The global spyware market continues its alarming expansion, with new research revealing the emergence of 130 additional entities spanning 46 countries between 1992 and 2024. This shadowy ecosystem of surveillance technologies has grown from 435 documented entities in the initial…
New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security
The Shai-Hulud NPM worm highlights rising open-source supply chain threats. Secure builds with SBOMs, MFA, signed packages, and zero-trust defenses. The post New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security appeared first on Security…
Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine
Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla group’s…
Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Abuse AI…
How AI-Native Development Platforms Enable Fake Captcha Pages
Cybercriminals are abusing AI-native platforms like Vercel, Netlify, and Lovable to host fake captcha pages that deceive users, bypass detection, and drive phishing campaigns. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
Weaponized ScreenConnect App Spreads AsyncRAT and PowerShell RAT
Remote Monitoring and Management tools such as ConnectWise ScreenConnect have earned a reputation for simplifying IT administration, but they have also drawn the attention of sophisticated attackers. By abusing ScreenConnect’s trusted installation footprint and deep system privileges, adversaries are now…
New iOS Video Injection Tool Bypasses Biometric Locks on Jailbroken iPhones
A newly discovered video injection tool for iOS devices that have been jailbroken poses a serious threat to modern digital identity verification. Developed to run on iOS 15 or later, this highly specialized toolkit can circumvent weak biometric checks and…
Russian Airline Hit by Cyberattack, Website and Systems Disrupted
Russian regional carrier KrasAvia is grappling with a major IT outage after what appears to be a cyberattack. Passengers have been unable to buy tickets online, and flight operations have been forced to switch to manual procedures. The airline confirmed…
Small businesses, big targets: Protecting your business against ransomware
Long known to be a sweet spot for cybercriminals, small businesses are more likely to be victimized by ransomware than large enterprises This article has been indexed from WeLiveSecurity Read the original article: Small businesses, big targets: Protecting your business…
New iOS Video Injection Tool Bypasses Biometric Verification with Jailbroken iPhones
A sophisticated new attack tool targeting jailbroken iOS devices has emerged, representing a significant escalation in digital identity fraud capabilities. The discovery by iProov’s threat intelligence team reveals a highly specialized tool designed to perform advanced video injection attacks on…
Splunk Releases Guide to Detect Remote Employment Fraud Within Your Organization
Detecting remote employment fraud has become a critical priority for organizations striving to secure their digital onboarding processes and safeguard sensitive systems. In recent months, threat actors posing as legitimate hires have leveraged sophisticated tactics to bypass pre-hire screenings and…
UK Arrested 2 Scattered Spider Hackers Linked to London Transport System Breach
UK law enforcement has arrested two individuals linked to the notorious Scattered Spider cybercriminal group, including 19-year-old Thalha Jubair from London, who faces charges in connection with over 120 network intrusions that resulted in more than $115 million in ransom…
Russian Airline Suffered Cyberattack Website and Other Systems Affected
Krasnoyarsk Regional Airlines (KrasAvia) confirmed a sophisticated cyberattack that has rendered its primary online services inoperable. The breach targeted the airline’s web portal and associated back-end systems, including the Passenger Service System (PSS) and flight planning applications. As a result,…
New Phishing Attack Targets Facebook Users to Steal Login Credentials
A sophisticated phishing campaign has recently emerged, targeting Facebook users with carefully crafted emails designed to harvest login credentials. Attackers leverage the platform’s own external URL warning system to cloak malicious links, presenting URLs that appear legitimate while redirecting victims…
Astra API Security Platform secures undocumented and vulnerable APIs
Astra Security has launched its API Security Platform, designed to identify undocumented, zombie, and shadow APIs that threaten infrastructure and expose sensitive PII. Instead of relying on reactive, siloed detection tools, Astra’s platform delivers proactive, automated protection against attackers exploiting…
New Tigera solution protects AI workloads from data ingestion to deployment
Tigera announced a new solution to secure AI workloads running in Kubernetes clusters. Due to the resource-intensive and bursty nature of AI workloads, Kubernetes has become the de facto orchestrator for deploying them. However AI workloads introduce security challenges, throughout…
Huawei Announces AI Chip Plans To Challenge Nvidia
Huawei Technologies shows AI chip roadmap and clusters that it says can deliver compute power to rival Nvidia, as China seeks autonomy This article has been indexed from Silicon UK Read the original article: Huawei Announces AI Chip Plans To…
Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking
Novakon HMIs are affected by remote code execution and information exposure vulnerabilities. The post Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Unpatched Vulnerabilities Expose…
Recap of Our “Passkeys Pwned” Talk at DEF CON
What the ”Passkeys Pwned” talk is and isn’t about, and what it reveals about the importance of correct implementation of the standard The Passkeys Pwned Talk Summary As outlined in the DEF CON abstract below, the Passkeys Pwned attack highlights a passkey…
Meta Adds Display To Ray-Ban Smart Glasses
Meta Ray-Ban Display glasses include display in one lens that can be used to watch videos, read messages as company hopes to capitalise on AI This article has been indexed from Silicon UK Read the original article: Meta Adds Display…
U.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber Attack
Law enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London (TfL), the city’s public transportation agency. Thalha…
Google patches zero-day, Copilot’s forced installation, Scattered Spider arrests
Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by…
Did hackers steal the details of 2.5 billion Gmail users last month?
No, they did not. Last month, multiple media outlets reported on a widespread attack on Gmail users. However, the statements were debunked by Google. The… The post Did hackers steal the details of 2.5 billion Gmail users last month? appeared…
JLR Supply Chain Workers Hit By Cyber-Attack Disruption
Union Unite says workers at Jaguar Land Rover suppliers being laid off as company says shutdown will continue until at least 24 September This article has been indexed from Silicon UK Read the original article: JLR Supply Chain Workers Hit…