VC giant rebuilt boxes, patched holes, and says it’s beefed up security – but won’t say who did it Venture capital giant Insight Partners has confirmed that a January ransomware attack compromised the personal data of more than 12,000 people,…
Threat Actor Infests Hotels With New RAT
RevengeHotels has been targeting hotels in Brazil and Spanish-speaking regions with VenomRAT implants in 2025. The post Threat Actor Infests Hotels With New RAT appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Threat…
IT Security News Hourly Summary 2025-09-18 12h : 11 posts
11 posts were published in the last hour 9:59 : PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi 9:59 : Russian CopyCop Network Expands: 200+ Fake News Sites Target US, Canada, and France 9:59 : Warlock Ransomware Deployed via…
What We Know About the NPM Supply Chain Attack
Trend™ Research outlines the critical details behind the ongoing NPM supply chain attack and offers essential steps to stay protected against potential compromise. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: What…
Panda-monium: China-backed cyber crew spoof Congressman to dig for dirt on US trade talks
Proofpoint spots efforts to spy on US economic policy nerds Chinese state-aligned online attackers are back at it, targeting US trade policy wonks as Washington and Beijing spar over economic ties.… This article has been indexed from The Register –…
Age verification and parental controls coming to ChatGPT to protect teens
OpenAI is going to try and predict the ages of its users to protect them better, as stories of AI-induced harms in children mount. This article has been indexed from Malwarebytes Read the original article: Age verification and parental controls…
South Korea Personal Information Privacy Act
What is the Data Privacy Act (DPA)? The Philippines Data Privacy Act of 2012 (Republic Act No. 10173), commonly referred to as the DPA, is the country’s primary data protection law. Enacted in August 2012, the Act was designed to…
SonicWall Confirms Unauthorized Access to MySonicWall Backup Files
SonicWall confirmed yesterday that configuration backups stored in some MySonicWall customer accounts were accessed without authorization in a recent security incident. The breach involves preference files containing sensitive firewall settings such as admin credentials, VPN configurations, and certificates. The affected…
Alex Ryan: From zero chill to quiet confidence
Discover how a Cisco Talos Incident Response expert transitioned from philosophy to the high-stakes world of incident command, offering candid insights into managing burnout and finding a supportive team. This article has been indexed from Cisco Talos Blog Read the…
Vane Viper Malvertising Network Posed as Legit Adtech in Global Scams
Infoblox links Vane Viper to PropellerAds, exposing a global malvertising network posing as adtech while spreading malware and running online scams. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original…
CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025
Google addressed four vulnerabilities affecting its Chrome web browser, including one that has been exploited in the wild. Google released security updates to address four vulnerabilities in the Chrome web browser, including CVE-2025-10585, which has reportedly been exploited in the…
SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations
The company sent a new preferences file to less than 5% of customers, urging them to import it into firewalls and reset their passwords. The post SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations appeared first on SecurityWeek. This…
OpenSSL 3.6 Beta Release Announcement
The OpenSSL Project is pleased to announce that OpenSSL 3.6 Beta1 pre-release is available, adding significant functionality to the OpenSSL Library. This article has been indexed from Blog on OpenSSL Library Read the original article: OpenSSL 3.6 Beta Release Announcement
PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi
A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections that users expect from their VPN service. The vulnerability affects both the graphical user interface (GUI…
Russian CopyCop Network Expands: 200+ Fake News Sites Target US, Canada, and France
The Russian covert influence network known as CopyCop has significantly expanded its disinformation operations, creating over 200 new fake websites since March 2025 to target audiences in the United States, France, and Canada. Digital fingerprint over the Russian flag symbolizing…
Warlock Ransomware Deployed via Compromised GOLD SALEM Networks and Bypassed Security Solutions
Counter Threat Unit™ (CTU) researchers are tracking a sophisticated threat actor known as Warlock Group, which CTU designates as GOLD SALEM. Since March 2025, the group has compromised enterprise networks and bypassed security solutions to deploy its custom Warlock ransomware.…
Best Amazon Prime Day tablet deals 2025: My 12 favorite sales ahead of October
We found the best tablet deals ahead of Amazon’s October Prime Day sale including discounts on the Apple iPad and Samsung Galaxy Tab. This article has been indexed from Latest news Read the original article: Best Amazon Prime Day tablet…
Jenkins Patches Multiple Vulnerabilities that Allow Attackers to Cause a Denial of Service
Jenkins has released critical updates addressing four security flaws that unauthenticated and low-privileged attackers could exploit to disrupt service or glean sensitive configuration details. Administrators running Jenkins weekly releases up to 2.527 or the Long-Term Support (LTS) stream up to…
Raven Stealer Attacking Google Chrome Users to Steal Sensitive Data
Raven Stealer has emerged as a potent information‐stealing threat targeting users of Chromium‐based browsers, most notably Google Chrome. First observed in mid-2025, this lightweight malware distinguishes itself through a modular architecture and stealthy design, allowing it to harvest sensitive information…
Beware of Typosquatted Malicious PyPI Packages That Delivers SilentSync RAT
Python developers face a growing threat from typosquatted packages in the Python Package Index (PyPI), with malicious actors increasingly targeting this trusted repository to distribute sophisticated malware. Recent discoveries have exposed a concerning trend where threat actors create packages that…
Lessons Learned From Massive npm Supply Chain Attack Using “Shai-Hulud” Self-Replicating Malware
The JavaScript ecosystem experienced one of its most sophisticated and damaging supply chain attacks in September 2025, when a novel self-replicating worm dubbed “Shai-Hulud” compromised over 477 npm packages, marking the first successful automated propagation campaign in the npm registry’s history.…
Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard
The BianLian ransomware group took credit for the cyberattack on the healthcare organization in January 2025. The post Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
NCA Singles Out “The Com” as it Chairs Five Eyes Group
The UK’s National Crime Agency is the new chair of the Five Eyes Law Enforcement Group This article has been indexed from www.infosecurity-magazine.com Read the original article: NCA Singles Out “The Com” as it Chairs Five Eyes Group
VC Firm Insight Partners Notifies Victims After Ransomware Breach
Insight Partners has released more details of a 2024 ransomware breach impacting thousands of individuals This article has been indexed from www.infosecurity-magazine.com Read the original article: VC Firm Insight Partners Notifies Victims After Ransomware Breach