A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard…
Why you keep getting job scam texts
You’re in line for coffee when your phone buzzes: “Hi! We reviewed your profile for a remote job. $1,200/week, no experience needed! Text YES to learn more.” Looks tempting at first glance, right? But if your scam radar isn’t going…
AI Governance: Building a Responsible Foundation for Innovation
AI is becoming increasingly central to digital transformation strategies, but a corresponding responsibility must match its potential. Read insights about AI governance from Fortinet’s CISO and VP Information Security. This article has been indexed from CISO Collective Read the…
Threat Actors Weaponize Discord Webhooks for Command and Control with npm, PyPI, and Ruby Packages
Cybercriminals have discovered a novel way to co-opt Discord webhooks as surrogate command-and-control (C2) channels across popular language ecosystems. Unlike traditional C2 servers, webhooks offer free, low-profile exfiltration that blends seamlessly into legitimate HTTPS traffic. Over the past month, malicious…
New RMPocalypse Attack Let Hackers Break AMD SEV-SNP To Exfiltrate Confidential Data
A critical vulnerability in AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP), a cornerstone of confidential computing deployed by major cloud providers like AWS, Azure, and Google Cloud. Dubbed RMPocalypse, the attack exploits a flaw in the initialization of…
Astaroth Banking Malware Leveraging GitHub to Host Malware Configurations
A new wave of the Astaroth banking trojan has emerged, leveraging a novel approach to distribute its malicious configuration files. First detected in late 2025, this latest campaign employs GitHub’s raw content service to host encrypted JSON configurations containing target…
SonicWall SSL VPN Accounts in Attacker Crosshairs
Threat actors have rapidly compromised more than 100 SonicWall SSL VPN accounts pertaining to over a dozen entities. The post SonicWall SSL VPN Accounts in Attacker Crosshairs appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Sensitive Information of NSW Flood Victims Mistakenly Entered into ChatGPT
A serious data breach involving the personal details of thousands of flood victims has been confirmed by the New South Wales government in an unsettling development that highlights the fragile boundary between technology and privacy. There has been an…
Clop Ransomware Exploits Oracle Zero-Day in Major Extortion Campaign
The Clop ransomware gang has orchestrated a massive extortion campaign targeting Oracle E-Business Suite customers by exploiting a critical zero-day vulnerability tracked as CVE-2025-61882. The vulnerability, which carries a CVSS score of 9.8, affects Oracle EBS versions 12.2.3 through…
Qilin Ransomware Hits Beer Giant Asahi
A cyberattack has temporarily disrupted the operations of Asahi Group Holdings, Japan’s largest brewing company. The Qilin ransomware group has taken The post Qilin Ransomware Hits Beer Giant Asahi first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
Harvard Probes Breach Tied To Oracle Flaw
Harvard University is investigating a data breach after the notorious Clop ransomware gang listed the school on its data leak site. The group claims to have stolen data The post Harvard Probes Breach Tied To Oracle Flaw first appeared on…
Rust Malware ChaosBot Exploits Discord
A new backdoor, dubbed ChaosBot, has been discovered by cybersecurity researchers. The malware, which is written in the Rust programming language The post Rust Malware ChaosBot Exploits Discord first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Fake Inflation Refund Text Scam Hits NY
An ongoing text message scam is targeting New Yorkers, impersonating the Department of Taxation and Finance to steal personal and financial information The post Fake Inflation Refund Text Scam Hits NY first appeared on CyberMaterial. This article has been indexed…
Malicious Npm Packages Used In Phishing
Researchers have uncovered a new and unusual credential harvesting campaign, dubbed Beamglea, that abuses the npm registry and a content delivery network The post Malicious Npm Packages Used In Phishing first appeared on CyberMaterial. This article has been indexed from…
Is Hacking Back Ever a Good Strategy?
Hacking back aims to retaliate against cyberattackers by launching a counterattack to disrupt their systems, recover stolen data or send a message. As cyberthreats grow more frequent and sophisticated, it’s… The post Is Hacking Back Ever a Good Strategy? appeared…
Pro-Russian Hacktivist Targets OT/ICS Systems to Harvest Credentials
In September, a nascent pro-Russian hacktivist group known as TwoNet staged its first operational technology and industrial control systems (OT/ICS) intrusion against our water treatment utility honeypot. By exploiting default credentials and SQL-based schema extraction, the adversary ultimately created backdoor…
Axis Communications Vulnerability Exposes Azure Storage Credentials
Axis Communications, a leading provider of network video and surveillance solutions, has confirmed a critical vulnerability in its Autodesk® Revit® plugin that exposed Azure Storage Account credentials within signed DLLs. Discovered in July 2024 by Trend Micro’s Zero Day Initiative™…
China probes Qualcomm’s Autotalks deal amid rising US trade tensions
Beijing insists it’s business as usual – Washington might see it differently China’s competition regulator has launched an investigation into Qualcomm’s purchase of Israeli firm Autotalks, the latest salvo in the escalating tech trade war between Washington and Beijing.… This…
SimonMed Imaging Data Breach Impacts 1.2 Million
SimonMed Imaging was targeted by the Medusa ransomware group, which claimed to have stolen 200 Gb of data. The post SimonMed Imaging Data Breach Impacts 1.2 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
EDR-Freeze: Technical Mechanics and Forensic Artifacts Exposed
EDR-Freeze is a proof-of-concept tool that forces endpoint detection and response (EDR) or antivirus processes into a temporary “coma.” Instead of installing a vulnerable driver, it leverages legitimate Windows Error Reporting components, specifically WerFaultSecure.exe and the MiniDumpWriteDump API to pause security…
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing. With the 2025 shopping season weeks away, visibility…
NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms
Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations. The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared first on SecurityWeek. This article has been indexed from…
Invoicely Database Leak Exposes 180,000 Sensitive Records
Cybersecurity researcher Jeremiah Fowler discovered nearly 180,000 files, including PII and banking details, left exposed on an unprotected database linked to the Invoicely platform. Read about the identity theft and financial fraud risks for over 250,000 businesses worldwide. This article…