Phantom Taurus is a previously undocumented Chinese threat group. Explore how this group’s distinctive toolset lead to uncovering their existence. The post Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite appeared first on…
Researchers Publish Technical Analysis of Linux Sudo Privilege Escalation
A team of security researchers has released an in-depth technical report on CVE-2025-32463, a critical local privilege escalation flaw in the widely used Linux sudo utility. The vulnerability, which affects sudo versions 1.9.14 through 1.9.17, allows a local attacker with…
Britain’s policing minister punts facial recog nationwide
Met’s Croydon cameras hailed as a triumph, guidance to be published later this year The government is to encourage police forces across England and Wales to adopt live facial recognition (LFR) technology, with a minister praising its use by the…
Legit’s Command Center tracks AI code, models, and MCP server usage across the SDLC
Legit Security has updated its AI Security Command Center. As vibe coding and AI-first development reshape how software is built, the Command Center offers visibility into when, where, and how AI-generated code, AI models, and MCP servers are used across…
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August…
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the…
U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva…
£5.5B Bitcoin fraudster pleads guilty after years on the run
Zhimin Qian recruited takeaway worker to launder funds through property overseas London’s Metropolitan Police has secured a “landmark conviction” following a record-busting Bitcoin seizure and seven-year investigation.… This article has been indexed from The Register – Security Read the original…
Cyberattack on Beer Giant Asahi Disrupts Production
The incident has resulted in a system failure that impacted orders and shipments in Japan, and call center operations. The post Cyberattack on Beer Giant Asahi Disrupts Production appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Asahi Suspends Operations in Japan After Cyber-Attack
Japanese brewery giant Asahi revealed that a cyber-attack had caused a “system failure”, with order and shipment operations suspended in Japan This article has been indexed from www.infosecurity-magazine.com Read the original article: Asahi Suspends Operations in Japan After Cyber-Attack
Threat Actors Exploiting MS-SQL Servers to Deploy XiebroC2 Framework
A surge in attacks targeting improperly managed MS-SQL servers, culminating in the deployment of the open-source XiebroC2 command-and-control (C2) framework. Similar in functionality to legitimate tools like Cobalt Strike, XiebroC2 offers capabilities for information gathering, remote control, and defense evasion,…
When ‘Oprah’ Smished Me: Smishing and AI-Driven Phishing Risks
An “Oprah” smishing scam shows how AI makes phishing smarter. Learn how to spot, stop, and protect yourself from evolving mobile threats. The post When ‘Oprah’ Smished Me: Smishing and AI-Driven Phishing Risks appeared first on eSecurity Planet. This article…
Fake Postmark MCP Server Silently Stole Thousands of Emails With a Single Line of Malicious Code
A malicious npm package masquerading as the official Postmark MCP Server has been exfiltrating user emails to an external server. This fake “postmark-mcp” module, available on npm from versions 1.0.0 through 1.0.15, built trust over 15 incremental releases before dropping…
U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London. The cryptocurrency seizure, amounting to…
Evolving Enterprise Defense to Secure the Modern AI Supply Chain
The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly into their platforms. Organizations are embracing AI-powered applications across every function, from marketing and…
CIISec Members Say Budgets Are Falling Behind Threats
Most UK cybersecurity professionals tell CIISec that their budgets are stagnating This article has been indexed from www.infosecurity-magazine.com Read the original article: CIISec Members Say Budgets Are Falling Behind Threats
Tips for Merging Large PDF Files Online
As more businesses rely on digital documents today, effective large file management has also become necessary. PDFs are… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Tips for…
APT35 Hackers Targeting Government and Military to Steal Login Credentials
Stormshield CTI researchers have identified two active phishing servers linked to APT35, revealing ongoing credential-stealing operations targeting government and military entities. In an active threat-hunting operation, Stormshield’s Cyber Threat Intelligence (CTI) team discovered two malicious servers exhibiting hallmark characteristics of…
Asahi halts ordering, shipping, and customer service after cyberattack
Japan’s top brewer Asahi suspends operations after a cyberattack, halting ordering, shipping, and customer service activities. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as…
Organizations Warned of Exploited Sudo Vulnerability
The vulnerability could allow local, low-privileged attackers to execute commands with root privileges, leading to full system compromise. The post Organizations Warned of Exploited Sudo Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Advanced Threat Hunting: Automating Large-Scale Operations with LLMs
Last week, we were fortunate enough to attend the fantastic LABScon conference, organized by the SentinelOne Labs team. While there, we presented a workshop titled ‘Advanced Threat Hunting: Automating Large-Scale Operations with LLMs.’ The main goal of this workshop was…
VMware Tools and Aria 0-Day Vulnerability Exploited for Privilege Escalation and Code Execution
A zero-day local privilege escalation vulnerability in VMware Tools and VMware Aria Operations is being actively exploited in the wild. The flaw, tracked as CVE-2025-41244, allows an unprivileged local attacker to gain root-level code execution on affected systems. On September…
IT Security News Hourly Summary 2025-09-30 09h : 8 posts
8 posts were published in the last hour 7:3 : Silent Smishing : The Hidden Abuse of Cellular Router APIs 7:3 : Veeam RCE Exploit Allegedly Listed for Sale on Dark Web 7:3 : Apple Font Parser Vulnerability Enables Malicious…
Malicious Code in Fake Postmark MCP Server Steals Thousands of Emails
A newly discovered attack on the npm ecosystem has exposed a deceptive backdoor embedded in a malicious package impersonating Postmark. The package, named postmark-mcp, quietly siphoned off thousands of emails from unsuspecting developers and organizations, all with just one line…