Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they are underway. New research suggests that predicting DDoS attacks in advance may be possible, giving…
COLDRIVER APT Group Uses ClickFix to Deliver New PowerShell-Based Backdoor BAITSWITCH
Russia-linked threat actors continue targeting civil society with sophisticated social engineering campaigns and lightweight malware tools in September 2025. The campaign delivers two previously undocumented malware families: a downloader dubbed BAITSWITCH and a PowerShell-based backdoor named SIMPLEFIX. COLDRIVER, also tracked as Star Blizzard,…
Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code
A critical vulnerability in the Linux Kernel’s ksmbd file sharing component allows remote attackers to execute code with kernel privileges. Tracked as CVE-2025-38561, this flaw affects Linux distributions that include the ksmbd SMB server implementation. Authentication is required, but a…
Chinese Hackers Breach U.S. Firms as Trade Tensions Rise
A Coordinated Breach Comes to Light CNN reported that Chinese state-linked hackers infiltrated several U.S. legal and technology firms in a campaign that stretched for months, if not longer. According to U.S. officials, the attackers gained unauthorized access to internal…
$439 million recovered in global financial crime crackdown
Authorities around the world have recovered $439 million from criminals following a months-long operation led by INTERPOL. The effort, called HAECHI VI, ran from April through August 2025 and involved police in 40 countries and territories working together to track…
NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access
A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team, the flaw stems from unsafe deserialization in the model checkpoint…
Banking Trojans Attacking Android Users Mimic as Government and Legitimate Payment Apps
A sophisticated cybercriminal campaign has emerged targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate government identity applications and payment services. The malicious operation, active since approximately August 2024, employs advanced evasion techniques to deliver variants of…
New framework sets baseline for SaaS security controls
Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk processes only look at the vendor’s overall security, not the app itself.…
The fight to lock down drones and their supply chains
Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological capabilities, we need to be aware of the risks they bring. Drones as a new attack vector…
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both…
GenAI is exposing sensitive data at scale
Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and risky sharing practices are creating serious problems for security teams. The findings show how generative AI tools like Microsoft Copilot…
AI is rewriting the rules of cyber defense
Enterprise security teams are underprepared to detect new, adaptive AI-powered threats. The study, published by Lenovo, surveyed 600 IT leaders across major markets and shows widespread concern about external and internal risks, along with low confidence in current defenses. External…
ISC Stormcast For Thursday, September 25th, 2025 https://isc.sans.edu/podcastdetail/9628, (Thu, Sep 25th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, September 25th, 2025…
Cultura – 1,462,025 breached accounts
In September 2024, French retailer Cultura was the victim of a cyber attack they attributed to an external IT service provider. The resultant data breach included almost 1.5M unique email addresses along with names, phone numbers, physical addresses and orders.…
Justified Investments in Cloud Security Technologies
What Makes Non-Human Identities Essential for Cloud Security? How do you safeguard your digital assets when every machine identity in your organization is like a tourist visiting a foreign land? Machine identities, often termed Non-Human Identities (NHIs), act as the…
What Does TBH Mean?
What does TBH stand for? In online chat and text messages, TBH stands for “to be honest.” If you’ve seen people write TBH on social… The post What Does TBH Mean? appeared first on Panda Security Mediacenter. This article has…
Proofpoint’s New Agentic AI Cybersecurity Solutions Address 4 Key Challenges
Proofpoint expands human-centric security to protect AI agents, safeguarding collaboration points and shared data in the agentic workspace. The post Proofpoint’s New Agentic AI Cybersecurity Solutions Address 4 Key Challenges appeared first on TechRepublic. This article has been indexed from…
Proxy vs VPN: Which One Do You Really Need?
Proxy vs VPN: Learn the key differences, benefits, and use cases of proxies and VPNs. Find out which option best fits your privacy, security, and browsing needs. The post Proxy vs VPN: Which One Do You Really Need? appeared first…
Bookworm to Stately Taurus Using the Unit 42 Attribution Framework
We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft. The post Bookworm to Stately Taurus Using the Unit 42 Attribution Framework appeared first on Unit 42. This article has…
Guarding your family against the latest online threats
Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according…
Accelerating adoption of AI for cybersecurity at DEF CON 33
Posted by Elie Bursztein and Marianna Tishchenko, Google Privacy, Safety and Security Team Empowering cyber defenders with AI is critical to tilting the cybersecurity balance back in their favor as they battle cybercriminals and keep users safe. To help accelerate adoption…
Chinese Hackers Steal Data from U.S. Legal, Tech Firms for More Than a Year
Google threat researchers have found that the China-nexus threat group UNC5221 has been hacking into the networks and systems of U.S. legal firms and tech companies, at times spending more than a year inside compromised appliances to steal information and…
Neon, the No. 2 social app on the Apple App Store, pays users to record their phone calls and sells data to AI firms
A new call recording app is gaining traction for offering to pay users for voice data from calls, which is sold to AI companies. This article has been indexed from Security News | TechCrunch Read the original article: Neon, the…
This Is How Your LLM Gets Compromised
Poisoned data. Malicious LoRAs. Trojan model files. AI attacks are stealthier than ever—often invisible until it’s too late. Here’s how to catch them before they catch you. This article has been indexed from Trend Micro Research, News and Perspectives Read…