A sophisticated attack campaign exploiting a Google Chrome zero-day vulnerability tracked as CVE-2025-2783, marking yet another instance of advanced persistent threat (APT) groups leveraging previously unknown security flaws to compromise high-value targets. The vulnerability, which enables sandbox escape capabilities, has…
Critical sslh Vulnerabilities Let Hackers Trigger Remote DoS Attacks
Two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port. The flaws tracked as CVE-2025-46807 and CVE-2025-46806 could be exploited remotely to trigger denial-of-service (DoS) attacks. The vulnerabilities affect sslh versions prior…
Kimsuky and Konni APT Groups Accounts Most Active Attacks Targeting East Asia
North Korean state-sponsored advanced persistent threat (APT) groups Kimsuky and Konni have emerged as the most prolific cyber threat actors targeting East Asian nations, according to the latest threat intelligence findings. In April 2025, these groups orchestrated the highest number…
Beware of Weaponized Research Papers That Delivers Malware Via Password-Protected Documents
A newly identified malware campaign orchestrated by the notorious Kimsuky group has been leveraging password-protected research documents to infiltrate academic networks and compromise sensitive systems. This sophisticated attack represents a significant evolution in social engineering tactics, exploiting the academic community’s…
New Sophisticated Multi-Stage Malware Campaign Weaponizes VBS Files to Execute PowerShell Script
Security researchers have uncovered a sophisticated malware campaign utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy multiple types of remote access trojans (RATs). The campaign, discovered in June 2025, involves a cluster of 16 open directories containing obfuscated…
US Insurance Industry Warned of Scattered Spider Attacks
Google is warning insurance companies that Scattered Spider appears to have shifted its focus from the retail sector. The post US Insurance Industry Warned of Scattered Spider Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
How Azul and Moderne Are Boosting Java Developer Productivity
Moderne and Azul are helping development teams identify, remove, and refactor unused and dead code to improve Java developer productivity. The post How Azul and Moderne Are Boosting Java Developer Productivity appeared first on Azul | Better Java Performance, Superior…
Novel TokenBreak Attack Method Can Bypass LLM Security Features
Researchers with HiddenLayers uncovered a new vulnerability in LLMs called TokenBreak, which could enable an attacker to get around content moderation features in many models simply by adding a few characters to words in a prompt. The post Novel TokenBreak…
Zoomcar Data Breach Exposes Personal Info of 8.4 Million Users
Zoomcar confirms 2025 breach affecting 8.4M users, echoing its 2018 data leak. Personal info exposed, financial data safe, investigation ongoing. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article:…
Backups Are Under Attack: How to Protect Your Backups
Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go…
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution. Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital…
Are Forgotten AD Service Accounts Leaving You at Risk?
For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts (created for legacy applications, scheduled tasks, automation scripts, or…
Circumvent Raises $6 Million for Cloud Security Platform
Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation. The post Circumvent Raises $6 Million for Cloud Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Sumsub Device Intelligence offers protection against identity threats
Sumsub is expanding its Fraud Prevention solution with advanced Device Intelligence, enhanced by the Fingerprint platform. Designed to identify threats before they escalate, Device Intelligence offers real-time insights with accuracy into user integrity by analyzing device behavior and network-level data beyond…
Hackers Use Fake Verification Prompt and Clickfix Technique to Deploy Fileless AsyncRAT
Threat actors are leveraging deceptive tactics to distribute a fileless variant of AsyncRAT, a notorious remote access Trojan. Discovered during routine attacker infrastructure analysis, this operation employs a fake verification prompt themed around the “Clickfix” technique to trick users into…
WhatsApp’s Status Tab Set to Feature Ads as Meta Monetizes Platform
WhatsApp, the world’s most popular messaging app, is entering a new era as Meta officially begins rolling out advertisements within its Updates tab—a move that marks the platform’s most significant shift in monetization since its inception. The announcement, made on…
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP…
Where AI Provides Value
If you’ve worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a…
Reddit’s new AI-powered tools scan your posts to serve you better ads
Reddit has announced more AI-powered tools to help advertisers. But do users care for it? This article has been indexed from Malwarebytes Read the original article: Reddit’s new AI-powered tools scan your posts to serve you better ads
Smart air fryers ordered to stop invading our digital privacy
In a confirmation that we’ve gone full Black Mirror, air fryer and other IoT manufacturers are being told to stop playing with our data. This article has been indexed from Malwarebytes Read the original article: Smart air fryers ordered to…
Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal This article has been indexed from www.infosecurity-magazine.com Read the original article: Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution
IT Security News Hourly Summary 2025-06-17 12h : 3 posts
3 posts were published in the last hour 9:38 : Dutch Court Upholds Competition Ruling Against Apple 9:38 : OpenAI ‘Considers’ Making Antitrust Allegations Against Microsoft 9:38 : TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert
ASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on Windows
A critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a recent disclosure by Cisco Talos and confirmed by ASUS. The flaw, tracked as CVE-2025-3464, allows attackers…
Hackers Deliver Fileless AsyncRAT Using Clickfix Technique via Fake Verification Prompt
A sophisticated fileless malware campaign targeting German-speaking users has emerged, employing deceptive verification prompts to distribute AsyncRAT through the increasingly popular Clickfix technique. The malware masquerades as a legitimate “I’m not a robot” CAPTCHA verification, tricking victims into executing malicious…
XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users
A sophisticated cyber espionage campaign attributed to the XDSpy threat actor has recently been discovered exploiting a zero-day vulnerability in Windows shortcut files. This threat actor, which has operated largely undetected from 2011 until its initial discovery in 2020, has…
Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers
CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
We analyze two new KimJongRAT stealer variants, combining new research with existing knowledge. One uses a Portable Executable (PE) file and the other PowerShell. The post Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation appeared first on Unit…