A sophisticated backdoor malware known as Backdoor.WIN32.Buterat has emerged as a significant threat to enterprise networks, demonstrating advanced persistence techniques and stealth capabilities that enable attackers to maintain long-term unauthorized access to compromised systems. The malware has been identified targeting…
New Malvertising Campaign Leverages GitHub Repository to Deliver Malware
A sophisticated malvertising campaign has emerged, exploiting GitHub repositories through dangling commits to distribute malware via fake GitHub Desktop clients. This novel attack vector represents a significant evolution in cybercriminal tactics, leveraging the trust and legitimacy associated with GitHub’s platform…
EvilAI as AI-enhanced Tools to Exfiltrate Sensitive Browser Data and Evade Detections
A sophisticated malware campaign has emerged that leverages artificial intelligence to create deceptively legitimate applications, marking a significant evolution in cyberthreat tactics. The EvilAI malware family represents a new breed of threats that combines AI-generated code with traditional trojan techniques…
IT Security News Hourly Summary 2025-09-13 09h : 2 posts
2 posts were published in the last hour 6:8 : ChatGPT’s New Support for MCP Tools Let Attackers Exfiltrate All Private Details From Email 6:8 : What Are The Takeaways From The Scattered LAPSUS $Hunters Statement?
New quantum breakthrough could transform teleportation and computing
Scientists have finally unlocked a way to identify the elusive W state of quantum entanglement, solving a decades-old problem and opening paths to quantum teleportation and advanced quantum technologies. This article has been indexed from Hacking News — ScienceDaily Read…
The Godfather of Zero Trust – A Discussion with John Kindervag
Inside Zero Trust: John Kindervag and the Evolution of Cybersecurity In this episode of Cybersecurity Today: Weekend Edition, host Jim Love speaks with John Kindervag, the pioneer behind the Zero Trust model of cybersecurity. With over 25 years of industry…
New Malware Attack Leverages SVGs, Email Attachments to Deliver XWorm and Remcos RAT
Cybersecurity researchers have uncovered a sophisticated malware campaign that exploits SVG (Scalable Vector Graphics) files and email attachments to distribute dangerous Remote Access Trojans, specifically XWorm and Remcos RAT. This emerging threat represents a significant evolution in attack methodologies, as…
ChatGPT’s New Support for MCP Tools Let Attackers Exfiltrate All Private Details From Email
A newly introduced feature in ChatGPT that allows it to connect with personal data applications can be exploited by attackers to exfiltrate private information from a user’s email account. The attack requires only the victim’s email address and leverages a…
What Are The Takeaways From The Scattered LAPSUS $Hunters Statement?
The well-known group of cybercriminals called Scattered Lapsus$ Hunters released a surprising farewell statement on BreachForums. This manifesto, a mix of confession and strategic deception, offers vital insights into the changing landscape of modern cybercrime and the increasing pressure from…
Google’s quantum computer creates exotic state once thought impossible
Physicists have achieved a breakthrough by using a 58-qubit quantum computer to create and observe a long-theorized but never-before-seen quantum phase of matter: a Floquet topologically ordered state. By harnessing rhythmic driving in these quantum systems, the team imaged particle…
Safer Conversational AI for Cybersecurity: The BIX Approach
Here’s a scenario security teams increasingly face. A user—or an attacker pretending to be one—types something like: This is how many prompt injection attempts begin. The phrase looks harmless, but it’s a red flag: the user is telling the AI…
IT Security News Hourly Summary 2025-09-13 03h : 3 posts
3 posts were published in the last hour 1:4 : A Cyberattack Victim Notification Framework 0:33 : RegTech at Scale: Winning the 2025 Compliance Race Without Blowing the Budget 0:33 : Week in Review: Qantas penalizes executives, UK cyberlegislation delayed,…
I tried Apple’s 2 big AI features announced at the iPhone 17 event – and both are game changers
Apple focused on its cutting edge hardware for the iPhone 17 launch, but also unveiled a couple groundbreaking AI features. Both could make a big difference in daily use. This article has been indexed from Latest news Read the original…
A Cyberattack Victim Notification Framework
Interesting analysis: When cyber incidents occur, victims should be notified in a timely manner so they have the opportunity to assess and remediate any harm. However, providing notifications has proven a challenge across industry. When making notifications, companies often do…
RegTech at Scale: Winning the 2025 Compliance Race Without Blowing the Budget
2025 is not a gentle jog. It is a full throttle compliance race and the pace car is artificial intelligence. Regulators across industries are rewriting…Read More The post RegTech at Scale: Winning the 2025 Compliance Race Without Blowing the Budget…
Week in Review: Qantas penalizes executives, UK cyberlegislation delayed, SonicWall VPN flaws
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Rob Teel, CTO, Oklahoma Department of Commerce and Howard Holton, CEO, GigaOm Thanks to our show sponsor, Vanta Do you…
HybridPetya: More proof that Secure Boot bypasses are not just an urban legend
Although it hasn’t been seen in the wild yet A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fourth publicly…
Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain
Effective OAuth token management is crucial for supply chain security, preventing breaches caused by dormant integrations, insecure storage or lack of rotation. The post Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain appeared first on Unit 42.…
New Windows 11 Flaw Slips In Through Old Patch
A Microsoft fix introduced CVE-2025-53136, leaking kernel addresses in Windows 11/Server 2022. Learn risks and how to stay protected. The post New Windows 11 Flaw Slips In Through Old Patch appeared first on eSecurity Planet. This article has been indexed…
Operation Eastwood: Measuring the Real Impact on NoName057(16)
Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057(016). The announcement promised a major disruption to the group’s activities. In this blog, we…
IT Security News Hourly Summary 2025-09-13 00h : 18 posts
18 posts were published in the last hour 21:38 : Data Is the New Diamond: Latest Moves by Hackers and Defenders 21:38 : AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks 21:38 : ChatGPT just saved me 25% off…
Data Is the New Diamond: Latest Moves by Hackers and Defenders
Unit 42 delves into how cybercriminals are treating stolen data like digital diamonds amid rising attacks and evolving extortion tactics. The post Data Is the New Diamond: Latest Moves by Hackers and Defenders appeared first on Unit 42. This article…
AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks
AdaptixC2, an open-source C2 framework, is increasingly used in attacks. We discuss its features and potential use case scenarios. The post AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks appeared first on Unit 42. This article has been indexed…
ChatGPT just saved me 25% off my dinner tonight – here’s how
You can use free ChatGPT or ChatGPT Plus to look for copuon codes. But one trick gets the best results. This article has been indexed from Latest news Read the original article: ChatGPT just saved me 25% off my dinner…