A new threat targeting Chinese users has appeared with a dangerous ability to shut down security tools. RONINGLOADER, a multi-stage loader spreading a modified version of the gh0st RAT, uses clever tricks to bypass antivirus protection. The malware arrives through…
Critical pgAdmin4 Vulnerability Lets Attackers Execute Remote Code on Servers
A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases. Dubbed CVE-2025-12762, the vulnerability affects versions up to 9.9 and could allow attackers to run arbitrary commands on the hosting server,…
Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies
The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions. The five individuals are listed…
Digital Security Threat Escalates with Exposure of 1.3 Billion Passwords
One of the starkest reminders of just how easily and widely digital risks can spread is the discovery of an extensive cache of exposed credentials, underscoring the persistent dangers associated with password reuse and the many breaches that go…
Hyundai AutoEver America Breach Exposes Employee SSNs and Driver’s License Data
Hyundai AutoEver America (HAEA), an IT services affiliate of Hyundai Motor Group, has confirmed a data breach that compromised sensitive personal information, including Social Security Numbers (SSNs) and driver’s licenses, of approximately 2,000 individuals, mostly current and former employees.…
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
Plus: State-sponsored AI hacking is here, Google hosts a CBP face recognition app, and more of the week’s top security news. This article has been indexed from Security Latest Read the original article: A Major Leak Spills a Chinese Hacking…
Hackers are Weaponizing Invoices to Deliver XWorm That Steals Login Credentials
Attackers are using fake invoice emails to spread XWorm, a remote-access trojan that quietly steals login credentials, passwords, and sensitive files from infected computers. When a user opens the attached Visual Basic Script file, the malware begins working silently in…
Five U.S. Citizens Plead Guilty to Helping North Korean IT Workers Infiltrate 136 Companies
The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions. The five individuals are listed…
Highly Sophisticated macOS DigitStealer Employs Multi-Stage Attacks to Evade detection
A new malware family targeting macOS systems has emerged with advanced detection evasion techniques and multi-stage attack chains. Named DigitStealer, this information stealer uses multiple payloads to steal sensitive data while leaving minimal traces on infected machines. The malware disguises…
First Large-scale Cyberattack Using AI Tools With Minimal Human Input
Chinese government-backed hackers used Anthropic’s Claude Code tool to carry out advanced spying on about thirty targets worldwide, successfully breaking into several major organizations. The first documented large-scale cyberattack executed primarily by leveraging artificial intelligence with minimal human intervention. The…
IT Security News Hourly Summary 2025-11-15 12h : 1 posts
1 posts were published in the last hour 10:6 : Honeypot: FortiWeb CVE-2025-64446 Exploits, (Sat, Nov 15th)
Honeypot: FortiWeb CVE-2025-64446 Exploits, (Sat, Nov 15th)
Like many have reported, we too noticed exploit attempts for CVE-2025-64446 in our honeypots. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Honeypot: FortiWeb CVE-2025-64446 Exploits, (Sat, Nov 15th)
A Multi-Stage Phishing Kit Using Telegram to Harvest Credentials and Bypass Automated Detection
Phishing attacks continue to be one of the most persistent threats targeting organizations worldwide. Cybercriminals are constantly improving their methods to steal sensitive information, and a recently discovered phishing kit demonstrates just how advanced these operations have become. This particular…
Formbook Malware Delivered Using Weaponized Zip Files and Multiple Scripts
A new wave of Formbook malware attacks has appeared, using weaponized ZIP archives and multiple script layers to bypass security controls. The attacks begin with phishing emails containing ZIP files that hold VBS scripts disguised as payment confirmation documents. These…
IT Security News Hourly Summary 2025-11-15 09h : 1 posts
1 posts were published in the last hour 7:36 : U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-64446 (CVSS score of 9.1), to its Known Exploited…
Akira Ransomware Targets Over 250 Organizations, Extracts $42 Million in Ransom Payments – New CISA Report
A new advisory from the Cybersecurity and Infrastructure Security Agency reveals that Akira ransomware has become one of the most active threats targeting businesses worldwide. Since March 2023, this ransomware group has impacted more than 250 organizations across North America,…
Cybercrime and the Future: An In-Depth Discussion with Tammy Harper, Flare.io
In this episode of Cybersecurity Today, host Jim Love is joined by Tammy Harper, a senior threat intelligence researcher at Flare, to explore the future landscape of cybercrime. The conversation delves into various aspects like the evolution of underground markets,…
IT Security News Hourly Summary 2025-11-15 06h : 4 posts
4 posts were published in the last hour 4:36 : Critical FortiWeb WAF Flaw Exploited in the Wild, Enabling Full Admin Takeover 4:36 : Lumma Stealer Uses Browser Fingerprinting to Collect Data and for Stealthy C&C Server Communications 4:8 :…
Critical FortiWeb WAF Flaw Exploited in the Wild, Enabling Full Admin Takeover
Fortinet has issued an urgent advisory warning of a critical vulnerability in its FortiWeb web application firewall (WAF) product, which attackers are actively exploiting in the wild. Identified as CVE-2025-64446, the flaw stems from improper access control in the GUI…
Lumma Stealer Uses Browser Fingerprinting to Collect Data and for Stealthy C&C Server Communications
Lumma Stealer has emerged as a serious threat in the cybercrime world, targeting users through fake software updates and cracked applications. This information-stealing malware targets the collection on login details, payment card information, and cryptocurrency wallet data from infected systems.…
Conduent Faces Financial Hit, Lawsuits from Breach Affecting 10.5 Million
The intrusion a year ago into Conduent Business Solutions’ systems, likely by the SafePay ransomware group, that affected more than 10.5 individuals will likely cost the company more than $50 million in related expenses and millions more to settle the…
Should You Still Trust Your Router? What Users Need to Know and How to Secure Home Wi-Fi today
Public discussion in the United States has intensified around one of the country’s most widely purchased home router brands after reports suggested that federal agencies are considering restrictions on future sales. The conversation stems from concerns about potential national…
Friday Squid Blogging: Pilot Whales Eat a Lot of Squid
Short-finned pilot wales (Globicephala macrorhynchus) eat at lot of squid: To figure out a short-finned pilot whale’s caloric intake, Gough says, the team had to combine data from a variety of sources, including movement data from short-lasting tags, daily feeding…