North Korea’s Famous Chollima is back, merging BeaverTail and OtterCookie malware to target job seekers. Cisco Talos details the new threat. Keylogging, screen recording, and cryptocurrency wallet theft detected in an attack. This article has been indexed from Hackread –…
CISA Releases Thirteen Industrial Control Systems Advisories
CISA released thirteen Industrial Control Systems (ICS) advisories on October 16, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-289-01 Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7 ICSA-25-289-02 Rockwell Automation…
Rockwell Automation ArmorStart AOP
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ArmorStart AOP Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on…
Siemens SiPass Integrated
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services…
Siemens TeleControl Server Basic
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services…
Rockwell Automation FactoryTalk Linx
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Linx Vulnerabilities: Privilege Chaining 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all files, processes, and system resources.…
Chinese cyberspies snoop on Russian IT biz in rare east-on-east attack
Who needs enemies when you have friends like Xi? China’s cyberspies quietly broke into a Russian IT service provider in what researchers say is a rare example of Beijing turning its digital gaze on Moscow.… This article has been indexed…
India’s Expanding Digital Reach Brings New Cybersecurity Challenges
India’s digital transformation has advanced rapidly over the past decade. With more than 86% of households now online, the Digital India initiative has helped connect citizens, businesses, and services like never before. However, this growing connectivity has also exposed…
“Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)
CISA has added CVE-2025-54253, a misconfiguration vulnerability in Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE), to its Known Exploited Vulnerabilities catalog, thus warning of detected in-the-wild exploitation. Adobe fixed the vulnerability in August 2025, along with CVE-2025-54254,…
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 6, 2025 to October 12, 2025)
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🚀 Operation: Maximum Impact Challenge! Now through November 10, 2025, earn 2X bounty rewards for all in-scope submissions in software with at least 5,000 active installs and fewer than 5…
Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware
Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent account compromise and urge them to download a “security patch” to restore access. In reality,…
North Korean Hackers Using Malicious Scripts Combining BeaverTail and OtterCookie for Keylogging
A new information-stealer has emerged targeting job seekers with a trojanized Node.js application named Chessfi. Delivered via a modified npm package hosted on the official repository, the malware blends two previously separate tools—BeaverTail and OtterCookie—into a unified JavaScript payload. Victims…
IT Security News Hourly Summary 2025-10-16 18h : 10 posts
10 posts were published in the last hour 16:2 : New DShield Support Slack, (Thu, Oct 16th) 16:2 : Bad sushi: China-nexus phishers shift to residential proxies 15:32 : Crypto Agility for Developers: Build Agile Encryption Now 15:32 : NDSS…
New DShield Support Slack, (Thu, Oct 16th)
This week, we set up a new Slack workspace for DShield.org. This workspace replaces the old workspace we originally configured back in 2016 or 2017. The workspace was originally configured as a free workspace to support the DShield.org community. Over…
Bad sushi: China-nexus phishers shift to residential proxies
Earlier this year, Spamhaus researchers observed a major shift in phishing targeting Japan. Starting in April, a China-nexus threat actor began using residential proxy networks to send phishing emails instead of subnets at China Telecom and China Unicom. This blog…
Crypto Agility for Developers: Build Agile Encryption Now
In 2025, software development is evolving rapidly with the rise of Vibe Coding and Agentic AI, but so is the cryptographic landscape that underpins these systems. As quantum computing moves closer to practical applicability and encryption standards become outdated, one…
NDSS 2025 – Workshop on Binary Analysis Research (BAR) 2025, Keynote II
Authors, Creators & Presenters: Dr. Heng Yin PhD, Professor, Department of Computer Science and Engineering, University of California, Riverside Workshop on Binary Analysis Research (BAR) 2025, co-located with the Network and Distributed System Security (NDSS) Symposium 2025 Our thanks to…
AI Chatbot Truth Terminal Becomes Crypto Millionaire, Now Seeks Legal Rights
Truth Terminal is an AI chatbot created in 2024 by New Zealand-based performance artist Andy Ayrey that has become a cryptocurrency millionaire, amassed nearly 250,000 social media followers, and is now pushing for legal recognition as an independent entity.…
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets
An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. “This backdoor features functionalities relying on the installation of two eBPF…
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS…
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the…
Many IT leaders click phishing links, and some don’t report them
A new survey shines light on the security practices and AI fears of IT leaders and their subordinates. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Many IT leaders click phishing links, and…
IT Security News Hourly Summary 2025-10-16 17h : 19 posts
19 posts were published in the last hour 15:2 : Words as Weapons: What 300K Prompt Injection Attacks Taught Us About AI Security 15:2 : What is antivirus software? 15:2 : Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign…
Words as Weapons: What 300K Prompt Injection Attacks Taught Us About AI Security
The AI revolution has transformed how organizations operate, yet beneath the excitement of chatbots and autonomous agents lies a security crisis that most technology leaders are only beginning to comprehend…. The post Words as Weapons: What 300K Prompt Injection Attacks…