CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s code and the campaign’s infrastructure…
Tag: EN
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
Security researchers have discovered a sophisticated phishing technique that weaponizes invisible Unicode characters embedded within email subject lines using MIME encoding—a tactic that remains largely unknown among email security professionals. The discovery reveals how attackers are evolving their evasion methods…
Herodotus: New Android Malware Mimics Human Behavior to Bypass Biometric Security
A sophisticated new Android banking Trojan named Herodotus has emerged as a significant threat to mobile users, introducing a novel approach that deliberately mimics human typing patterns to evade behavioral biometrics detection systems. The malware’s sophisticated approach to avoiding detection…
183M Gmail-Linked Credentials Exposed in Massive Breach
A dataset of 183 million Gmail-linked credentials surfaced online, exposing users and raising new security concerns for businesses. The post 183M Gmail-Linked Credentials Exposed in Massive Breach appeared first on TechRepublic. This article has been indexed from Security Archives –…
Critical ASP.NET flaw hits QNAP NetBak PC Agent
QNAP warns of critical ASP.NET flaw (CVE-2025-55315) in NetBak PC Agent, letting attackers hijack credentials or bypass security via HTTP smuggling. QNAP urges users to patch a critical ASP.NET Core vulnerability, tracked as CVE-2025-55315 (CVSS score of 9.9), in its…
New Gamaredon Phishing Attack Targeting Govt Entities Exploiting WinRAR Vulnerability
The cybersecurity landscape continues to evolve with increasingly sophisticated distribution mechanisms, and one trend gaining alarming momentum is the delivery of infostealer malware through seemingly innocent video game cheats and mod tools. These applications, marketed as performance enhancers or gameplay…
Critical .NET Vulnerability Lets Attacker Bypass Security in QNAP Backup Software
Microsoft has unveiled a critical vulnerability in ASP.NET Core that could enable attackers to sidestep essential security measures. Disclosed on October 24, 2025, under CVE-2025-55315, this flaw stems from HTTP Request Smuggling (CWE-444) and poses risks to systems relying on…
X to Phase Out Twitter Domain – Users Advised to Re-enroll in 2FA Keys
Social media platform X announced that it will stop supporting the old Twitter.com website for two-factor authentication (2FA) by November 10, 2025. This change marks the platform’s shift away from its Twitter roots. Users relying on security keys tied to…
Open-Source Firewall IPFire 2.29 With New Reporting For Intrusion Prevention System
IPFire 2.29 Core Update 198 marks a significant advancement for users of this open-source firewall, introducing enhanced Intrusion Prevention System (IPS) capabilities powered by Suricata 8.0.1. This release emphasizes improved network monitoring through innovative reporting tools, alongside toolchain rebasing and…
Sublime Security Raises $150 Million for Email Security Platform
Sublime Security’s Series C funding round brings the total raised by the company to more than $240 million. The post Sublime Security Raises $150 Million for Email Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Microsoft October Patch Tuesday Is Huge With 170+ Fixes
Microsoft has rolled out a huge Patch Tuesday update bundle for October 2025, addressing 175… Microsoft October Patch Tuesday Is Huge With 170+ Fixes on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article…
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Advanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high…
AI browsers face a security flaw as inevitable as death and taxes
Agentic features open the door to data exfiltration or worse Feature With great power comes great vulnerability. Several new AI browsers, including OpenAI’s Atlas, offer the ability to take actions on the user’s behalf, such as opening web pages or…
IRISSCON 2025 to address the human impact on cybersecurity
Recent high-profile cybersecurity breaches affecting global brands share a common link: the human factor. Expert speakers will cover this subject in depth at IRISSCON 2025, which takes place at Dublin’s Aviva Stadium on Wednesday November 5. Now in its 16th…
Why Early Threat Detection Is a Must for Long-Term Business Growth
In cybersecurity, speed isn’t just a win — it’s a multiplier. The faster you learn about emerging threats, the faster you adapt your defenses, the less damage you suffer, and the more confidently your business keeps scaling. Early threat detection…
A Quarter of Scam Victims Have Considered Self-Harm
ITRC report charts shocking rise of identity fraud victims driven to thoughts of self-harm This article has been indexed from www.infosecurity-magazine.com Read the original article: A Quarter of Scam Victims Have Considered Self-Harm
Vibra Hospital Data Breach Probe
Two class action law firms specializing in data breaches, Shamis & Gentile, P.A., and Strauss Borrelli PLLC, have announced they are looking into a recent incident The post Vibra Hospital Data Breach Probe first appeared on CyberMaterial. This article has…
Google Contractor Steals Play Files
Google’s internal security apparatus has come under intense scrutiny following revelations of a prolonged breach orchestrated by a contractor with The post Google Contractor Steals Play Files first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the…
Chrome Zero Day Delivers LeetAgent
New research from Kaspersky has uncovered a cyber espionage campaign that exploited a patched zero-day security vulnerability in Google Chrome The post Chrome Zero Day Delivers LeetAgent first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the…
ChatGPT Atlas Browser Fooled By Fake Url
OpenAI’s recently released Atlas web browser, which integrates ChatGPT capabilities for functions like summarization and editing, has been The post ChatGPT Atlas Browser Fooled By Fake Url first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the…