Hijacked calendar subscriptions are emerging as a stealthy new way for attackers to push phishing and malware directly onto devices. The post The Hidden Calendar Threat Putting 4 Million Apple Devices at Risk appeared first on eSecurity Planet. This article…
IT Security News Hourly Summary 2025-12-01 21h : 2 posts
2 posts were published in the last hour 19:31 : BreachLock Named a Leader in 2025 GigaOm Radar Report for Penetration Testing as a Service (PTaaS) for Third Consecutive Year 19:31 : Stealthy browser extensions waited years before infecting 4.3M…
BreachLock Named a Leader in 2025 GigaOm Radar Report for Penetration Testing as a Service (PTaaS) for Third Consecutive Year
New York, New York, 1st December 2025, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original article: BreachLock Named a Leader in 2025 GigaOm Radar Report for Penetration…
Stealthy browser extensions waited years before infecting 4.3M Chrome, Edge users with backdoors and spyware
And some are still active in the Microsoft Edge store A seven-year malicious browser extension campaign infected 4.3 million Google Chrome and Microsoft Edge users with malware, including backdoors and spyware sending people’s data to servers in China. And, according…
How to use Core Shell SSH, the PuTTY alternative for macOS
<p>Security and network administration depend on SSH. Administrators, developers and power users rely on the protocol to secure connections to remote servers, IoT devices, network devices and cloud resources. Windows users can use the <a href=”https://www.techtarget.com/searchsecurity/tutorial/How-to-use-PuTTY-for-SSH-key-based-authentication”>PuTTY utility</a> to connect to…
Coupang Breach Exposes Data of Nearly 34 Million Customers
A massive Coupang breach exposed nearly 34 million customers, highlighting insider-risk dangers and gaps in South Korea’s data protections. The post Coupang Breach Exposes Data of Nearly 34 Million Customers appeared first on eSecurity Planet. This article has been indexed…
European cops shut down crypto mixing website that helped launder 1.3 billion euros
Europol announced the seizure of Cryptomixer’s official website, as well as 25 million euros and 12 terabytes of data from the mixer’s service. This article has been indexed from Security News | TechCrunch Read the original article: European cops shut…
Coupang Data Breach Affects All 33.7 Million South Korean Accounts
Coupang confirms a data breach affecting 33.7 million users in South Korea, exposing names, contacts and order details. Investigation is ongoing. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the…
Building an OWASP 2025 Security Scanner in 48 Hours
OWASP dropped its 2025 Top 10 on November 6th with a brand-new category nobody saw coming: “Mishandling of Exceptional Conditions” (A10). I spent a weekend building a scanner to detect these issues and immediately found authentication bypasses in three different…
Coupang Data Breach Exposed Personal Data of 33.7 Million Customers Personal Records
South Korean e-commerce giant Coupang has confirmed a massive security incident affecting approximately 33.7 million customers, nearly the company’s entire user base. The breach, which exposed names, phone numbers, email addresses, shipping addresses, and order histories, has been traced back…
Bloody Wolf Hackers Mimic as Government Agencies to Deploy NetSupport RAT via Weaponized PDF’s
A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since late June 2025, the group has orchestrated spear-phishing campaigns primarily focusing on organizations within Kyrgyzstan…
Microsoft Confirms New Outlook Bug Blocking Excel Attachments
Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain non-ASCII characters. The technical glitch, tracked under the reference ID EX1189359, triggers a vague error…
TangleCrypt Windows Packer with Ransomware Payloads Evades EDR Using ABYSSWORKER Driver
A newly discovered Windows malware packer named TangleCrypt has emerged as a serious threat in ransomware attacks, specifically designed to evade endpoint detection and response (EDR) solutions. The packer was first observed during a September 2025 ransomware incident involving Qilin…
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024,…
India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud
India’s telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to a report from Reuters, the app cannot be deleted or disabled from…
Four arrested in South Korea over massive IP camera snooping spree
Plus: Aussie Wi-Fi phisher and Brit dark web dealer nailed Cybercrime suspects and offenders across three continents have been rounded up this week, with cases spanning hacked IP cameras in South Korea, evil twin Wi-Fi traps in Australia, and a…
Your Phone Is Being Tracked in Ways You Can’t See: One Click Shows the Truth
Many people believe they are safe online once they disable cookies, switch on private browsing, or limit app permissions. Yet these steps do not prevent one of the most persistent tracking techniques used today. Modern devices reveal enough technical…
Nvidia’s Strong Earnings Ease AI Bubble Fears Despite Market Volatility
Nvidia (NVDA) delivered a highly anticipated earnings report, and the AI semiconductor leader lived up to expectations. “These results and commentary should help steady the ship for the AI trade into the end of the year,” Jefferies analysts wrote…
IT Security News Hourly Summary 2025-12-01 18h : 9 posts
9 posts were published in the last hour 17:4 : Scientists just found a way to tell if quantum computers are wrong 17:4 : OpenAI Codex CLI Command Injection Vulnerability Let Attackers Execute Arbitrary Commands 17:4 : Hackers are Moving…
Scientists just found a way to tell if quantum computers are wrong
Researchers unveiled a new technique that validates quantum computer results—especially those from GBS devices—in minutes instead of millennia. Their findings expose unexpected errors in a landmark experiment, offering a crucial step toward truly reliable quantum machines. This article has been…
OpenAI Codex CLI Command Injection Vulnerability Let Attackers Execute Arbitrary Commands
OpenAI has patched a command injection flaw in its Codex CLI tool that allowed attackers to execute arbitrary commands on developers’ machines simply by getting a malicious configuration file into a project repository. The issue, now fixed in Codex CLI…
Hackers are Moving to “Living Off the Land” Techniques to Attack Windows Systems Bypassing EDR
Cybercriminals have found a more effective method to compromise Windows computers while evading detection by security software. Ivan Spiridonov observed that uploading malicious tools, hackers are now using legitimate Windows programs already installed on target systems, a tactic known as…
4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign
“ShadyPanda,” a sophisticated threat actor responsible for a seven-year campaign that has successfully infected 4.3 million Chrome and Edge users. By exploiting the inherent trust in browser marketplaces, ShadyPanda weaponized “Featured” and “Verified” extensions to deploy remote code execution (RCE)…
European police dismantle cryptocurrency mixer popular with ransomware gangs
Authorities have spent years trying to cripple the ecosystem that helps hackers hide their profits. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: European police dismantle cryptocurrency mixer popular with ransomware gangs