The operation took place in July and August and focused on scams in which perpetrators build online romantic relationships to extract money from targets or blackmail them with explicit images, Interpol said. The post Interpol Says 260 Suspects in Online…
Vietnamese Hackers Exploit Fake Copyright Notices to Spread “Lone None” Stealer
Vietnamese hackers use fake copyright notices and Telegram-based malware to steal data and crypto in a growing phishing campaign. The post Vietnamese Hackers Exploit Fake Copyright Notices to Spread “Lone None” Stealer appeared first on eSecurity Planet. This article has…
Google and Flo to pay $56 million after misusing users’ health data
Flo Health and Google agreed to pay $56 million to settle lawsuits alleging the period-tracking app shared sensitive health data for ads. This article has been indexed from Malwarebytes Read the original article: Google and Flo to pay $56 million…
OpenAI Patches ChatGPT Gmail Flaw Exploited by Hackers in Deep Research Attacks
OpenAI has fixed a security vulnerability that could have allowed hackers to manipulate ChatGPT into leaking sensitive data from a victim’s Gmail inbox. The flaw, uncovered by cybersecurity company Radware and reported by Bloomberg, involved ChatGPT’s “deep research” feature.…
Malicious MCP Server Discovered Stealing Sensitive Emails Using AI Agents
Enterprises everywhere are embracing MCP servers—tools that grant AI assistants “god-mode” permissions to send emails, run database queries, and automate tedious tasks. But no one ever stopped to ask: Who built these tools? Today, the first real-world malicious MCP server—postmark-mcp—has…
How to Defend Against Credential Attacks with a Hybrid Mesh Architecture
Introduction Credential-based attacks have reached epidemic levels. The 2025 Verizon Data Breach Investigations Report (DBIR) underscores the trend: 22% of breaches now start with compromised credentials, while Check Point External Risk Management found that leaked credential volumes surged 160% year-over-year.…
SVG Phishing hits Ukraine with Amatera Stealer, PureMiner
A phishing campaign in Ukraine uses malicious SVG files to drop Amatera Stealer and PureMiner, enabling data theft and cryptomining. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: SVG Phishing hits…
First-Ever Malicious MCP Server Found in the Wild Steals Emails via AI Agents
The first-ever malicious Model-Context-Prompt (MCP) server discovered in the wild, a trojanized npm package named postmark-mcp that has been secretly exfiltrating sensitive data from users’ emails. The package, downloaded approximately 1,500 times per week, contained a backdoor that copied every…
New Variant of The XCSSET Malware Attacking macOS App Developers
The macOS threat landscape has witnessed a significant escalation with the discovery of a new variant of the XCSSET malware targeting app developers. First observed in late September 2025, this variant builds upon earlier versions by introducing enhanced stealth techniques,…
Fortra GoAnywhere Vulnerability Exploited as 0-Day Before Patch
A critical, perfect 10.0 CVSS score vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution was actively exploited as a zero-day at least a week before the company released a patch. The vulnerability, tracked as CVE-2025-10035, is a command injection…
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new “lightweight” malware families tracked as BAITSWITCH and SIMPLEFIX. Zscaler ThreatLabz, which detected the new multi-stage…
Singapore Threatens Meta With Fines Over Facebook Impersonation Scams
The Singapore police said Facebook is the top platform for online scams in the country This article has been indexed from www.infosecurity-magazine.com Read the original article: Singapore Threatens Meta With Fines Over Facebook Impersonation Scams
Customer Authentication Challenges That Impact Your Organization’s Security Posture
Introduction In today’s cybersecurity landscape, CISOs face the challenge of securing data while managing costs effectively. As cyber threats become more sophisticated, traditional user authentication methods often prove inadequate or… The post Customer Authentication Challenges That Impact Your Organization’s Security…
Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data
Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to view sensitive connection details via both the Airflow API and web interface. The vulnerability, present in Airflow version 3.0.3, undermines…
Neon App pays users to record their phone calls, sells data for AI training
An app called Neon Mobile which pays a small price for privacy is storming the popularity chart in the US Apple app store. This article has been indexed from Malwarebytes Read the original article: Neon App pays users to record…
Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales
More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers who published a proof-of-concept attack on Thursday. They…
Teens Arrested Over Scattered Spider’s $115M Hacking Spree
Law enforcement authorities in the United States and United Kingdom have arrested two teenagers connected to the notorious Scattered Spider hacking collective, charging them with executing an extensive cybercrime operation that netted over $115 million in ransom payments. The…
Volvo North America confirms staff data stolen following ransomware attack on IT supplier
The downstream consequences of Miljödata’s ransomware attack continue to affect major organizations Volvo North America is the latest large organization to announce attackers accessed employee data after a ransomware attack struck its HR system provider.… This article has been indexed…
North Korea’s Fake Recruiters Feed Stolen Data to IT Workers
North Korean threat actors pose as recruiters to steal developers’ identities and supply them to fraudulent IT workers. The post North Korea’s Fake Recruiters Feed Stolen Data to IT Workers appeared first on SecurityWeek. This article has been indexed from…
Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in Gaza
Microsoft said Thursday it had disabled services to a unit within the Israeli military after a company review had determined its artificial intelligence and cloud computing products were being used to help carry out mass surveillance of Palestinians. The action…
Salesforce Faces Lawsuits Over Compromises of Third-Party Apps: Report
Salesforce is facing a possible class action lawsuit from almost two dozen plaintiffs who say the SaaS giant should have had better security around its platform, even though a spate of high-profile data-stealing attacks on third-party partners did not start…
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions
Car makers don’t trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions. Because design specs don’t prove survival. Crash tests do. They separate theory from reality. Cybersecurity is no different. Dashboards overflow with “critical” exposure alerts.…
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of…
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel…