A surge in “Pass-the-Cookie” (PTC) attacks is undermining multi-factor authentication (MFA), enabling cybercriminals to hijack session cookies and bypass security measures to access sensitive accounts. Recent advisories from the FBI and cybersecurity firms highlight how attackers exploit stolen browser cookies…
Tag: EN
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications
Security researchers have uncovered a new campaign leveraging the Njrat remote access trojan (RAT) to abuse Microsoft’s developer-oriented Dev Tunnels service for covert command-and-control (C2) communications. Historically associated with credential theft and USB-based propagation, the malware now utilizes Microsoft’s infrastructure…
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data
A new variant of the Poco RAT malware has emerged as a significant threat to Spanish-speaking organizations across Latin America, leveraging sophisticated PDF decoys and cloud-based delivery systems to infiltrate networks and exfiltrate sensitive data. Linked to the cyber-mercenary group…
OSPS Baseline: Practical security best practices for open source software projects
The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the maturity of open…
Cisco fixed command injection and DoS flaws in Nexus switches
Cisco addressed command injection and denial-of-service (DoS) vulnerabilities in some models of its Nexus switches. Cisco released security updates to address command injection and DoS vulnerabilities in Nexus switches, including a high-severity flaw. The most severe issue, tracked as CVE-2025-20111…
Ransomware Group Takes Credit for Lee Enterprises Attack
The Qilin ransomware gang claims to have stolen 350 Gb of files from Lee Enterprises in the attack that caused newspaper disruptions. The post Ransomware Group Takes Credit for Lee Enterprises Attack appeared first on SecurityWeek. This article has been…
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, called…
Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn
In February 2025, Sophos completed the Secureworks deal and SolarWinds went private This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn
JavaGhost’s Persistent Phishing Attacks From the Cloud
Unit 42 reports on phishing activity linked to the threat group JavaGhost. These attacks target organizations’ AWS environments. The post JavaGhost’s Persistent Phishing Attacks From the Cloud appeared first on Unit 42. This article has been indexed from Unit 42…
Man Jailed 24 Years for Running Dark Web CSAM Sites from Coffee Shop
Louis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via… This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News Read the original article: Man Jailed…
New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable new threat: “Pass-the-Cookie” attacks. Recent findings reveal from Long Wall shows that threat actors exploit browser session cookies to bypass MFA entirely, granting full access to corporate…
Telegram as #1 Messenger Used by Cybercriminals for Communications
Telegram remains the undisputed leader in cybercriminal communications, with recent analysis revealing over 80 million unique identifiers and links to Telegram channels shared across underground forums, a figure exceeding competitors like Discord (2.8 million links) and Session (450,000 IDs). While…
Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes
The Vo1d botnet is now powered by 1.6 million Android TV devices, up from 1.3 million half a year ago. The post Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes appeared first on SecurityWeek. This article has…
Spotlight on Regulatory Compliance: The Challenges Your IT and Security Teams May Face
Businesses face increasing pressure to maintain compliance across regions, mitigate risks and improve consumer protection and stakeholder trust. The post Spotlight on Regulatory Compliance: The Challenges Your IT and Security Teams May Face appeared first on Security Boulevard. This article…
Microsoft Names Suspects in Lawsuit Against AI Hackers
In a lawsuit targeting cybercriminals who abuse AI services, Microsoft has named individuals from Iran, the UK, China and Vietnam. The post Microsoft Names Suspects in Lawsuit Against AI Hackers appeared first on SecurityWeek. This article has been indexed from…
Old Vulnerabilities Among the Most Widely Exploited
Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report This article has been indexed from www.infosecurity-magazine.com Read the original article: Old Vulnerabilities…
How to Protect Your Digital Identity While Gaming Online
Playing games online provides entertainment but exposes you to specific dangers during gameplay. Hackers and scammers specifically target your personal data, payment specifics, and gaming account information. Cybercriminals steal money and account credentials through phishing attacks, malware, and unsecured systems.…
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data
Lynx, a new ransomware variant, has been rising through the ranks of cyber threats since its initial release in mid-2024. Operating under a Ransomware-as-a-Service (RaaS) model, Lynx targets organizations globally through double extortion campaigns, combining file encryption with systematic data…
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the…
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations…