The cybercriminal group TA829, also tracked under aliases like RomCom, Void Rabisu, and Tropical Scorpius, has been observed deploying sophisticated tactics, techniques, and procedures (TTPs) alongside an updated version of its infamous RomCom backdoor, now dubbed SingleCamper (aka SnipBot). This…
Tag: EN
New DEVMAN Ransomware by DragonForce Targets Windows 10 and 11 Users
A new ransomware variant, dubbed DEVMAN, has surfaced in the cyberthreat landscape, showcasing a complex lineage tied to the notorious DragonForce family. Built on a foundation of DragonForce and Conti codebases, DEVMAN introduces unique identifiers such as the .DEVMAN file…
Senate removes ban on state AI regulations from Trump’s tax bill
States will be able to enact AI legislation again – but a federal plan remains unclear, and the clock is ticking. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Senate removes ban…
Doctors Warned Over Use of Unapproved AI Tools to Record Patient Conversations
Healthcare professionals in the UK are under scrutiny for using artificial intelligence tools that haven’t been officially approved to record and transcribe conversations with patients. A recent investigation has uncovered that several doctors and medical facilities are relying on…
Thousands of WordPress Sites at Risk as Motors Theme Flaw Enables Admin Account Takeovers
A critical security flaw tracked as CVE-2025-4322 has left a widely used premium WordPress theme exposed to attackers. Cybercriminals have been exploiting this vulnerability in the Motors theme to seize administrator accounts, allowing them to fully compromise websites—modifying information,…
Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers
Microsoft is transitioning Microsoft Sentinel into the Microsoft Defender portal to create a unified security operations experience. The post Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers appeared first on Microsoft Security Blog. This article has…
Kimusky Hackers Employ ClickFix Technique to Run Malicious Scripts on Victim Devices
The North Korean state-sponsored hacker collective Kimsuky has been found to use a dishonest technique called “ClickFix” to compromise victim machines in a number of concerning cyberattacks. First documented by Proofpoint in April 2024, ClickFix manipulates users into executing malicious…
What is risk analysis?
Risk analysis is the process of identifying and analyzing potential issues that could negatively affect key business initiatives or projects. This article has been indexed from Security Resources and Information from TechTarget Read the original article: What is risk analysis?
Cyber Threat Intelligence: 3 Key Benefits For SOCs And MSSPs
As attack vectors multiply and threat actors become increasingly sophisticated, security teams struggle to keep pace with the volume and complexity of modern cyber threats. SOCs and MSSPs operate in a high-stakes environment where every minute counts. Main Challenges Of…
International Criminal Court swats away ‘sophisticated and targeted’ cyberattack
Body stays coy on details but alludes to similarities with 2023 espionage campaign The International Criminal Court (ICC) says a “sophisticated” cyberattack targeted the institution, the second such incident in two years.… This article has been indexed from The Register…
New Report Ranks Best And Worst Generative AI Tools For Privacy
Most generative AI companies use client data to train their chatbots. For this, they may use private or public data. Some services take a more flexible and non-intrusive approach to gathering customer data. Not so much for others. A…
TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns
Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed delivering a loader dubbed TransferLoader. Enterprise security firm Proofpoint is tracking the activity associated with TransferLoader to a…
600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability in Forminator WordPress Plugin
On June 20th, 2025, we received a submission for an Arbitrary File Deletion vulnerability in Forminator, a WordPress plugin with more than 600,000 active installations. This vulnerability makes it possible for unauthenticated threat actors to specify arbitrary file paths in…
Hacktivist Group Launches Attacks on 20+ Critical Sectors Amid Iran–Israel Conflict
A series of sophisticated cyberattacks targeting over 20 vital sectors in Israel and its allies has been launched by more than 80 hacktivist groups in a major escalation of cyberwarfare that parallels the ongoing Iran-Israel confrontation. Following Israel’s recent airstrikes…
FBI Warns of Health Insurance Scam Stealing Personal and Medical Data
The Federal Bureau of Investigation (FBI) has issued a warning about a scam where criminals pretend to be… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: FBI Warns…
Snake Keyloggers Exploit Java Utilities to Evade Detection by Security Tools
The S2 Group Intelligence team has uncovered a Russian-origin malware known as Snake Keylogger, a stealer coded in .NET, leveraging legitimate Java utilities to bypass security tools. This operation, distributed via a Malware as a Service (MaaS) model, targets diverse…
FESTO Automation Suite, FluidDraw, and Festo Didactic Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO, FESTO Didactic Equipment: CIROS Studio / Education, Automation Suite, FluidDraw, FluidSIM, MES-PC Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow…
FESTO Didactic CP, MPS 200, and MPS 400 Firmware
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Didactic Equipment: CP, MPS 200, MPS 400 Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of…
FESTO CODESYS
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Equipment: CODESYS Vulnerabilities: Partial String Comparison, Uncontrolled Resource Consumption, Memory Allocation with Excessive Size Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow…
Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor
A sophisticated multi-stage malware campaign has been discovered targeting WordPress websites, employing an intricate infection chain that delivers Windows trojans to unsuspecting visitors while maintaining complete invisibility to standard security checks. The malware represents a significant evolution in web-based attack…