We uncovered a fake CleanMyMac site delivering SHub Stealer, a macOS infostealer that steals credentials and silently backdoors crypto wallets. This article has been indexed from Malwarebytes Read the original article: Fake CleanMyMac site installs SHub Stealer and backdoors crypto…
Tag: EN
Meta Rolls Out Charges For Third-Party Chatbots On WhatsApp
Facebook parent Meta reopens WhatsApp API access to third-party chatbots for fee, seeking to head off EU injunction ordering it to do so This article has been indexed from Silicon UK Read the original article: Meta Rolls Out Charges For…
China-Nexus Hackers Target Telecommunication Providers with New Malware Attack
A highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since 2024. Security researchers assess with high confidence that UAT-9244 exhibits close operational overlap with known espionage groups such as FamousSparrow…
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks
Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Linux…
Hackers Can Use Indirect Prompt Injection Allows Adversaries to Manipulate AI Agents with Content
Artificial intelligence tools are now a core part of everyday workflows — from browsers that summarize web pages to automated agents that help users make decisions online. As these tools become more capable, attackers are learning how to turn them…
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI functionality in their products directly. But just how secure are these AI…
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed below – CVE-2017-7921…
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February…
Apple blocks ByteDance, Google’s 90 zero-days, Iran backdoors U.S. organizations
Apple blocks ByteDance Chinese apps Google says 90 zero-days were exploited in attacks last year Iran intelligence backdoored U.S. bank, airport, software outfit networks Get the show notes here: https://cisoseries.com/cybersecurity-news-apple-blocks-bytedance-googles-90-zero-days-iran-backdoors-u-s-organizations/ Huge thanks to our sponsor, Adaptive Security This episode is…
Nvidia Stops Production Of H200 Chips For China
Nvidia reportedly reallocates TSMC capacity from H200 chips aimed at China market, after December deal fails to produce any sales This article has been indexed from Silicon UK Read the original article: Nvidia Stops Production Of H200 Chips For China
What Is Address Poisoning
As cryptocurrency adoption continues to grow, so do the tactics used by cybercriminals to exploit users. One of the emerging threats in the blockchain ecosystem is address poisoning — a subtle yet highly deceptive attack designed to trick users into…
Backup strategies are working, and ransomware gangs are responding with data theft
Business email compromise (BEC) and funds transfer fraud combined for 58% of all cyber insurance claims filed in 2025, according to data from Coalition covering more than 100,000 policyholders across the United States, Canada, the United Kingdom, Australia, and Germany.…
FBI Detains U.S. Government Contractor in Massive $46 Million Fraud Scheme
In a major law enforcement operation, authorities have arrested a U.S. government contractor accused of executing a massive cryptocurrency theft. John Daghita allegedly stole over $46 million in digital assets from the United States Marshals Service (USMS). This successful apprehension…
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2026-20122 (CVSS score: 7.1) – An arbitrary file overwrite vulnerability…
Western governments lay the groundwork for secure 6G networks
Governments are preparing for 6G, the next generation of mobile networks, placing security and resilience among their top priorities. In response, seven countries participating in the Global Coalition on Telecoms (GCOT) have introduced a set of 6G Security and Resilience…
Why phishing still works today
In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines how phishing now uses HTTPS, branded pages, and lookalike domains, making attacks…
What happens when AI teams compete against human hackers
A cybersecurity competition produced what may be the largest controlled dataset comparing AI-augmented teams to human-only teams on professional-grade offensive security tasks. The event, called NeuroGrid, ran for 72 hours on the Hack The Box platform and drew 1,337 registered…
WordPress Membership Plugin Flaw Lets Attackers Create Admin Accounts
A critical security vulnerability in the popular WordPress User Registration & Membership plugin allows unauthenticated attackers to easily create administrator accounts. The severe flaw, officially tracked as CVE-2026-1492, currently affects all plugin versions up to and including 5.1.2. Because it…
Wikipedia Hit By JavaScript Worm, ICE Contractor Data Base Leaked and more…
Wikipedia JavaScript Worm, ICE Contractor Data Leak Claim, and Leak Base Takedown Wikipedia admins contained a self-propagating JavaScript worm that spread via infected user script files, executing in logged-in editors’ browsers and using authenticated sessions to copy itself into other…
Google Uncovers 90 Zero-Day Vulnerabilities Under Active Exploitation in 2025
Google Threat Intelligence Group (GTIG) reported 90 zero-day vulnerabilities actively exploited in the wild during 2025. While this total is slightly below the 2023 peak, it highlights a critical shift in the cybersecurity landscape, as attackers are increasingly abandoning generic…