A new Bloody Wolf campaign exploits legitimate remote-administration software for cyber-attacks on government targets in Central Asia This article has been indexed from www.infosecurity-magazine.com Read the original article: Bloody Wolf Threat Actor Expands Activity Across Central Asia
Tag: EN
NVIDIA DGX Spark Vulnerabilities Let Attackers Execute Malicious Code and DoS Attacks
An urgent security update for its DGX Spark AI workstation after discovering 14 vulnerabilities in the system’s firmware that could allow attackers to execute malicious code and launch denial-of-service attacks. The most severe flaw has a CVSS score of 9.3…
Dead Man’s Switch – Widespread npm Supply Chain Attack Driving Malware Attacks
GitLab’s Vulnerability Research team has uncovered a large-scale supply chain attack spreading a destructive malware variant through the npm ecosystem. The malware, an evolved version of “Shai-Hulud,” contains a dangerous feature that threatens to destroy user data if attackers lose…
Qilin RaaS Exposed 1 Million Files and 2 TB of Data Linked to Korean MSP Breach
The “Korean Leaks” campaign has emerged as one of the most sophisticated supply chain attacks targeting South Korea’s financial sector in recent memory. This operation combined the capabilities of the Qilin Ransomware-as-a-Service (RaaS) group with potential involvement from North Korean…
Millions at risk after nationwide CodeRED alert system outage and data breach
A ransomware attack against the CodeRED emergency alert platform has triggered warnings across the US. This article has been indexed from Malwarebytes Read the original article: Millions at risk after nationwide CodeRED alert system outage and data breach
Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0
Tel Aviv, Israel, 27th November 2025, CyberNewsWire The post Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0 appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original…
One Identity Safeguard Named a Visionary in the 2025 Gartner Magic Quadrant for PAM
Alisa Viejo, CA, USA, 27th November 2025, CyberNewsWire One Identity Safeguard Named a Visionary in the 2025 Gartner Magic Quadrant for PAM on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been…
Lapsus$ Hunters Register 40+ Domains Impersonating Zendesk Environments
ReliaQuest’s Threat Research team has uncovered a significant new campaign from the notorious threat collective “Scattered Lapsus$ Hunters,” this time targeting users and organizations that leverage the widely adopted customer support platform Zendesk. The investigation revealed more than 40 typosquatted…
“Dead Man’s Switch” Triggers Massive npm Supply Chain Malware Attack
GitLab’s security team has discovered a severe, ongoing attack spreading dangerous malware through npm, the world’s most extensive code library. The malware uses an alarming “dead man’s switch,” a self-destruct trigger that threatens to erase user data if the attack…
Handala Hacker Group Targets Israeli High-Tech and Aerospace Professionals
A sophisticated cyber intimidation campaign by the Handala hacker group has targeted Israeli high-tech and aerospace professionals, publishing their personal information alongside aggressive, misleading descriptions that falsely label them as criminals. Security researchers monitoring dark web activity discovered the publication,…
Apache SkyWalking Flaw Allows Attackers to Launch XSS Attacks
A recently discovered vulnerability in Apache SkyWalking, a popular application performance monitoring tool, could allow attackers to execute malicious scripts and launch cross-site scripting (XSS) attacks. The flaw, identified as CVE-2025-54057, affects all versions of SkyWalking up to 10.2.0. CVE…
OpenAI Reveals Mixpanel Data Breach Exposing User Details
OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring usage on its API platform. The breach exposed limited but sensitive user information, including names, email…
Crypto Exchange Upbit Suffers Security Breach After $10B Deal
The timing is awful. The breach occurred just hours after its parent company, Dunamu Inc., unveiled a massive $10.3 billion takeover by tech giant Naver Corp. The post Crypto Exchange Upbit Suffers Security Breach After $10B Deal appeared first on…
When Buyers Discount MSPs With One Big Customer
Your biggest customer loves you. Three years together. They trust you, pay on time, and refer others. From where you sit, that’s loyalty. From where a buyer sits, that’s a $$$ discount on your exit. This perception gap kills more…
Waymo Robotaxi Films Deadly San Francisco Shooting
A Waymo autonomous vehicle may have captured video footage of a fatal shooting incident in San Francisco’s Mission neighborhood over the weekend, highlighting the emerging role of self-driving cars as potential witnesses in criminal investigations. The incident resulted in one…
Russian-Linked Surveillance Tech Firm Protei Hacked, Website Defaced and Data Published
A telecommunications technology provider with ties to Russian surveillance infrastructure has reportedly suffered a major cybersecurity breach. The company, Protei, which builds systems used by telecom providers to monitor online activity and restrict access to websites and platforms, had…
Detego DFIR Platform centralizes evidence, workflows, and real-time case insights
Detego Global has announced the launch of Detego Case Manager for DFIR, a purpose-built platform designed to meet the evolving demands of digital forensics and incident response (DFIR) teams. Developed in close collaboration with investigative professionals, Detego Case Manager for…
Openai User Data Exposed In Mixpanel Hack
Product analytics and event-tracking solutions provider Mixpanel recently disclosed a security incident that they detected on November 8. The post Openai User Data Exposed In Mixpanel Hack first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the…
Amazon Uses AI Agents For Bug Hunting
Generative AI is simultaneously speeding up software development and empowering digital attackers, placing immense pressure on technology The post Amazon Uses AI Agents For Bug Hunting first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Hackers Use Blender Assets To Spread StealC
An ongoing malicious operation, active for a minimum of six months, has been utilizing Blender Foundation files to deliver the StealC V2 information stealer. The post Hackers Use Blender Assets To Spread StealC first appeared on CyberMaterial. This article has…