A massive data leak reportedly at Chinese firm Knownsec (Chuangyu) exposed 12,000 files detailing state-backed ‘cyber weapons’ and spying on over 20 countries. See the details, including 95GB of stolen Indian immigration data. This article has been indexed from Hackread…
Microsoft Teams’ New Location-Based Status Sparks Major Privacy and Legal Concerns
Microsoft Teams is preparing to roll out a new feature that could significantly change how employee presence is tracked in the workplace. By the end of the year, the platform will be able to automatically detect when an employee…
Zero Trust Security for Mission Partner Environments in Coalition Operations
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Zero Trust Security for Mission Partner Environments in Coalition Operations
Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges
A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges to Administrator on affected systems. This vulnerability CVE-2025-20341 caused by insufficient validation of user-supplied input, underscores…
Anthropic: China-Based Hackers Used Claude to Automate Global Cyberattack
Chinese state-backed hackers hijacked Anthropic’s Claude AI to run an autonomous global cyberattack, marking a major shift in AI-driven cyberwarfare. The post Anthropic: China-Based Hackers Used Claude to Automate Global Cyberattack appeared first on TechRepublic. This article has been indexed…
SmartApeSG Campaign Leverages ClickFix Technique to Deploy NetSupport RAT
The SmartApeSG campaign, also known as ZPHP or HANEY MANEY, continues to evolve its attack methods to compromise Windows systems with malicious remote access tools. First reported in June 2024, this campaign has shifted from using fake browser update pages…
NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation
NVIDIA has issued a critical security update addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute malicious code and escalate privileges on affected systems. The vulnerabilities, tracked as CVE-2025-23361 and CVE-2025-33178, both carry a CVSS…
Anthropic Claude AI Used by Chinese-Back Hackers in Spy Campaign
AI vendor Anthropic says a China-backed threat group used the agentic capabilities in its Claude AI model to automate as much as 90% of the operations in a info-stealing campaign that presages how hackers will used increasingly sophisticated AI capabilities…
Imunify360 Flaw Puts Sites At Risk
Website security products from Imunify360, designed for Linux-based web hosting environments and used to protect an estimated 56 million sites The post Imunify360 Flaw Puts Sites At Risk first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Microsoft Office Russian Dolls, (Fri, Nov 14th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Microsoft Office Russian Dolls, (Fri, Nov 14th)
Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate privileges to root, and bypass authentication mechanisms. The vulnerabilities reside in the Java Remote Method…
How CIOs Can Turn AI Visibility into Strategy
Generative AI is everywhere and it’s only growing. Whether you know it or not, tools such as ChatGPT, Claude, DeepSeek, and Gemini are being actively used in your office. A recent study from MIT’s Nanda Project found that 90% of…
Doordash Hit By October User Data Breach
DoorDash, the food delivery platform serving millions of customers across the U.S., Canada, Australia, and New Zealand, recently disclosed The post Doordash Hit By October User Data Breach first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Hackers Breach NY State Texting Service
Hackers achieved an extremely rare feat by successfully taking over the operation of Mobile Commons, a legitimate bulk text messaging The post Hackers Breach NY State Texting Service first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Akira Ransomware Made 244 Million Dollars
The Akira ransomware group has been identified as a highly prolific and financially successful threat actor, having generated over $244 million The post Akira Ransomware Made 244 Million Dollars first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
Claude AI Linked To Chinese Espionage
A state-sponsored threat actor, believed to be based in China, executed a large-scale espionage campaign that exploited Anthropic’s Claude Code The post Claude AI Linked To Chinese Espionage first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Skripal Hacker Arrested In Thailand
Thai police have reportedly detained a Russian man in Phuket who is believed to be a “world class” hacker and an agent for Russia’s GRU military intelligence The post Skripal Hacker Arrested In Thailand first appeared on CyberMaterial. This article…
IT Security News Hourly Summary 2025-11-14 15h : 5 posts
5 posts were published in the last hour 13:34 : Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser 13:34 : RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR 13:34 : Critical FortiWeb…
Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser
Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol (MCP) servers. Unlike VS Code, Cursor lacks integrity checks on its runtime components, making it…
RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR
Elastic Security Labs has uncovered a sophisticated campaign deploying a newly identified loader, dubbed RONINGLOADER, that weaponizes legitimately signed kernel drivers to systematically disable Microsoft Defender and evade endpoint detection and response (EDR) tools. Attributed to the Dragon Breath APT…
Critical FortiWeb flaw under attack, allowing complete compromise
A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in Fortinet FortiWeb WAF that allows full device takeover. The cybersecurity vendor addressed the…
Checkout.com Discloses Data Breach After Extortion Attempt
The information was stolen from a legacy cloud file storage system, not from its payment processing platform. The post Checkout.com Discloses Data Breach After Extortion Attempt appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
EasyDMARC Integrates with Splunk
Originally published at EasyDMARC Integrates with Splunk by EasyDMARC. Streamline security monitoring. Centralize email threat data. EasyDMARC … The post EasyDMARC Integrates with Splunk appeared first on EasyDMARC. The post EasyDMARC Integrates with Splunk appeared first on Security Boulevard. This…
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and installing ransomware. Security researchers have uncovered an active malware distribution operation using…