Medusa ransomware hit SimonMed Imaging, stealing 200 GB of data and impacting over 1.2 million people in a major healthcare data breach. SimonMed Imaging suffered a ransomware attack by the Medusa group, which claimed to have stolen 200 GB of…
Microsoft Intune MDM and Entra ID Leveraged to Elevate your Trust in Device Identity
New research uncovers valuable insights hidden within Microsoft Intune’s Mobile Device Management (MDM) certificates, offering a more reliable way to verify device and tenant identities compared to traditional methods like registry values. These certificates, issued to enrolled devices, contain Object…
Malicious Code on Unity Website Skims Information From Hundreds of Customers
The video game software development company says the incident impacted users of its SpeedTree website. The post Malicious Code on Unity Website Skims Information From Hundreds of Customers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Lattice MachXO5-NX TDQ prepare organizations for quantum-era security threats
Lattice Semiconductor introduced the Lattice MachXO5-NX TDQ family, a secure control FPGAs with full Commercial National Security Algorithm (CNSA) 2.0-compliant post-quantum cryptography (PQC) support. Built on the Lattice Nexus platform, MachXO5-NX TDQ FPGAs deliver security, reliability, and flexibility for Computing,…
IT Security News Hourly Summary 2025-10-13 15h : 5 posts
5 posts were published in the last hour 13:2 : Is Hacking Back Ever a Good Strategy? 13:2 : Pro-Russian Hacktivist Targets OT/ICS Systems to Harvest Credentials 12:32 : Axis Communications Vulnerability Exposes Azure Storage Credentials 12:32 : China probes…
Bridging the AI gap: governing emerging technologies in an evolving digital landscape
Chris Dimitriadis, Chief Global Strategy Officer at ISACA, highlights that AI is driving transformative growth across European businesses. By implementing strong policies and safeguards, organisations can harness AI responsibly and securely to unlock its full potential. This article has been…
Russian Cybercrime Marketplace Shifting from RDP Access to Malware Stealer Log Exploits
The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol (RDP) access to becoming one of the most active underground hubs for information-stealing malware logs. Stolen user credentials are traded daily, and each compromised login represents a…
Write Once, Enforce Everywhere: Reusing Rego Policies Across Build and Runtime
In most organizations, security and compliance are enforced twice — once during build-time checks and again at runtime through admission controllers and monitoring systems. Often, the policies written at build-time are not reused at runtime, leading to drift, redundancy, and…
Microsoft ‘illegally’ tracked students via 365 Education, says data watchdog
Redmond argued schools, education authorities are responsible for GDPR An Austrian digital privacy group has claimed victory over Microsoft after the country’s data protection regulator ruled the software giant “illegally” tracked students via its 365 Education platform and used their…
Oracle Warns of New EBS Vulnerability That Allows Remote Access
Oracle issued another security alert about a vulnerability in its E-Business Suite that could be remotely exploited by bad actors without the need for a username or password, similar to other flaws found in the software packages abused in recent…
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week’s edition looks…
New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard…
Why you keep getting job scam texts
You’re in line for coffee when your phone buzzes: “Hi! We reviewed your profile for a remote job. $1,200/week, no experience needed! Text YES to learn more.” Looks tempting at first glance, right? But if your scam radar isn’t going…
AI Governance: Building a Responsible Foundation for Innovation
AI is becoming increasingly central to digital transformation strategies, but a corresponding responsibility must match its potential. Read insights about AI governance from Fortinet’s CISO and VP Information Security. This article has been indexed from CISO Collective Read the…
Threat Actors Weaponize Discord Webhooks for Command and Control with npm, PyPI, and Ruby Packages
Cybercriminals have discovered a novel way to co-opt Discord webhooks as surrogate command-and-control (C2) channels across popular language ecosystems. Unlike traditional C2 servers, webhooks offer free, low-profile exfiltration that blends seamlessly into legitimate HTTPS traffic. Over the past month, malicious…
New RMPocalypse Attack Let Hackers Break AMD SEV-SNP To Exfiltrate Confidential Data
A critical vulnerability in AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP), a cornerstone of confidential computing deployed by major cloud providers like AWS, Azure, and Google Cloud. Dubbed RMPocalypse, the attack exploits a flaw in the initialization of…
Astaroth Banking Malware Leveraging GitHub to Host Malware Configurations
A new wave of the Astaroth banking trojan has emerged, leveraging a novel approach to distribute its malicious configuration files. First detected in late 2025, this latest campaign employs GitHub’s raw content service to host encrypted JSON configurations containing target…
SonicWall SSL VPN Accounts in Attacker Crosshairs
Threat actors have rapidly compromised more than 100 SonicWall SSL VPN accounts pertaining to over a dozen entities. The post SonicWall SSL VPN Accounts in Attacker Crosshairs appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Sensitive Information of NSW Flood Victims Mistakenly Entered into ChatGPT
A serious data breach involving the personal details of thousands of flood victims has been confirmed by the New South Wales government in an unsettling development that highlights the fragile boundary between technology and privacy. There has been an…
Clop Ransomware Exploits Oracle Zero-Day in Major Extortion Campaign
The Clop ransomware gang has orchestrated a massive extortion campaign targeting Oracle E-Business Suite customers by exploiting a critical zero-day vulnerability tracked as CVE-2025-61882. The vulnerability, which carries a CVSS score of 9.8, affects Oracle EBS versions 12.2.3 through…
Qilin Ransomware Hits Beer Giant Asahi
A cyberattack has temporarily disrupted the operations of Asahi Group Holdings, Japan’s largest brewing company. The Qilin ransomware group has taken The post Qilin Ransomware Hits Beer Giant Asahi first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
Harvard Probes Breach Tied To Oracle Flaw
Harvard University is investigating a data breach after the notorious Clop ransomware gang listed the school on its data leak site. The group claims to have stolen data The post Harvard Probes Breach Tied To Oracle Flaw first appeared on…
Rust Malware ChaosBot Exploits Discord
A new backdoor, dubbed ChaosBot, has been discovered by cybersecurity researchers. The malware, which is written in the Rust programming language The post Rust Malware ChaosBot Exploits Discord first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…