovered flaws could allow attackers to crash VPN services, bypass essential security checks, or read sensitive memory data.…