Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting cryptocurrency developers through the NuGet package registry. The malicious packages, which exfiltrate sensitive wallet data including private keys and mnemonics, highlight a critical vulnerability in package registry security…
Toys “R” Us Canada Data Breach Exposes Customer Personal Information
Toys “R” Us Canada has alerted its customers to a significant data breach that may have compromised personal information. The company sent notification emails to affected customers on Thursday morning, confirming that unauthorized access to their databases occurred. According to…
SharkStealer Using EtherHiding Pattern to Resolves Communications With C2 Channels
A sophisticated information-stealing malware written in Golang has emerged, leveraging blockchain technology to establish covert command-and-control channels. SharkStealer represents a significant evolution in malware design, utilizing the BNB Smart Chain Testnet as a resilient dead-drop resolver for its C2 infrastructure.…
New PDF Tool to Detect Malicious PDF Using PDF Object Hashing Technique
A new open-source tool called PDF Object Hashing is designed to detect malicious PDFs by analyzing their structural “fingerprints.” Released by Proofpoint, the tool empowers security teams to create robust threat detection rules based on unique object characteristics in PDF…
Threat Actors Attacking Azure Blob Storage to Compromise Organizational Repositories
Cybersecurity researchers have identified a sophisticated campaign where threat actors are leveraging compromised credentials to infiltrate Azure Blob Storage containers, targeting organizations’ critical code repositories and sensitive data. This emerging threat exploits misconfigured storage access controls to establish persistence and…
Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack
Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks. The sophisticated threat, codenamed…
Microsoft Boosts Windows Security by Disabling File Previews for Downloads
Microsoft has rolled out a significant security enhancement to Windows File Explorer, automatically disabling the preview pane for files downloaded from the internet as part of security updates released on and after October 14, 2025. This proactive measure targets a…
Jingle Thief exploit, Lazarus targets jobseekers, the 72 hour workweek
Jingle Thief hackers steal millions in gift cards by exploiting cloud infrastructure Lazarus hackers targeted European defense companies Deep Tech work culture pushes for 72 hour workweeks Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly…
Smart Glasses: Cool Tech or a Privacy Threat?
Smart wearables are nothing new – an Apple Watch barely attracts attention these days. And now smart glasses represent the latest frontier in wearable technology,… The post Smart Glasses: Cool Tech or a Privacy Threat? appeared first on Panda Security…
Amazon Apologises Over Day-Long Cloud Outage
Amazon Web Services issues apology over outage that disrupted hundreds of services, amidst questions over significant job cuts This article has been indexed from Silicon UK Read the original article: Amazon Apologises Over Day-Long Cloud Outage
YouTube Ghost Malware Campaign: Over 3,000 Infected Videos Target Users
Check Point Research has uncovered a massive malware distribution operation called the YouTube Ghost Network, featuring over 3,000 malicious videos designed to infect unsuspecting users with dangerous information-stealing malware. This sophisticated cybercriminal network has been operating since at least 2021,…
IT Security News Hourly Summary 2025-10-24 09h : 4 posts
4 posts were published in the last hour 6:38 : Hackers Exploit Galaxy S25 0-Day to Turn On Camera and Track Users 6:37 : Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data 6:37…
Hackers Exploit Galaxy S25 0-Day to Turn On Camera and Track Users
A critical zero-day vulnerability in Samsung’s flagship Galaxy S25 smartphone was successfully exploited at Pwn2Own Ireland 2025, demonstrating how attackers could silently activate the device’s camera and track a user’s real-time location. Security researchers Ben R. and Georgi G. from…
Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data
Microsoft 365 Exchange Online’s Direct Send feature, originally designed to enable legacy devices and applications to send emails without authentication, has become an exploitable pathway for cybercriminals conducting sophisticated phishing and business email compromise attacks. The feature allows multifunction printers,…
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense
Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in which criminal and state-backed actors blurred the lines between cybercrime, espionage, and disruption, targeting public and…
The OpenSSL Corporation and the OpenSSL Foundation Celebrate the Success of the Inaugural OpenSSL Conference in Prague
The OpenSSL Corporation and the OpenSSL Foundation celebrate the success of the inaugural OpenSSL Conference, held in Prague, October 7-9. This was the first time in the history of the OpenSSL Project that the full community met in person. Developers,…
Iran’s MuddyWater wades into 100+ government networks in latest spying spree
Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East Iran’s favorite muddy-footed cyberespionage crew is at it again, this time breaching more than 100 government entities across the Middle East and North Africa,…
Linux RATs on Windows: Ransomware Actors Target VMware Deployments
The Agenda ransomware group has evolved its attack methodology with a sophisticated technique that deploys Linux ransomware variants directly on Windows systems, challenging traditional endpoint security controls. The attack represents a significant tactical evolution in ransomware deployment strategies. Threat actors…
New Phishing Wave Uses OAuth Prompts to Take Over Microsoft Accounts
A new phishing campaign is targeting Microsoft account holders by using a clever twist on OAuth authentication prompts. Instead of asking users to hand over their passwords directly, attackers are tricking people into granting permission to malicious applications through legitimate-looking…
Hackers Steal Microsoft Teams Chats & Emails by Grabbing Access Tokens
Security researchers have discovered a sophisticated method that allows attackers to steal access tokens from Microsoft Teams, potentially granting unauthorized access to sensitive corporate communications, emails, and SharePoint documents. The attack vector represents a significant security risk for organizations relying…
Bitter APT Hackers Exploit WinRAR Zero-Day Via Weaponized Word Documents to Steal Sensitive Data
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infrastructure across China and Pakistan. The threat actor has deployed weaponized Microsoft Office…
Building trust in AI: How to keep humans in control of cybersecurity
In this Help Net Security video, Rekha Shenoy, CEO at BackBox, takes a look at AI in cybersecurity, separating hype from reality. She explains why AI’s true value lies not in replacing human expertise but in strengthening it. Shenoy outlines…
Smart helmet tech points to the future of fighting audio deepfakes
Voice cloning has become fast, cheap, and convincing. With only a few minutes of recorded speech, generative models can recreate a person’s voice with matching tone, rhythm, and accent. To address that risk, a research team at Texas Tech University…
Cybersecurity Today: New Threats from AI and Code Extensions
In today’s episode, host Jim Love discusses the discovery of the ‘Glass Worm,’ a self-spreading malware hidden in Visual Studio Code extensions downloaded over 35,000 times. The worm, hiding its malicious JavaScript in invisible unicode characters, steals developer credentials and…