Cybersecurity researchers have unveiled a new attack—dubbed the “C4 Bomb” (Chrome Cookie Cipher Cracker)—that successfully bypasses Google Chrome’s much-touted AppBound Cookie Encryption. This breakthrough exposes millions of users to renewed risks of cookie theft, credential compromise, and potential data breaches,…
Tag: EN
Linux 6.16-rc4 Launches Out With Filesystem, Driver, and Hardware Fixes
Linus Torvalds has officially announced the release of Linux 6.16-rc4, marking the halfway point in the development cycle for the upcoming 6.16 kernel. Despite a notably large merge window, Torvalds described the release candidate process as “fairly calm,” signaling a smooth…
Stealthy WordPress Malware Uses PHP Backdoor to Deliver Windows Trojan
A sophisticated malware campaign targeting WordPress websites has recently been uncovered, showcasing an intricate and stealthy approach to delivering a Windows-based trojan. This attack, which operates beneath the surface of seemingly clean websites, employs a layered infection chain involving PHP-based…
5 Critical Security Risks Facing COBOL Mainframes
COBOL remains deeply embedded in the infrastructure of global enterprises, powering critical systems in banking, insurance, government, and beyond. While its stability and processing efficiency are unmatched, legacy environments running COBOL face a growing challenge: Security. As cyber threats evolve…
Europol dismantles €460M crypto scam targeting 5,000 victims worldwide
Europol busted a crypto scam ring that laundered €460M from 5,000+ victims. Operation Borrelli involved Spain, the U.S., France, and Estonia. Europol has taken down a massive cryptocurrency fraud ring that scammed over 5,000 people worldwide, laundering around €460 million…
Django App Vulnerabilities Chained to Execute Arbitrary Code Remotely
A critical remote code execution (RCE) vulnerability affecting Django web applications, demonstrating how seemingly benign CSV file upload functionality can be weaponized for complete server compromise. Summary1. Django RCE exploit chains directory traversal with CSV parser abuse to compromise servers…
263,000 Impacted by Esse Health Data Breach
Esse Health says the personal information of over 263,000 individuals was stolen in an April 2025 cyberattack. The post 263,000 Impacted by Esse Health Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Google patches actively exploited Chrome (CVE‑2025‑6554)
Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. “Google is aware that an exploit for CVE-2025-6554 exists in the wild,” the company said.…
Ransomware Strike on Swiss Health Foundation Exposes Government Data
The threat actor Sarcoma has been held responsible for a ransomware attack on a Swiss health foundation This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Strike on Swiss Health Foundation Exposes Government Data
June Patch Tuesday from Microsoft Fixed 70+ Bugs, Including A Zero-Day
The June 2025 Patch Tuesday update bundle from Microsoft addressed numerous critical vulnerabilities and zero-day… June Patch Tuesday from Microsoft Fixed 70+ Bugs, Including A Zero-Day on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.…
Ransomware Detection Best Practices: How to Catch Attacks Before Data is Lost
Ransomware isn’t just a buzzword—it’s a real, growing threat that can cripple your business in… Ransomware Detection Best Practices: How to Catch Attacks Before Data is Lost on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing…
Blind Eagle Hackers Leverage Open-Source RATs and Ciphers to Evade Static Detection
Trustwave SpiderLabs has uncovered a chilling cyber threat targeting Latin American organizations, particularly in the financial sector, with a focus on Colombian institutions. The threat cluster, linked to the notorious Proton66 OOO infrastructure, employs a cunning mix of open-source Remote…
Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities
Many Citrix NetScaler systems are exposed to attacks exploiting the vulnerabilities tracked as CVE-2025-5777 and CVE-2025-6543. The post Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms
The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200…
Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the…
US Takes Down North Korean Fraud Ring
US Justice Department arrests one, charges eight others over laptop farms that served as cover for North Koreans to earn millions for regime This article has been indexed from Silicon UK Read the original article: US Takes Down North Korean…
Circle Applies To Create National Trust Bank After IPO Success
Crypto stablecoin firm Circle says applying to create national trust bank in US, after stock price more than doubles following IPO This article has been indexed from Silicon UK Read the original article: Circle Applies To Create National Trust Bank…
North Korean IT Workers Employ New Tactics to Infiltrate Global Organizations
Microsoft Threat Intelligence has uncovered a sophisticated operation by North Korean remote IT workers who are leveraging cutting-edge artificial intelligence (AI) tools to infiltrate organizations worldwide. Since at least 2020, these highly skilled individuals, often based in North Korea, China,…
Terrible tales of opsec oversights: How cybercrooks get themselves caught
The silly mistakes to the flagrant failures They say that success breeds complacency, and complacency leads to failure. For cybercriminals, taking too many shortcuts when it comes to opsec delivers a little more than that. … This article has been indexed…
North Korean Remote IT Workers Added New Tactics and Techniques to Infiltrate Organizations
North Korean state-sponsored remote IT workers have significantly evolved their infiltration tactics, incorporating artificial intelligence tools and sophisticated deception techniques to penetrate organizations worldwide. Since 2024, these highly skilled operatives have enhanced their fraudulent employment schemes by leveraging AI-powered image…