In late 2024, a new wave of cyber espionage emerged targeting global telecommunications infrastructure. Operating under the moniker Salt Typhoon, this Chinese state-sponsored group has focused its efforts on routers, firewalls, VPN gateways, and lawful intercept systems within major telecom…
CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild
CISA has issued an Emergency Directive mandating immediate action to mitigate two critical zero-day vulnerabilities, CVE-2025-20333 and CVE-2025-20362, actively exploited against Cisco Adaptive Security Appliances (ASA) and select Firepower platforms. The vulnerabilities allow unauthenticated remote code execution and privilege escalation, enabling advanced threat actors…
Digital Threat Modeling Under Authoritarianism
Today’s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media…
No Patches for Vulnerabilities Allowing Cognex Industrial Camera Hacking
Cognex is advising customers to transition to newer versions of its machine vision products. The post No Patches for Vulnerabilities Allowing Cognex Industrial Camera Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor behind it is believed to be the…
Archer Health Data Leak Exposes 23GB of Medical Records
California-based Archer Health exposed 23GB of patient records, including SSNs, IDs, and medical files, after an unprotected database was found online. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original…
New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms
CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks against SOHO routers, embedded Linux devices, and enterprise applications. The threat actors exploit unsanitized POST parameters—such as NTP, syslog, and…
ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls
An attack campaign has been identified which exploits vulnerabilities in Cisco Adaptive Security Appliance software This article has been indexed from www.infosecurity-magazine.com Read the original article: ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls
New Malicious Rust Crates Impersonating fast_log to Steal Solana and Ethereum Wallet Keys
Cybercriminals have launched a sophisticated supply chain attack targeting cryptocurrency developers through malicious Rust crates designed to steal digital wallet keys. Two fraudulent packages, faster_log and async_println, have infiltrated the Rust package registry by impersonating the legitimate fast_log logging library,…
Hackers Breach Active Directory to Exfiltrate NTDS.dit Leads to Full Domain and Credential Compromise
Active Directory (AD) remains the foundation of authentication and authorization in Windows environments. Threat actors targeting the NTDS.dit database can harvest every domain credential, unlock lateral movement, and achieve full domain compromise. Attackers leveraged native Windows utilities to dump and exfiltrate…
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies Cybersecurity agencies on both sides of the Atlantic are sounding the alarm over Cisco firewall vulnerabilities that are being exploited by an “advanced…
New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions
The malware now uses a four-stage infection chain, has an additional persistence mechanism, and also targets Firefox browser data. The post New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner
FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer (data theft) and PureMiner (cryptojacking) to Windows PCs. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI &…
Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters
A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters—three of the most notorious English-speaking cybercrime groups—have increasingly blurred their lines through shared tactics, overlapping membership, and joint…
Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’
During Proofpoint Protect 2025, company leaders detailed how AI is being used in phishing trends and in cyber-defense tactics. The post Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’ appeared first on TechRepublic. This article has been indexed…
UK to roll out mandatory digital ID for right to work by 2029
Prime Minister Starmer revives controversial scheme despite past denials, sparking civil liberties backlash The UK government plans to issue all legal residents a digital identity by the end of the current Parliament, which could run until August 2029, with its…
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module
Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks. “This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the…
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure
Cybersecurity company watchTowr Labs has disclosed that it has “credible evidence” of active exploitation of the recently disclosed security flaw in Fortra GoAnywhere Managed File Transfer (MFT) software as early as September 10, 2025, a whole week before it was…
Interpol Cracks Down on Large-Scale African Scamming Networks
The effort, named Operation Contender 3.0, led to the arrest of 260 suspected cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol Cracks Down on Large-Scale African Scamming Networks
Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise
Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of Windows domains, storing account data, group policies, and password hashes. Compromise of its core file…
JLR Begins Phased Restart of Operations After Cyber-Attack
JLR said it is in a position to start clearing its backlog of payments for suppliers, while its parts logistics center is returning to full operations This article has been indexed from www.infosecurity-magazine.com Read the original article: JLR Begins Phased…
Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software is being actively exploited in the wild. Tracked as CVE-2025-20333, this remote code execution flaw allows an authenticated attacker…
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After…
Critical Cisco Vulnerability Let Remote Attackers Execute Arbitrary Code on Firewalls and Routers
Cisco warns of a Critical remote code execution flaw in web services across multiple Cisco platforms. Tracked as CVE-2025-20363 (CWE-122), this vulnerability carries a CVSS 3.1 Base Score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) and impacts ASA, FTD, IOS, IOS XE, and IOS…