The cybercrime landscape has undergone a dramatic transformation in 2025, with artificial intelligence emerging as a cornerstone technology for malicious actors operating in underground forums. According to Google’s Threat Intelligence Group (GTIG), the underground marketplace for illicit AI tools has…
Threat Actors May Abuse VS Code Extensions to Deploy Ransomware and Use GitHub as C2 Server
North Korean threat actors are evolving their attack strategies by leveraging developer-focused tools as infection vectors. Recent security discoveries reveal that Kimsuky, a nation-state group operating since 2012, has been utilizing JavaScript-based malware to infiltrate systems and establish persistent command…
Cisco warns of ‘new attack variant’ battering firewalls under exploit for 6 months
Plus 2 new critical vulns – patch now Cisco warned customers about another wave of attacks against its firewalls, which have been battered by intruders for at least six months. It also patched two critical bugs in its Unified Contact…
Cognitive Threat Analytics: How Seceon Enables Next-Gen SOC Defence
Introduction In the rapidly evolving cyber-threat landscape, traditional signature-based defences are no longer sufficient. Threat actors increasingly use stealth, lateral movement, encrypted channels, zero-day exploits and insider tactics. To keep pace, security operations centres (SOCs) need more than firewalls and…
Google sounds alarm on self-modifying AI malware
Google warns malware now uses AI to mutate, adapt, and collect data during execution, boosting evasion and persistence. Google’s Threat Intelligence Group (GTIG) warn of a new generation of malware that is using AI during execution to mutate, adapt, and…
New IDC research highlights a major cloud security shift
New IDC research shows why CISOs must move toward AI-powered, integrated platforms like CNAPP, XDR, and SIEM to reduce risk, cut complexity, and strengthen resilience. The post New IDC research highlights a major cloud security shift appeared first on Microsoft…
Italian political consultant says he was targeted with Paragon spyware
WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon. This article has been indexed from Security News | TechCrunch Read the original article: Italian political consultant says he was targeted…
Ubia Ubox
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ubia Equipment: Ubox Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely view camera feeds or modify…
Advantech DeviceOn/iEdge
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Advantech Equipment: DeviceOn/iEdge Vulnerabilities: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’), Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) 2.…
ABB FLXeon Controllers
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: FBXi, FBVi, FBTi, CBXi Vulnerabilities: Use of Hard-coded Credentials, Improper Validation of Specified Type of Input, Use of a One-Way Hash without a Salt…
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-310-01 Advantech DeviceOn iEdge ICSA-25-310-02 Ubia Ubox ICSA-25-310-03 ABB FLXeon Controllers ICSA-25-282-01 Hitachi Energy Asset Suite (Update A)…
New EndClient RAT Attacking Users by Leveraging Stolen Code-Signing to Bypass AV Detections
A sophisticated Remote Access Trojan labeled EndClient RAT has emerged as a significant threat targeting human rights defenders in North Korea, marking another escalation in advanced malware operations attributed to the Kimsuky threat group. This newly discovered malware represents a…
Multi-Staged ValleyRAT Uses WeChat and DingTalk to Attack Windows Users
ValleyRAT has emerged as a sophisticated multi-stage remote access trojan targeting Windows systems, with particular focus on Chinese-language users and organizations. First observed in early 2023, this malware employs a carefully orchestrated infection chain that progresses through multiple components—downloader, loader,…
Airstalk Malware Leverages AirWatch API MDM Platform to Establish Covert C2 Communication
Security researchers have uncovered a sophisticated new malware family targeting enterprise environments through a supply chain compromise. The malware, tracked as Airstalk, represents a significant shift in how attackers exploit legitimate enterprise management tools to evade detection and maintain persistent…
Android malware steals your card details and PIN to make instant ATM withdrawals
Forget card skimmers—this Android malware uses your phone’s NFC to help criminals pull cash straight from ATMs. This article has been indexed from Malwarebytes Read the original article: Android malware steals your card details and PIN to make instant ATM…
Conduent Healthcare Data Breach Exposes 10.5 Million Patient Records in Massive 2025 Cyber Incident
In what may become the largest healthcare breach of 2025, Conduent Business Solutions LLC disclosed a cyberattack that compromised the data of over 10.5 million patients. The breach, first discovered in January, affected major clients including Blue Cross Blue…
iOS 26 Update Erases Key Forensic Log, Hindering Spyware Detection on iPhones
Researchers have raised concerns that Apple’s latest software release, iOS 26, quietly removes a crucial forensic tool used to detect infections from sophisticated spyware such as Pegasus and Predator. The change affects a system file known as shutdown.log, a…
Why Ransomware Attacks Keep Rising and What Makes Them Unstoppable
In August, Jaguar Land Rover (JLR) suffered a cyberattack. JLR employs over 32,800 people and provides additional 104,000 jobs via it’s supply chain. JLR is the recent victim in a chain of ransomware attacks. Why such attacks? Our world is…
Google Probes Weeks-Long Security Breach Linked to Contractor Access
Google has launched a detailed investigation into a weeks-long security breach after discovering that a contractor with legitimate system privileges had been quietly collecting internal screenshots and confidential files tied to the Play Store ecosystem. The company uncovered the…
Attackers Exploit Critical Windows Server Update Services Flaw After Microsoft’s Patch Fails
Cybersecurity researchers have warned that attackers are actively exploiting a severe vulnerability in Windows Server Update Services (WSUS), even after Microsoft’s recent patch failed to fully fix the issue. The flaw, tracked as CVE-2025-59287, impacts WSUS versions dating back…
Take control of your privacy with updates on Malwarebytes for Windows
Malwarebytes for Windows introduces powerful privacy controls, so you get to decide how Microsoft uses your data—all from one simple screen. This article has been indexed from Malwarebytes Read the original article: Take control of your privacy with updates on…
Why Identity Intelligence Is the Front Line of Cyber Defense
Your data tells a story — if you know how to connect the dots. Every organization holds thousands of identity touchpoints: employee credentials, customer accounts, vendor portals, cloud logins. Each one is a potential doorway for attackers. But when viewed…
NDSS 2025 – – The (Un)usual Suspects – Studying Reasons For Lacking Updates In WordPress
SESSION Session 2B: Web Security Authors, Creators & Presenters: Maria Hellenthal (CISPA Helmholtz Center for Information Security), Lena Gotsche (CISPA Helmholtz Center for Information Security), Rafael Mrowczynski (CISPA Helmholtz Center for Information Security), Sarah Kugel (Saarland University), Michael Schilling (CISPA…
In financial sector, vendors lag behind customers on cybersecurity
Financial firms should be performing regular oversight of their vendors to avoid supply chain compromises, according to a new report. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: In financial sector, vendors lag…