Government data has been stolen in a cyberattack, though officials say the risk to individuals remains low, according to a UK minister. The incident has prompted an ongoing investigation and renewed warnings from cybersecurity experts about the long-term risks of…
Tag: EN
NDSS 2025 – RACONTEUR: A Knowledgeable, Insightful, And Portable LLM-Powered Shell Command Explainer
Session 6D: Software Security: Vulnerability Detection Authors, Creators & Presenters: Jiangyi Deng (Zhejiang University), Xinfeng Li (Zhejiang University), Yanjiao Chen (Zhejiang University), Yijie Bai (Zhejiang University), Haiqin Weng (Ant Group), Yan Liu (Ant Group), Tao Wei (Ant Group), Wenyuan Xu…
Cybersecurity Weekly Recap – PornHub Breach, Cisco 0-Day, Amazon Detains DPRK IT Worker, and more
In a week that revealed the flaws in digital trust, cybersecurity headlines were filled with high-profile breaches, zero-day exploits, and bold nation-state espionage. Attackers claimed to have swiped usernames, emails, and encrypted passwords from over 1.2 million accounts, underscoring the…
Iranian Infy Prince of Persia Cyber Espionage Campaign Resurfaces
Security researchers have identified renewed cyber activity linked to an Iranian threat actor known as Infy, also referred to as Prince of Persia, marking the group’s re-emergence nearly five years after its last widely reported operations in Europe and…
RansomHouse Develops More Complex Encryption for Recent Attacks
The ransomware group known as RansomHouse has recently enhanced the encryption mechanism used in its attacks, moving away from a basic, single-step process to a more advanced, multi-layered approach. This change reflects a deliberate effort to strengthen the effectiveness…
Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ATM…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks Operation MoneyMount-ISO — Deploying…
Lead Generation Sector Faces Scrutiny Following 16TB Data Exposure
In the wake of a massive unsecured MongoDB database, researchers have rekindled their interest in the risks associated with corporate intelligence and lead generation ecosystems. Researchers discovered that the MongoDB instance had been exposed, containing about 16 terabytes of…
£1.8bn BritCard: A Security Investment Against UK Fraud
The UK has debated national ID for years, but the discussion has become more pointed alongside growing privacy concerns. Two decades ago Tony Blair could sing the praises of ID cards and instead of public hysteria about data held by government,…
Top 10 CERT-In Empanelled Auditors in India in 2026
Organisations today are increasingly exposed to cyber risks originating from unchecked network scanning and unpatched vulnerabilities. At the same time, the rise of malicious large language models like WormGPT and FraudGPT has lowered the barrier for hackers, enabling even less-skilled…
How essential are NHIs in the effective management of cloud security
Are Non-Human Identities the Missing Piece in Cloud Security? Where data breaches and cyber threats are a constant concern, the question of how organizations can effectively manage cloud security has become more critical than ever. Non-Human Identities (NHIs) are emerging…
Can NHIs drive better data security practices
How Do Non-Human Identities (NHIs) Enhance Data Security Practices? Have you ever considered the importance of firmly managing Non-Human Identities (NHIs) in your organization’s data security strategy? With digital becomes increasingly sophisticated, safeguarding machine identities is crucial for shielding sensitive…
How to leverage Agentic AI for cost-effective security
Are You Effectively Leveraging Agentic AI for Cost-Effective Security? The rise of digital transformation within organizations has significantly enhanced productivity and innovation yet has introduced potential vulnerabilities, particularly for machine identities or Non-Human Identities (NHIs). Understanding how to manage NHIs…
What innovations in NHIs are transforming cybersecurity
What Are Non-Human Identities and How Do They Impact Cybersecurity? How can organizations secure their digital amidst a rapidly transforming cybersecurity environment? Where industries increasingly transition to cloud-based solutions, managing Non-Human Identities (NHIs) becomes an essential component of a robust…
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission the right way People are starting to hand more decisions to AI agents, from booking…
Massive Android botnet Kimwolf infects millions, strikes with DDoS
The Kimwolf Android botnet has infected 1.8M+ devices, launching massive DDoS attacks and boosting its C&C domain, says XLab. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8 million devices and issued…
NIST tried to pull the pin on NTP servers after blackout caused atomic clock drift
A rare case of deliberately trying to induce an outage A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable backup generators powering some of its Network Time Protocol infrastructure, after a power outage around…
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. “The scale of Prince…
100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild
Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild. The vulnerability, tracked as CVE-2025-20393, currently has…
ATM Jackpotting ring busted: 54 indicted by DoJ
The U.S. Department of Justice has indicted 54 individuals over a multi-million-dollar ATM jackpotting fraud scheme. U.S. DoJ indicted 54 people for a nationwide ATM jackpotting scheme that stole millions via malware. The case links the crimes to the cybercrime…