The SEC has charged several crypto platforms and investment clubs for defrauding US investors of more than $14m This article has been indexed from www.infosecurity-magazine.com Read the original article: SEC Charges Crypto Firms in $14m Investment Scam
FBI Discovers 630 Million Stolen Passwords in Major Cybercrime Investigation
A newly disclosed trove of stolen credentials has underscored the scale of modern cybercrime after U.S. federal investigators uncovered hundreds of millions of compromised passwords on devices seized from a single suspected hacker. The dataset, comprising approximately 630 million…
Security Flaw Exposes Personal Data on Somalia’s E-Visa System Weeks After Major Breach
A recently uncovered weakness in Somalia’s electronic visa system has triggered fresh alarm over the protection of travelers’ personal information, coming just weeks after authorities admitted to a large-scale data breach affecting tens of thousands of applicants. Findings indicate…
US shuts down phisherfolk’s $14.6M password-hoarding platform
Crooks used platform to scoop up and store banking credentials for big-money thefts The US says it has shut down a platform used by cybercriminals to break into Americans’ bank accounts.… This article has been indexed from The Register –…
Coordinated Scams Target MENA Region With Fake Online Job Ads
A coordinated wave of fake online job ads targeting the Middle East and North Africa has been uncovered, exploiting remote work trends This article has been indexed from www.infosecurity-magazine.com Read the original article: Coordinated Scams Target MENA Region With Fake…
North Korean Hackers Steal 2B Crypto
North Korean hacking groups have reached a new milestone in digital asset theft, accounting for 76% of all service-level compromises recorded this year. This represents a calculated move away from frequent, smaller heists in favor of catastrophic breaches targeting large-scale…
Android Malware Combines Droppers SMS RAT
The cybersecurity landscape in Uzbekistan has shifted from simple spam campaigns to advanced mobile threats orchestrated by a group called TrickyWonders. This article has been indexed from CyberMaterial Read the original article: Android Malware Combines Droppers SMS RAT
Iranian Infy APT Returns With New Malware
Infy stands as one of the longest-running advanced persistent threat groups in the cybersecurity landscape, with its initial operations documented as far back as 2004. This article has been indexed from CyberMaterial Read the original article: Iranian Infy APT Returns…
Nigerian National Convicted Of Fraud
Olusegun Samson Adejorin, a 32-year-old Nigerian national, was found guilty by a federal jury in Greenbelt, Maryland, following a six-day trial. The conviction included charges of wire fraud, aggravated identity theft, and unauthorized access to a protected computer. This legal…
Cyber Briefing: 2025.12.24
Loader malware, Android SMS theft, Iranian APT resurgence, healthcare ransomware, global fraud convictions, North Korea crypto theft, and Google lawsuits dominated. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2025.12.24
Pro-Russian Hackers Claim Cyberattack on French Postal Service
Central computer systems at French national postal service La Poste were knocked offline Monday in DDoS attack. The post Pro-Russian Hackers Claim Cyberattack on French Postal Service appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112
SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability (CVE-2024-49112). The post LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112 appeared first on SafeBreach.…
Best of 2025: Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’
Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. Gaskar Group, Russian designer of drones plaguing Ukraine’s skies, is in utter disarray. Or, at least, so says Ukrainian military intelligence. Hacker groups teamed…
Trend Micro Warns: ‘Vibe Crime’ Ushers in Agentic AI-Driven Cybercrime Era
Trend Micro, a cybersecurity firm, has sounded the alarm over what it calls the rise of “vibe crime”: fully automated cybercriminal operations powered by agentic AI, which marks a fundamental turn away from traditional ransomware and phishing campaigns. The…
IT Security News Hourly Summary 2025-12-24 15h : 5 posts
5 posts were published in the last hour 14:2 : Italian regulator rules Apple’s ATT feature limits competition 14:2 : Evasive Panda APT Using AitM Attack and DNS Poisoning to Deliver Malware 14:2 : Nomani Investment Scam Surges 62% Using…
Italian regulator rules Apple’s ATT feature limits competition
Italy fined Apple €98.6 million, ruling its App Tracking Transparency feature limited competition in the App Store. Italy’s antitrust authority fined Apple €98.6 million ($116 million) for ruling that its App Tracking Transparency framework restricted competition in the App Store.…
Evasive Panda APT Using AitM Attack and DNS Poisoning to Deliver Malware
The Evasive Panda APT group, also known as Bronze Highland, Daggerfly, and StormBamboo, has been running targeted campaigns since November 2022, using advanced techniques to deliver the MgBot malware. The group employs adversary-in-the-middle attacks combined with DNS poisoning to compromise…
Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media
The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threat have also expanded beyond Facebook to include other social media platforms, such as YouTube. The Slovak cybersecurity…
Threat Actors Using Weaponized AV-themed Word and PDF Documents to Attack Israeli Organizations
Security researchers at Seqrite Labs have identified a campaign called Operation IconCat, targeting Israeli organizations with weaponized documents designed to look like legitimate security tools. The attacks began in November 2025 and have compromised multiple companies across information technology, staffing…
Russian Hackers Obtain Sensitive NHS Documents from UK Royal Properties
In a recent cyberattack, a ransomware group affiliated with Russia infiltrated the NHS computer system and retrieved hundreds of thousands of highly sensitive medical records, including those associated with members of the royal family, triggering alarms in several parts…
Merry Christmas, Readers Of Silicon UK
In a challenging world of turbulence and change. Silicon UK wishes our readers a joyful Christmas and much merriment This article has been indexed from Silicon UK Read the original article: Merry Christmas, Readers Of Silicon UK
Urban VPN Proxy Surreptitiously Intercepts AI Chats
This is pretty scary: Urban VPN Proxy targets conversations across ten AI platforms: ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok (xAI), Meta AI. For each platform, the extension includes a dedicated “executor” script designed to intercept and capture conversations.…
Threat Actors Advertised NtKiller Malware on Dark Web Claiming Terminate Antivirus and EDR Bypass
A malicious actor known as AlphaGhoul has begun promoting a tool called NtKiller, designed to silently shut down antivirus software and endpoint detection tools. The tool was posted on an underground forum where criminals gather to buy and sell hacking…
Why Mobile-First SaaS Needs Passwordless Authentication for Field Teams
Learn why passwordless authentication is essential for mobile-first SaaS used by field teams to improve security, speed, and productivity. The post Why Mobile-First SaaS Needs Passwordless Authentication for Field Teams appeared first on Security Boulevard. This article has been indexed…