Researchers have identified a novel information-stealing malware dubbed ‘AppleProcessHub,’ designed to infiltrate Apple systems and exfiltrate sensitive user data. This discovery sheds light on an evolving threat landscape where macOS, often considered a secure platform, is increasingly becoming a target…
Law Firms Warned of Silent Ransom Group Attacks
The FBI warns US law firms that the Silent Ransom Group (SRG) has been constantly targeting the legal industry. The post Law Firms Warned of Silent Ransom Group Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Chinese Hackers Exploit Cityworks Flaw to Target US Local Governments
Cisco Talos reported that a Chinese group has deployed web shells and malware in local government networks post-exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Exploit Cityworks Flaw to Target US Local Governments
Governments Urge Organizations to Prioritize SIEM/SOAR Adoption
A joint advisory from the US, UK, Australia and others highlights the importance of SIEM/SOAR platforms and overcoming implementation challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: Governments Urge Organizations to Prioritize SIEM/SOAR Adoption
Everest Ransomware Leaks Coca-Cola Employee Data Online
Everest ransomware leaks Coca-Cola employee data: 1,104 files exposed, including HR, admin roles, IDs, personal details, and internal records. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Everest…
Red Hat and AMD Team Up to Boost AI Processing Power and Performance
Red Hat, Inc., the global leader in open source solutions, has announced a strategic collaboration with AMD, a pioneer in high-performance and adaptive computing, to revolutionize the way organizations build, deploy, and manage artificial intelligence (AI) workloads. This partnership aims…
[NEU] [mittel] Linux Kernel: Schwachstelle ermöglicht Denial of Service
Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Linux Kernel: Schwachstelle…
[NEU] [mittel] Mattermost: Mehrere Schwachstellen ermöglicht nicht spezifizierten Angriff
Ein Angreifer kann mehrere Schwachstellen in Mattermost ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Mattermost: Mehrere Schwachstellen ermöglicht nicht spezifizierten…
[NEU] [mittel] Apache ActiveMQ: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Ein lokaler Angreifer kann eine Schwachstelle in Apache ActiveMQ ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Apache ActiveMQ: Schwachstelle ermöglicht Umgehen von…
Earth Lamia Develops Custom Arsenal to Target Multiple Industries
Trend™ Research has been tracking an active APT threat actor named Earth Lamia, targeting multiple industries in Brazil, India and Southeast Asia countries at least since 2023. The threat actor primarily exploits vulnerabilities in web applications to gain access to…
New Android Malware GhostSpy Grants Attackers Full Control Over Infected Devices
A chilling new Android malware, dubbed GhostSpy, has emerged as a significant threat to mobile security, according to a detailed report by CYFIRMA. This high-risk malware employs advanced evasion, persistence, and surveillance techniques to seize complete control over infected devices.…
Microsoft Defender vs Bitdefender: Compare Antivirus Software
Microsoft Defender and Bitdefender are two popular small business security providers with multiple products for small teams. Microsoft Defender can protect your office solutions, like Word and Teams, and business endpoint devices. Bitdefender performs vulnerability scans on your devices and…
Google Ads Campaign Targets Developers with Malware via Fake Homebrew Site
Security researchers have revealed that a sophisticated malvertising campaign discovered last week has been targeting software developers through malicious Google advertisements that impersonate the popular Homebrew package manager. The attack demonstrates an evolution in cybercriminal tactics that exploit trusted verification…
New Attack Bypasses HTTP/2 Security for Arbitrary Cross-Site Scripting
A critical vulnerability in HTTP/2 protocol implementations that allows attackers to bypass web security protections and execute arbitrary cross-site scripting (XSS) attacks against major websites. At the Network and Distributed System Security (NDSS) Symposium 2025, Tsinghua University researchers presented their…
Ausfälle bei Matlab: Cyberangriff trifft Mathworks und dessen Dienste
Viele Akademiker können die weitverbreitete Mathematiksoftware Matlab seit Tagen nicht nutzen. Grund dafür ist ein Ransomwareangriff. (Cybercrime, Cyberwar) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Ausfälle bei Matlab: Cyberangriff trifft Mathworks und dessen Dienste
Xiaomi Challenges Tesla Model Y With YU7 Electric SUV
Smartphone maker Xiaomi launches follow-up to SU7 sedan with YU7 crossover electric SUV challenging Tesla’s best-selling Model Y This article has been indexed from Silicon UK Read the original article: Xiaomi Challenges Tesla Model Y With YU7 Electric SUV
Nvidia Plans ‘Entirely New’ Chip For China Market
Nvidia scraps plan to revamp H20 for China market, plans new chip based on more advanced Blackwell architecture to comply with US sanctions This article has been indexed from Silicon UK Read the original article: Nvidia Plans ‘Entirely New’ Chip…
Siemens SiPass Flaw Allows Remote Attackers to Cause DoS Conditions
Siemens has released a security advisory (SSA-041082) concerning a critical out-of-bounds read vulnerability, tracked as CVE-2022-31812, affecting all SiPass integrated versions before V2.95.3.18. The flaw, if exploited, could allow unauthenticated remote attackers to trigger a denial of service (DoS) condition,…
The Unique Cybersecurity Risks in the Manufacturing Sector
For the fourth year running, in 2025, the IBM X-Force Threat Intelligence Index crowned the manufacturing sector as the number one targeted industry for cybercrime, representing 26% of incidents. The problem is so bad that manufacturing has even managed to…
Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth’s Stealth Phishing Campaign
The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law firms over the past two years. The campaign leverages “information technology (IT) themed social engineering…
IT Security News Hourly Summary 2025-05-27 09h : 3 posts
3 posts were published in the last hour 6:32 : How Google Meet Pages Are Exploited to Deliver PowerShell Malware 6:7 : How AI agents reshape industrial automation and risk management 6:7 : Why app modernization can leave you less…
Datenleck: Kriminelle erbeuten Adidas-Kundendaten
Adidas hat zum Wochenende ein Datenleck eingeräumt. Kriminelle haben Zugriff auf Kundendaten erlangt. Der Umfang ist noch unklar. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Datenleck: Kriminelle erbeuten Adidas-Kundendaten
Arm Mali GPU Vulnerability Enables Bypass of MTE and Arbitrary Kernel Code Execution
A critical vulnerability, identified as CVE-2025-0072, has been discovered in the Arm Mali GPU driver, posing a significant threat to devices with newer Mali GPUs utilizing the Command Stream Frontend (CSF) architecture, including Google’s Pixel 7, 8, and 9 series.…
Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom
Nova Scotia Power confirms it was hit by a ransomware attack but hasn’t paid the ransom, nearly a month after first disclosing the cyberattack. Nova Scotia Power confirmed it was hit by a ransomware attack nearly a month after disclosing…