The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the…
IT Security News Hourly Summary 2025-10-22 18h : 10 posts
10 posts were published in the last hour 16:5 : Rival Hackers Dox Alleged Operators of Lumma Stealer 16:4 : Lumma Infostealer Malware Attacks Users to Steal Browser Cookies, Cryptocurrency Wallets and VPN/RDP Accounts 16:4 : New Tykit Phishing Kit…
Rival Hackers Dox Alleged Operators of Lumma Stealer
Rival hackers expose the alleged operators behind Lumma Stealer, a major data-theft malware, causing leaks and internal chaos that have slowed its growth. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More…
Lumma Infostealer Malware Attacks Users to Steal Browser Cookies, Cryptocurrency Wallets and VPN/RDP Accounts
Since its emergence in August 2022, Lumma Infostealer has rapidly become a cornerstone of malware-as-a-service platforms, enabling even unskilled threat actors to harvest high-value credentials. Delivered primarily via phishing sites masquerading as cracked software installers, the malicious payload is encapsulated…
New Tykit Phishing Kit Mimics Microsoft 365 Login Pages to Steal Corporate Account Credentials
A sophisticated phishing kit dubbed Tykit, which impersonates Microsoft 365 login pages to harvest corporate credentials. First detected in May 2025, the kit has surged in activity during September and October, exploiting SVG files as a stealthy delivery mechanism. Unlike…
Survey: Cybersecurity Teams Struggling to Keep Pace in the Age of AI
A survey of 1,100 cybersecurity and IT professionals published this week finds more than three quarters (76%) report their organization is struggling to keep pace with cyberattacks that have increased in both volume and sophistication. Conducted by the market research…
MuddyWater Uses Compromised Mailboxes in Global Phishing Campaign
Group-IB has uncovered a phishing campaign by Iran-linked MuddyWater, exploiting compromised emails for foreign intelligence This article has been indexed from www.infosecurity-magazine.com Read the original article: MuddyWater Uses Compromised Mailboxes in Global Phishing Campaign
PhantomCaptcha Campaign Targets Ukraine Relief Organizations
SentinelLABS Researchers have uncovered a new phishing campaign, PhantomCaptcha, targeting aid organizations supporting Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: PhantomCaptcha Campaign Targets Ukraine Relief Organizations
Dataminr to Acquire Cybersecurity Firm ThreatConnect in $290M Deal
The acquisition aims to merge Dataminr’s AI-driven real-time event detection with ThreatConnect’s internal threat management capabilities. The post Dataminr to Acquire Cybersecurity Firm ThreatConnect in $290M Deal appeared first on TechRepublic. This article has been indexed from Security Archives –…
Sam Altman’s eye-scanning orb promises to prove humanity in the age of AI bots
Ever wonder if you’re talking to a real person online or just another bot? As bots increasingly outnumber humans online, leading to an explosion of deepfakes and AI-driven fraud, one company has a solution straight out of sci-fi: scanning your…
This free IGA tool boosts your identity security
Here are five ways tenfold’s free IGA solution helps you streamline identity governance and access control. Partner Content In a world where one wrong click can set off a catastrophic breach, organizations must control what their users have access to…
How to detect disposable email domains without relying on 3rd party APIs and lists
To scale a fraud or bot attack, adversaries need more than just realistic automation. They need infrastructure. A convincing browser fingerprint and human-like interaction (mouse movements, keystrokes, etc.) are table stakes. But even with a clean setup, most attackers also…
When Addressing Cyber Attacks in Healthcare, Prevention is Better Than Treatment
No industry is spared from cyber-attacks. But some have greater consequences than others. When a hospital or medical group experiences a breach, people’s private and legally protected data can become… The post When Addressing Cyber Attacks in Healthcare, Prevention is…
TARmageddon Flaw in Popular Rust Library Leads to RCE
The vulnerability impacts multiple Rust tar parsers, allowing attackers to smuggle additional archive entries. The post TARmageddon Flaw in Popular Rust Library Leads to RCE appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
AI security flaws afflict half of organizations
EY suggested multiple ways for organizations to reduce AI-related hacking risks. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: AI security flaws afflict half of organizations
CISA’s international, industry and academic partnerships slashed
The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: CISA’s international, industry and academic partnerships slashed
webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant?, (Wed, Oct 22nd)
Starting yesterday, some of our honeypots received POST requests to “/cgi-bin/webctrl.cgi”, attempting to exploit an OS command injection vulnerability: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: webctrl.cgi/Blue Angel Software Suite Exploit…
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A…
Attackers target retailers’ gift card systems using cloud-only techniques
A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and…
Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters
Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated filters and human scrutiny. In 2025, attackers are noted tried-and-true approaches—like password-protected attachments and calendar invites—with new twists such as…
Critical Vulnerability In Oracle E-Business Suite’s Marketing Product Allows Full Access To Attackers
Oracle has disclosed two critical vulnerabilities in its E-Business Suite’s Marketing product that could hand full control to remote attackers. Dubbed CVE-2025-53072 and CVE-2025-62481, these flaws affect the Marketing Administration component and carry a perfect storm CVSS score of 9.8,…
Chinese Hackers Using ToolShell Vulnerability To Compromise Networks Of Government Agencies
China-based threat actors have exploited the critical ToolShell vulnerability in Microsoft SharePoint servers to infiltrate networks across multiple continents, targeting government agencies and critical infrastructure in a suspected espionage campaign. This vulnerability, identified as CVE-2025-53770, enables unauthenticated remote code execution…
Decoding Microsoft 365 Audit Log Events Using Bitfield Mapping Technique – Investigation Report
When users authenticate to Microsoft cloud services, their activities generate authentication events recorded across multiple logging systems. Microsoft Entra sign-in logs and Microsoft 365 audit logs capture identical authentication events but represent this critical security data using different formats. Security…
Multiple Gitlab Security Vulnerabilities Let Attackers Trigger DoS Condition
GitLab has urgently released patch versions 18.5.1, 18.4.3, and 18.3.5 for its Community Edition (CE) and Enterprise Edition (EE) to address multiple critical security flaws, including several high-severity denial-of-service (DoS) vulnerabilities. These updates fix issues allowing specially crafted payloads to…