The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. “The RayInitiator…
LockBit 5.0 Ransomware Targets Windows, Linux, and VMware ESXi Systems
Cybersecurity researchers at Trend Micro have discovered a new and dangerous variant of LockBit ransomware that targets Windows, Linux, and VMware ESXi systems, utilizing advanced obfuscation techniques and sophisticated cross-platform capabilities. Advanced Multi-Platform Attack Strategy LockBit 5.0 represents a significant…
Salesforce AI Agent Vulnerability Lets Attackers Steal Sensitive Data
Cybersecurity researchers at Noma Labs have discovered a critical vulnerability in Salesforce’s Agentforce AI platform that could allow attackers to steal sensitive customer data through sophisticated prompt injection techniques. The vulnerability, dubbed “ForcedLeak,” carries a CVSS score of 9.4, indicating…
Delinea releases free open-source MCP server to secure AI agents
AI agents are becoming more common in the workplace, but giving them access to sensitive systems can be risky. Credentials often get stored in plain text, added to prompts, or passed around without proper oversight. Delinea wants to fix that…
New Phishing Attack Targeting PyPI Maintainers to Steal Login Credentials
A sophisticated phishing campaign has emerged targeting maintainers of packages on the Python Package Index (PyPI), employing domain confusion tactics to steal authentication credentials from unsuspecting developers. The attack leverages fraudulent emails designed to mimic official PyPI communications, directing recipients…
How agentic AI is changing the SOC
In this Help Net Security video, David Norlin, CTO of Lumifi, explores the role of agentic AI in the security operations center (SOC). He explains what agentic AI is, how it can enhance cybersecurity workflows by automating repetitive tasks, and…
ISC Stormcast For Friday, September 26th, 2025 https://isc.sans.edu/podcastdetail/9630, (Fri, Sep 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, September 26th, 2025…
Hackers Exploiting WordPress Websites With Silent Malware to Gain Admin Access
A sophisticated malware campaign targeting WordPress websites has been discovered employing advanced steganographic techniques and persistent backdoor mechanisms to maintain unauthorized administrator access. The malware operates through two primary components that work in tandem to create a resilient attack infrastructure,…
Threat Actors Using Copyright Takedown Claims to Deploy Malware
A sophisticated malware campaign orchestrated by the Vietnamese Lone None threat actor group has been leveraging fraudulent copyright infringement takedown notices to deploy information-stealing malware onto unsuspecting victims’ systems. The campaign, which has been actively tracked since November 2024, represents…
Infosec products of the month: September 2025
Here’s a look at the most interesting products from the past month, featuring releases from: Absolute Security, Blackdot Solutions, Catchpoint, Cynomi, DataLocker, Gigamon, Lookout, Nagomi Security, Neon Cyber, QuSecure, Relyance AI, Secure Code Warrior, and Teleport. Cynomi simplifies vendor risk…
CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities
Cisco published advisories and a supplemental post about three zero-day vulnerabilities, two of which were exploited in the wild by an advanced threat actor associated with the ArcaneDoor campaign. Update September 25: This FAQ blog has been updated to include…
Thousands of Indian bank transfer records found online
Security researchers found the exposed Indian bank transfer records and the data was eventually secured, but nobody wants to take responsibility for the security lapse. This article has been indexed from Security News | TechCrunch Read the original article: Thousands…
How to Manage Shadow AI Risk Without Killing Innovation
Shadow AI isn’t a fringe behavior; it’s the norm. My team recently analyzed AI usage patterns across multiple industries and found signs of unapproved AI activity in more than 80% of the 100+ customer organizations sampled. Whether it’s sales teams…
Google Warns of BRICKSTORM Malware Driving Supply Chain Intrusions
China-linked hackers use BRICKSTORM malware to hit tech, SaaS, and legal firms, threatening the US supply chain. The post Google Warns of BRICKSTORM Malware Driving Supply Chain Intrusions appeared first on eSecurity Planet. This article has been indexed from eSecurity…
Viral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcripts
Call recording app Neon was one of the top-ranked iPhone apps, but was pulled offline after a security bug allowed any logged-in user to access the call recordings and transcripts of any other user. This article has been indexed from…
Malicious MCP Server Found Quietly Stealing Emails
A popular MCP server in the NPM repository that was being downloaded 1,500 times a week suddenly began quietly copying emails and sending them to a C2 server after the developer inserted a line of code. Koi Security researchers said…
Critical Cisco IOS/IOS XE Vulnerability Could Expose Networks
Cisco TACACS+ vulnerability threatens sensitive data. The post Critical Cisco IOS/IOS XE Vulnerability Could Expose Networks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Critical Cisco IOS/IOS XE Vulnerability Could Expose…
North Korea’s Lazarus Group shares its malware with IT work scammers
Keeping Pyongyang’s coffers full North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang’s infamous Lazarus Group deploys.… This…
U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CISCO Secure Firewall ASA and Secure FTD flaws to its…
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild.…
New LockBit 5.0 Targets Windows, Linux, ESXi
Trend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless cross-platform capabilities for Windows, Linux, and ESXi systems. This article has been indexed from Trend…
Enabling AI adoption at scale through enterprise risk management framework – Part 1
According to BCG research, 84% of executives view responsible AI as a top management responsibility, yet only 25% of them have programs that fully address it. Responsible AI can be achieved through effective governance, and with the rapid adoption of…
Enabling AI adoption at scale through enterprise risk management framework – Part 2
In Part 1 of this series, we explored the fundamental risks and governance considerations. In this part, we examine practical strategies for adapting your enterprise risk management framework (ERMF) to harness generative AI’s power while maintaining robust controls. This part…
Great Scott, I’m tired
Hazel celebrates unseen effort in cybersecurity and shares some PII. Completely unrelated, but did you know “Back to the Future” turns 40 this year? This article has been indexed from Cisco Talos Blog Read the original article: Great Scott, I’m…