Kaspersky experts break down the recent BetterBank incident involving ESTEEM token bonus minting due to the lack of liquidity pool validation. This article has been indexed from Securelist Read the original article: Deep analysis of the flaw in BetterBank reward…
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November…
From Firewalls to Zero Trust: 10 Best Practices for Next-Gen Business Data Security
In today’s ever-evolving digital landscape, businesses must establish robust data security strategies to safeguard sensitive information from modern threats. The reality of escalating cyberattacks, such as the rise in ransomware and data breaches, has spotlighted the need for comprehensive, layered…
Netherlands Warns Voters Against Using AI
Dutch data protection authority says people turning to AI chatbots for voting advice are being given a distorted picture This article has been indexed from Silicon UK Read the original article: Netherlands Warns Voters Against Using AI
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been…
Scattered Lapsus$ Hunters Signal Shift in Tactics
Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks This article has been indexed from www.infosecurity-magazine.com Read the original article: Scattered Lapsus$ Hunters Signal Shift in Tactics
OpenAI Debuts AI-Enabled Browser, ChatGPT Atlas
OpenAI launches ChatGPT Atlas browser in direct competition with Google’s dominant Chrome, building AI into web experience This article has been indexed from Silicon UK Read the original article: OpenAI Debuts AI-Enabled Browser, ChatGPT Atlas
Vidar Stealer Exploits: Direct Memory Attacks Used to Capture Browser Credentials
On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums, introducing a sophisticated information-stealing malware that employs direct memory injection to bypass modern browser security protections. This new version represents…
Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025
Participants exploited 34 previously unknown vulnerabilities to hack printers, NAS devices, and smart home products. The post Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Keycard emerges from stealth with identity and access solution for AI agents
Keycard emerged from stealth with its identity and access platform for AI agents that integrates with organizations’ existing user identity solutions. Keycard’s platform identifies AI agents, lets users assign task-based permissions and dynamically enforces policy while tracking all activity. With…
Netherlands’ Axelera Expands AI Chip Range With ‘Europa’
Axelera’s Europa chip aimed at AI inference tasks complements Metis range for deployment in AI edge applications This article has been indexed from Silicon UK Read the original article: Netherlands’ Axelera Expands AI Chip Range With ‘Europa’
Are We Failing to Secure Files? Attackers Aren’t Failing to Check
According to a new Ponemon study, weak file protections now account for several cybersecurity incidents a year for many organizations. Unsafe file-sharing practices, malicious vendor files, weak access controls, and obscured file activity are largely to blame. File Integrity Monitoring…
UK data regulator defends decision not to investigate MoD Afghan data breach
ICO says probe unnecessary after reviewing ministry’s handling of leak The UK’s data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the lives of thousands of Afghans connected with the British…
Russian hackers replace malware with new tools, Windows updates cause login issues, campaign targets high-profile servers
Russian state hackers replace burned malware with new tools Recent Windows updates cause login issues on some PCs Sophisticated campaign targets servers of high-profile organizations Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs…
Google Partners with StopNCII to Block Revenge Porn
Google has partnered with UK nonprofit StopNCII to enhance its defenses against non-consensual intimate imagery (NCII), commonly known as revenge porn. This collaboration uses digital… The post Google Partners with StopNCII to Block Revenge Porn appeared first on Panda Security…
Netherlands, China In Talks Over Nexperia’s Future
Dutch Economy Minister speaks with China counterpart as auto industry fears shortage of chips from Netherlands’ Nexperia This article has been indexed from Silicon UK Read the original article: Netherlands, China In Talks Over Nexperia’s Future
Millions of Credentials Stolen Each Day by Stealer Malware
The cybercrime ecosystem surrounding stealer malware has reached unprecedented scale, with threat actors now processing millions of stolen credentials daily through sophisticated distribution networks. Security researchers have been monitoring these operations for nearly a year, revealing an alarming infrastructure that…
How to Detect and Mitigate Hit and Run DDoS Attacks
Most DDoS attacks are short in duration. According to Cloudflare, 92% of layer 3/4 attacks and 75% of HTTP DDoS attacks in Q2 2025,ended within 10 minutes. A subset of these are Hit and Run DDos Attacks, which are gaining…
Life, death, and online identity: What happens to your online accounts after death?
The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital footprints, spanning countless online accounts, from email and social media to banking, investments,…
IT Security News Hourly Summary 2025-10-22 09h : 3 posts
3 posts were published in the last hour 6:34 : New Rust Malware “ChaosBot” Hides Command-and-Control Inside Discord 6:34 : Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure 6:34 : Threat Actors Compromise Xubuntu Website To Deliver Malicious Windows…
New Rust Malware “ChaosBot” Hides Command-and-Control Inside Discord
A sophisticated, Rust-based malware dubbed ChaosBot has been exposed utilizing the Discord platform for its Command and Control (C2) operations. This isn’t your average botnet; it’s a new generation of threat that hides its malicious traffic by communicating over the…
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been quickly upgrading its malware since May 2025, when its LOSTKEYS malware was exposed.…
Threat Actors Compromise Xubuntu Website To Deliver Malicious Windows Executable
Threat actors infiltrated the official Xubuntu website, redirecting torrent downloads to a malicious ZIP file containing Windows-targeted malware. The incident, uncovered on October 18, 2025, highlights vulnerabilities in community-maintained Linux distribution sites amid rising interest in alternatives to end-of-life operating…
New Salt Typhoon Attacks Leverage Zero-Days and DLL Sideloading
Salt Typhoon represents one of the most persistent and sophisticated cyber threats targeting global critical infrastructure today. Believed to be linked to state-sponsored actors from the People’s Republic of China, this advanced persistent threat group has executed a series of…