Microsoft Threat Intelligence has identified an evolved iteration of the XCSSET malware family actively exploiting macOS developers via weaponized Xcode projects. This modular backdoor, first documented in 2020, now employs advanced obfuscation techniques, refined persistence mechanisms, and novel infection vectors…
Tag: EN
Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely
A sophisticated malware campaign has recently been uncovered by security researchers at Sucuri, targeting WordPress websites through hidden malware and backdoors in the mu-plugins directory. This attack chain allows remote execution of malicious code, enabling full server compromise, data theft,…
Massive Data Exposure at Mars Hydro Highlights IoT Security Risks
Jeremiah Fowler, an experienced cybersecurity researcher at vpnMentor and co-founder of Security Discovery, has uncovered a massive data exposure involving nearly 2.7 billion records linked to Mars Hydro, a China-based manufacturer of IoT-enabled grow lights. The breach, which included sensitive…
127 Servers of Bulletproof Hosting Service Zservers Seized by Dutch Police
After governments announced sanctions against the Zservers/XHost bulletproof hosting service, Dutch police took 127 servers offline. The post 127 Servers of Bulletproof Hosting Service Zservers Seized by Dutch Police appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme
Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. The fraudulent operation “According to court documents, Sergei…
Nokia’s $2.3bn Infinera Deal Set For ‘Unconditional’ EU Approval
Nokia’s $2.3bn Infinera buy set to make company world’s second-biggest vendor of optical networking gear for data centres This article has been indexed from Silicon UK Read the original article: Nokia’s $2.3bn Infinera Deal Set For ‘Unconditional’ EU Approval
Meta Looks To Develop AI-Powered Humanoid Robots
Meta to invest heavily in consumer humanoid robots to carry out tasks within users’ homes, as it aims to create real-world AI platform This article has been indexed from Silicon UK Read the original article: Meta Looks To Develop AI-Powered…
TSMC In Talks To Take Over Intel Chip Factories
TSMC considers taking controlling stake in Intel’s US factories under Trump administration proposal to safeguard US tech manufacturing This article has been indexed from Silicon UK Read the original article: TSMC In Talks To Take Over Intel Chip Factories
Romance Scams, AI Fuel Record Scam Crypto Revenues In 2024
Scammers take in record crypto revenues in 2024 driven by romance scams, generative AI, growing organisation, finds Chainalysis This article has been indexed from Silicon UK Read the original article: Romance Scams, AI Fuel Record Scam Crypto Revenues In 2024
How to Rebuild and Restore SQL Server Master Database
In MS SQL Server, master database is the primary database that stores system information. This includes login details, linked servers, endpoints, system configurations, existence of other databases, etc. If the master database gets corrupted or damaged, the SQL Server service…
eSentire Uncovers EarthKapre/RedCurl Attack Targeting Law Firms
eSentire’s Threat Response Unit (TRU) has uncovered a new cyber espionage campaign leveraging a legitimate Adobe executable to sideload the EarthKapre/RedCurl loader. The attack specifically targeted a firm in the Legal Services industry, highlighting the group’s persistent focus on corporate…
IDOR Vulnerability in ExHub Let Attacker Modify Web Hosting Configuration
A critical Insecure Direct Object Reference (IDOR) vulnerability was recently discovered in ExHub, a cloud-based platform for hulia-based development. This flaw allowed attackers to modify web hosting configurations of any project without proper authorization, posing significant risks to affected systems. …
Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns
DeepSeek has temporarily paused downloads of its chatbot apps in South Korea while it works with local authorities to address privacy concerns. The post Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns appeared first on SecurityWeek.…
⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the…
CISO’s Expert Guide To CTEM And Why It Matters
Cyber threats evolve—has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management (CTEM) is the smart approach for proactive cybersecurity. This concise report makes a clear business case for why CTEM’s comprehensive…
Telegram Used as C2 Channel for New Golang Malware
A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Used as C2…
Linux Kernel 6.14 rc3 Released With The Fixes for Critical Issues
Linus Torvalds has announced the release of Linux Kernel 6.14-rc3, marking a critical milestone in stabilizing the upcoming 6.14 kernel version. This release candidate addresses architectural vulnerabilities and introduces the lightweight “Faux Bus” framework to streamline driver development. The update…
Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites
Pro-Russia collective NoName057(16) launched DDoS attacks on Italian sites, targeting airports, the Transport Authority, major ports, and banks. The pro-Russia hacker group NoName057(16) launched a new wave of DDoS attacks this morning against multiple Italian entities. The group targeted the…
Industry Moves for the week of February 17, 2025 – SecurityWeek
Explore industry moves and significant changes in the industry for the week of February 17, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…
Xerox Versalink Printer Vulnerabilities Enable Lateral Movement
Xerox released security updates to resolve pass-back attack vulnerabilities in Versalink multifunction printers. The post Xerox Versalink Printer Vulnerabilities Enable Lateral Movement appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Xerox Versalink Printer…