A critical vulnerability in Git CLI enables arbitrary file writes on Linux and macOS systems, with working proof-of-concept exploits now publicly available. CVE-2025-48384, assigned a CVSS severity score of 8.1/10, allows attackers to achieve remote code execution through maliciously crafted…
Tag: EN
British Citizen Jailed for Islamophobic WiFi Hack at UK Train Stations
A British man has been sentenced to 24 months’ imprisonment, suspended for 24 months, after pleading guilty to hijacking WiFi networks at major UK train stations. Also, users were directed to Islamophobic content that referenced prior terrorist acts, causing significant…
The SaaS Security Disconnect: Why Most Organizations Are Still Vulnerable
A new report from AppOmni captures a significant misplaced confidence in the security of software-as-a-service applications and escalating risks associated with these cloud services. The post The SaaS Security Disconnect: Why Most Organizations Are Still Vulnerable appeared first on Security…
Pentera unveils capability to detect Git repository risk exposure
Pentera has introduced a capability to uncover and validate risk exposure from data in Git repositories. Pentera now discovers repositories linked to the organization, identifies embedded credentials, tokens, and other sensitive data, and utilizes them to execute safe-by-design test-attacks against…
At-Bay MXDR boosts security for mid-market and small businesses
At-Bay launched its new Managed Extended Detection and Response (MXDR) platform, designed to give mid-market and small businesses access to enterprise-grade cybersecurity at an affordable cost. Spanning endpoint, cloud, identity, and email, At-Bay Stance MXDR provided by At-Bay Security, gives…
North Korean Actors Expand Contagious Interview Campaign with New Malware Loader
Socket has identified a new malware loader called XORIndex incorporated into malicious packages published to the npm registry, with over 9000 downloads so far This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Actors Expand Contagious…
Hacktivists Launch Attacks on ICS Systems to Exfiltrate Sensitive Information
Hacktivists’ attacks on Industrial Control Systems (ICS) are becoming more intense in a noticeable evolution of ideologically motivated cyber operations. They have progressed from simple Distributed Denial of Service (DDoS) attacks and website vandalism to more complex intrusions targeted at…
AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. “AsyncRAT has cemented its place…
Securing Agentic AI: How to Protect the Invisible Identity Access
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders…
State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments
Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto Networks Unit 42 under…
Meme Coins in 2025: High Risk, High Reward, and Rising Security Threats
Meme coins started as internet jokes, but by 2025, they’ve become one of the most volatile and talked-about… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Meme Coins…
LaRecipe Tool with 2.3M Downloads Found Vulnerable to Full Server Takeover
A critical security vulnerability has been discovered in LaRecipe, a popular Laravel documentation package with over 2.3 million downloads, that could allow attackers to completely compromise affected servers. The vulnerability, identified as CVE-2025-53833, enables Server-Side Template Injection (SSTI) attacks that…
14 Hackers Arrested in Massive Tax Fraud Scheme, Authorities Confirm
Authorities have arrested 14 individuals in a coordinated international operation targeting a sophisticated tax fraud scheme that exploited stolen personal data to submit fraudulent claims worth over £1 million. The arrests demonstrate the growing collaboration between UK and Romanian law…
Ransomware Threat Grows as Attackers Move Into VMware and Linux
Linux has been the reliable backbone of business infrastructure for many years; it powers 96% of the top million web servers worldwide and more than 80% of workloads in public clouds. Its reputation for reliability and inherent security has long…
North Korean Hackers Exploit Zoom Invites in Attacks on Crypto Companies
Cybersecurity firm SentinelOne has exposed an ongoing malware campaign orchestrated by North Korean threat actors, known for their persistent “fake interview” scams. This operation continues to leverage spear-phishing tactics aimed at individuals and organizations within the Web3, cryptocurrency, and blockchain…
Hackers Leveraging AWS Lambda URLs Endpoints to Attack Governments Organizations
A previously unreported Windows backdoor dubbed “HazyBeacon” has emerged in a stealthy espionage campaign that began in late 2024 and is still unfolding across several Southeast Asian government networks. The operators exploit the public URL feature of AWS Lambda—originally designed…
Pentagon Awards AI Contracts To OpenAI, Google, Anthropic, xAI
US Defence Department hands contracts of up to $200m each to AI leaders as White House seeks to expand government AI adoption This article has been indexed from Silicon UK Read the original article: Pentagon Awards AI Contracts To OpenAI,…
Meta To Spend ‘Hundreds Of Billions’ On AI Data Centres
Meta vows to spend hundreds of billions of dollars on AI infrastructure as it seeks to keep up with competitors such as Google and OpenAI This article has been indexed from Silicon UK Read the original article: Meta To Spend…
North Korea-linked actors spread XORIndex malware via 67 malicious npm packages
North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have uploaded 67 malicious npm packages with XORIndex malware loader, hitting over…
Social Engineering Identified as Catalyst for M&S Ransomware Breach
Marks & Spencer (M&S), one of the largest and most established retailers in the United Kingdom, has confirmed that a highly targeted social engineering operation triggered the ransomware attack in April 2025. This breach, which is associated with DragonForce…