A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US companies and extorting nearly $1.3 million from one of the victims. According to a federal grand…
Tag: EN
Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus. According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor…
Ransomware Defense Using the Wazuh Open Source Platform
Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical…
Apple Patches 19 WebKit Vulnerabilities
Apple has released iOS 26.1 and macOS Tahoe 26.1 with patches for over 100 vulnerabilities, including critical flaws. The post Apple Patches 19 WebKit Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
MY TAKE: From AOL-Time Warner to OpenAI-Amazon — is the next tech bubble already inflating?
Anyone remember the dot-com bubble burst? The early warning came in January 2000, when AOL and Time Warner joined forces in a $164 billion deal — the largest merger in U.S. history at the time. Related: Reuters’ backstory on Amazon…
Oct Recap: New AWS Privileged Permissions and Services
As October 2025 closes, Sonrai’s latest analysis of new AWS permissions reveals a continued trend: incremental privilege changes with outsized impact. This month’s additions span OpenSearch Ingestion, Aurora DSQL, QuickSight, Parallel Computing Service, ARC Region Switch, and RTB Fabric, touching…
Oct Recap: New and Newly Deniable GCP Privileged Permissions
As October 2025 wraps up, Sonrai’s latest analysis of Google Cloud Platform permissions reveals both newly introduced privileged actions and those that have become newly enforceable through the V2 API, meaning organizations can now explicitly deny their use. This month’s…
European authorities dismantle €600 million crypto scam network
Nine people have been arrested in a coordinated international operation targeting a large cryptocurrency money laundering network that defrauded victims of more than €600 million. The operation was led by Eurojust, the EU’s judicial cooperation agency, which brought together investigators…
China-Linked Hackers Target Cisco Firewalls in Global Campaign
New reports show China-based hackers are targeting US federal, state, and global government networks via unpatched Cisco firewalls. Get the full details and necessary steps to secure devices. This article has been indexed from Hackread – Cybersecurity News, Data Breaches,…
Former Cyber-Security Employees Accused Of Hacks
Three former employees of two cyber-security firms accused of carrying out ransomware attacks on multiple companies in their spare time This article has been indexed from Silicon UK Read the original article: Former Cyber-Security Employees Accused Of Hacks
Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform, which emerged in August 2023, has become a formidable adversary against organizational security, employing advanced evasion techniques and adversary-in-the-middle (AiTM)…
Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Network
An ongoing malicious advertising campaign is weaponizing legitimate software downloads to deploy OysterLoader malware, previously identified as Broomstick and CleanUpLoader. This sophisticated initial access tool enables cybercriminals to establish footholds in corporate networks, ultimately serving as a delivery mechanism for…
Critical Android 0-Click Vulnerability in System Component Allows Remote Code Eexecution Attacks
Google has issued a critical security alert for Android devices, highlighting a severe zero-click vulnerability in the system’s core components that could allow attackers to execute malicious code remotely without any user interaction. Disclosed in the November 2025 Android Security…
Hackers Actively Scanning Internet to Exploit XWiki Remote Code Execution Vulnerability
A critical remote code execution vulnerability affecting XWiki’s SolrSearch component has become the target of widespread exploitation attempts, prompting cybersecurity authorities to add it to their watchlist. The flaw allows attackers with minimal guest privileges to execute arbitrary commands on…
Zscaler Acquires AI Security Company SPLX
SPLX red teaming, asset management, and threat inspection technology will enable Zscaler to expand its Zero Trust Exchange platform. The post Zscaler Acquires AI Security Company SPLX appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Microsoft Receives US Permit To Send Nvidia Chips To UAE
Microsoft receives permit to send advanced Nvidia AI accelerator chips to United Arab Emirates as US battles China influence This article has been indexed from Silicon UK Read the original article: Microsoft Receives US Permit To Send Nvidia Chips To…
Microsoft Plans to Remove Entra Accounts from Authenticator on Jailbroken Devices
Microsoft is rolling out a significant security enhancement for its Authenticator app starting February 2026, introducing jailbreak and root detection capabilities that will automatically wipe Microsoft Entra credentials from compromised devices. This move represents a strategic shift toward strengthening enterprise…
Sling TV turned privacy into a game you weren’t meant to win
California has fined Sling TV for misleading privacy controls that made opting out nearly impossible. Even children’s data ended up in ad targeting. This article has been indexed from Malwarebytes Read the original article: Sling TV turned privacy into a…
DeFi Protocol Balancer Loses Over $120m in Cyber Heist
Digital thieves have got away with over $120m stolen from popular decentralized finance protocol Balancer This article has been indexed from www.infosecurity-magazine.com Read the original article: DeFi Protocol Balancer Loses Over $120m in Cyber Heist
Waymo To Expand Into Las Vegas, San Diego, Detroit
Google sister company Waymo plans autonomous taxi services in three more US cities, as it seeks to accelerate growth This article has been indexed from Silicon UK Read the original article: Waymo To Expand Into Las Vegas, San Diego, Detroit