Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…
Tag: EN
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist
South Korea’s financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware. “This operation combined the capabilities of a major Ransomware-as-a-Service (RaaS) group, Qilin, with potential…
Chrome Extension Malware Secretly Adds Hidden SOL Fees to Solana Swap Transactions
Security researchers at Socket have uncovered a deceptive Chrome extension called Crypto Copilot that masquerades as a legitimate Solana trading tool while secretly siphoning SOL from users’ swap transactions. The malicious extension, published on June 18, 2024, extracts undisclosed fees…
Registry: FeatureUsage
Maurice posted on LinkedIn recently about one of the FeatureUsage Registry key subkeys; specifically, the AppSwitched subkey. Being somewhat, maybe even only slightly aware of the Windows Registry, I read the post with casual, even mild interest. Someone posted recently that cybersecurity…
New “JackFix” Attack Leverages Windows Updates into Executing Malicious Commands
A sophisticated ClickFix campaign dubbed “JackFix” that uses fake adult websites to hijack screens with realistic Windows Update prompts, tricking users into running multistage malware payloads. Attackers mimic popular adult sites like xHamster clones to lure victims, likely via malvertising…
Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data
The Akira ransomware group has begun weaponizing vulnerabilities in SonicWall SSL VPN devices, turning merger-and-acquisition (M&A) processes into high-speed launchpads for cyberattacks. This trend exposes dangerous blind spots for businesses acquiring smaller companies, as inherited SonicWall devices often serve as…
FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks
The Federal Bureau of Investigation (FBI) has issued urgent warnings about cybercriminals spoofing the official Internet Crime Complaint Center (IC3) website to conduct phishing attacks and steal sensitive personal information. These fake sites mimic the legitimate www.ic3.gov portal with near-perfect…
Malicious Prettier Extension on VSCode Marketplace Delivers Anivia Stealer Malware to Exfiltrate Login Credentials
A dangerous malware campaign has targeted thousands of developers through a fake extension on the Visual Studio Code Marketplace. On November 21, 2025, security researchers discovered a malicious extension named “prettier-vscode-plus” designed to trick developers into installing it by mimicking…
Scaling SOC Team Expertise With AI-powered Insights for Faster, Easier Understanding of Threats
Building analyst expertise is a race against time that many Security Operations Centers (SOCs) are losing. New hires often require over six months to handle complex incidents with confidence, creating a bottleneck where senior analysts must compensate for the skills…
CodeRED emergency alert system CodeDEAD after INC ransomware attack
Regions across US affected, and one tore up its contract for the product Towns and cities across the US are without access to their CodeRED emergency alert system following a cyberattack on vendor Crisis24.… This article has been indexed from…
The Attack Surface of Cloud-Based Generative AI Applications is Evolving
It is the right time to talk about this. Cloud-based Artificial Intelligence, or specifically those big, powerful Large Language Models we see everywhere, they’ve completely changed the game. They’re more than just a new application tier. They’re an entirely new…
UK Report Proposes Liability For Software Provider Insecurity
A new report from the UK Business and Trade Committee has called for accountability of software providers for cyber flaws amid rising attack costs This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Report Proposes Liability For…
CodeRED Cyberattack Disrupts Alerts
Risk management firm Crisis24 confirmed that its OnSolve CodeRED platform, which is used by state and local governments, police, and fire agencies The post CodeRED Cyberattack Disrupts Alerts first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Exchange Online Outage Blocks Mail
Microsoft is investigating an Exchange Online service outage that is preventing customers from accessing their mailboxes using the classic Outlook desktop client. The post Exchange Online Outage Blocks Mail first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
FBI Reports 262 Million In Fraud
Cybercriminals are mounting sophisticated campaigns to commit Account Takeover (ATO) fraud by impersonating legitimate financial institutions. The post FBI Reports 262 Million In Fraud first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original article: FBI…
Tor Adopts New Onion Relay Encryption
The Tor network is a global, decentralized system that routes data through thousands of volunteer-operated relays in a multi-hop path, commonly called an onion circuit. The post Tor Adopts New Onion Relay Encryption first appeared on CyberMaterial. This article has…
Crime Rings Use Hackers To Hijack Trucks
A sophisticated and escalating cybercrime operation is targeting the logistics and transportation sector, specifically trucking carriers and freight brokers, The post Crime Rings Use Hackers To Hijack Trucks first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Thoughts on Analysis
Warning – before you get started reading this blog post, it’s only fair that I warn you…in this post, I make the recommendation that you document your analysis process. If you find this traumatic, you might want to just move…
Unprecedented Complexity
I saw it again, just today. Another post on social media stating that IT teams/defenders “face unprecedented complexity”. This one stood out amongst all of the posts proclaiming the need for agentic AI on the defender’s side, due to how these…
ShadowV2 Casts a Shadow Over IoT Devices | FortiGuard Lab
ShadowV2, a new Mirai-based botnet targeting IoT devices, surfaced during the recent AWS outage. FortiGuard Labs examines its propagation, DDoS capabilities, and global footprint. This article has been indexed from FortiGuard Labs Threat Research Read the original article: ShadowV2…