Infected 4.3 million Chrome and Edge users via extensions; ShadyPanda exploited browser marketplaces This article has been indexed from www.infosecurity-magazine.com Read the original article: ShadyPanda’s Seven-Year Campaign Infects 4.3M Chrome and Edge Users
The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security
When familiar security concepts carry unfamiliar meanings for different audiences, teams talk past each other without even realizing it. This silent disconnect weakens communication, clarity, and outcomes. The post The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security appeared…
X’s New Location Feature Exposes Foreign Manipulation of US Political Accounts
X’s new location feature has revealed that many high-engagement US political accounts, particularly pro-Trump ones, are actually operated from countries outside the United States such as Russia, Iran, and Kenya. This includes accounts that strongly claim to represent American…
More Breaches, More Risks: Experts say Protect Your Data Now
As data breaches surge, experts warn consumers to guard personal information before it reaches the dark web With data breaches becoming almost routine, more consumers are being forced to confront the risks of having their personal information exposed online. …
Forward Edge-AI delivers quantum-safe data diode and earns communications patent
Forward Edge-AI announced two major milestones in advancing quantum-resistant communications: the United States Patent and Trademark Office (USPTO) has issued a Notice of Allowance for its patent application covering attack-resilient, trust-verified communications, and the company has delivered its Isidore Quantum…
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted exploitation”. According to the December Android security bulletin, both vulnerabilities affect the Android Framework, which is a collection of core…
120,000 Cameras Hacked In South Korea
Police announced on Sunday the arrests of four people in South Korea who allegedly breached more than 120,000 video cameras located in private homes The post 120,000 Cameras Hacked In South Korea first appeared on CyberMaterial. This article has been…
French Soccer Federation Suffers Cyberattack
The French soccer federation (FFF) confirmed on Thursday that it had been targeted by a cyber-attack resulting in the theft of data related to its members. The post French Soccer Federation Suffers Cyberattack first appeared on CyberMaterial. This article has…
Police Shut Down Cryptomixer Service
Law enforcement agencies from Switzerland and Germany have executed a significant operation, dubbed “Operation Olympia,” resulting The post Police Shut Down Cryptomixer Service first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original article: Police Shut…
North Korea Lazarus Group Hits Crypto
South Korean government officials are actively investigating a sophisticated cyberattack that resulted in the theft of $30 million worth of cryptocurrency The post North Korea Lazarus Group Hits Crypto first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
India Orders Phones To Preinstall App
India’s telecommunications ministry has issued a directive requiring all major mobile device manufacturers to preload a government-backed cybersecurity The post India Orders Phones To Preinstall App first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Whispering poetry at AI can make it break its own rules
Malicious prompts rewritten as poems have been found to bypass AI guardrails. Which models resisted and which failed the poetic jailbreak test? This article has been indexed from Malwarebytes Read the original article: Whispering poetry at AI can make it…
New eBPF Filters for Symbiote and BPFdoor Malware
FortiGuard Labs discovered new Symbiote and BPFDoor variants exploiting eBPF filters to enhance stealth through IPv6 support, UDP traffic, and dynamic port hopping for covert C2 communication. This article has been indexed from FortiGuard Labs Threat Research Read the…
FTC schools edtech outfit after intruder walked off with 10M student records
Regulator says Illuminate ignored years of warnings, stored kids’ data in plain text, and kept districts in the dark US edtech provider Illuminate Education just got dinged by the Federal Trade Commission for allegedly failing to keep an attacker from…
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper. The activity…
Glassworm Malware Strikes Again In VS Code
The Glassworm campaign is a serious, ongoing malware attack targeting the developer community, specifically through malicious extensions The post Glassworm Malware Strikes Again In VS Code first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Smarttube Breach Pushes Malicious Update
The popular open-source SmartTube YouTube client for Android TV experienced a significant security breach when an attacker managed to gain access The post Smarttube Breach Pushes Malicious Update first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Shadypanda Extensions Hit Millions Users
The long-running malicious operation known as “ShadyPanda” has successfully amassed over 4.3 million installations of browser extensions for Chrome and Edge The post Shadypanda Extensions Hit Millions Users first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Phishing 3.0: AI and Deepfake-Driven Social Engineering Attacks
Phishing is no longer an easy-to-detect cyberattack. With the rise of artificial intelligence, attackers now launch AI-driven phishing campaigns to mimic human behavior. They can now generate flawless emails and use deepfake phishing attacks. Email security threats are more prominent…
Hackers Leverages Telegram, WinSCP, Google Chrome, and Microsoft Teams to Deploy ValleyRat
A new malware campaign has emerged that exploits the trust users place in popular applications. Threat actors are distributing trojanized installers for Telegram, WinSCP, Google Chrome, and Microsoft Teams to deploy ValleyRat, a remote access trojan designed for long-term system…
Glassworm Malware Hits OpenVSX and Microsoft Visual Studio Platforms with 24 New Packages
The Glassworm malware campaign has resurfaced with unprecedented scale, deploying 24 malicious extensions across Microsoft Visual Studio Marketplace and OpenVSX over the past week. This latest wave of attacks demonstrates the persistent threat posed by supply chain compromises targeting developer…
Raspberry Pi 5 Now Available With 1GB RAM With Dual-Band Wi-Fi and PCI Express Port Support
The Raspberry Pi Foundation has announced immediate availability of a new 1GB version of the Raspberry Pi 5, marking a significant expansion of its affordable computing platform. The new entry-level model arrives at $45, making high-performance computing more accessible to…
Microsoft Investigates Defender Portal Access Issues Following Traffic Spike
Microsoft is currently investigating a service disruption affecting the Microsoft Defender portal, which has blocked numerous security professionals from accessing critical threat management tools. The issue, tracked under the identifier DZ1191468 in the Microsoft 365 admin center, sparked concerns early…
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors
The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access. The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek. This article has been indexed from…