Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild. The vulnerability in question is CVE-2025-59287 (CVSS…
Tag: EN
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation
The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit…
Sotheby’s Investigates Cyberattack That Exposed Employee Financial Information
Global auction house Sotheby’s has disclosed that it recently suffered a data breach in which cybercriminals accessed and extracted files containing sensitive information. The company confirmed that the security incident, detected on July 24, 2025, led to unauthorized access…
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-54236 Adobe Commerce and Magento Improper Input Validation Vulnerability CVE-2025-59287 Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability These types…
Everest Ransomware Claims AT&T Careers Breach with 576K Records
Everest ransomware group claims a breach of AT&T Careers, alleging theft of 576,000 applicant and employee records locked behind a password-protected listing. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read…
Top 10 Best Security Operations Center (SOC) as a Service Providers in 2025
In 2025, the digital landscape is more complex and perilous than ever. Organizations face an unrelenting barrage of sophisticated cyber threats, from advanced ransomware campaigns to nation-state-backed attacks. As a result, many are turning to SOC as a Service Providers…
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain to Deploy StealerBot Malware
The SideWinder advanced persistent threat group has emerged with a sophisticated new attack methodology that leverages ClickOnce applications to deploy StealerBot malware against diplomatic and governmental targets across South Asia. In September 2025, security researchers detected a targeted campaign affecting…
NDSS 2025 – Symposium on Usable Security and Privacy (USEC) 2025 Afternoon, Paper Session 2
Authors, Creators & Presenters: PAPERS Understanding reCAPTCHAv2 via a Large-Scale Live User Study Andrew Searles (University of California Irvine), Renascence Tarafder Prapty (University of California Irvine), Gene Tsudik (University of California Irvine) Modeling End-User Affective Discomfort With Mobile App Permissions…
Randall Munroe’s XKCD ‘’Ping”
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘’Ping” appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Randall Munroe’s XKCD…
Why Threat Actors Succeed
Learn why threat actors succeed by exploiting security weaknesses. Defend against threats with integrated platforms, improved visibility and strong IAM. The post Why Threat Actors Succeed appeared first on Palo Alto Networks Blog. This article has been indexed from Palo…
Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability
Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild. The vulnerability in question is CVE-2025-59287 (CVSS…
Cybersecurity awareness news brief: What works, what doesn’t
<p>Cybersecurity Awareness Month was introduced in October 2004 by the U.S. Department of Homeland Security and the National Cybersecurity Alliance. Its initial guidance, which covered simple security tasks — such as updating antivirus twice a year, just as you would…
Cybersecurity Awareness Month: The endpoint security issue
<p>October is Cybersecurity Awareness Month, as well as awareness month for many other — arguably more important — causes, such as breast cancer, depression, domestic violence, Down syndrome and, not to be overlooked, squirrels.</p> <p>Because endpoint security continues to become…
Asahi Group Confirms Ransomware Attack Disrupting Operations and Leaking Data
Japanese food and beverage conglomerate Asahi Group Holdings has confirmed that a ransomware attack severely disrupted its operations and potentially exposed sensitive data, including employee and financial information. The cyberattack, which occurred on September 29, 2025, forced the company…
Fake Breach Alerts Target LastPass and Bitwarden Users to Hijack PCs
An ongoing phishing campaign is targeting users of LastPass and Bitwarden with fake breach alerts designed to install remote access tools on victims’ systems. The emails falsely claim that both password managers suffered security incidents and urge users to…
The Silent Guardians Powering the Frontlines of Cybersecurity
There is no doubt that a world increasingly defined by invisible battles and silent warriors has led to a shift from trenches to terminals on which modern warfare is now being waged. As a result, cyberwarfare is no longer…
Researchers warn of critical flaws in TP-Link routers
No active exploitation has been spotted, however the vendor and researchers advise users to immediately apply updates. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Researchers warn of critical flaws in TP-Link routers
New Red Teaming Tool RedTiger Attacking Gamers and Discord Accounts in the Wild
RedTiger is an open-source red-teaming tool repurposed by attackers to steal sensitive data from Discord users and gamers. Released in 2025 on GitHub, RedTiger bundles penetration-testing utilities, including network scanners and OSINT tools. But its infostealer module has gone rogue,…
MuddyWater Using New Malware Toolkit to Deliver Phoenix Backdoor Malware to International Organizations
The Advanced Persistent Threat group MuddyWater, widely recognized as an Iran-linked espionage actor, has orchestrated a sophisticated phishing campaign targeting more than 100 government entities and international organizations across the Middle East, North Africa, and beyond. The operation, which became…
New LockBit Ransomware Victims Identified by Security Researchers
Check Point has identified a dozen attacks in September that bore the LockBit stamp, with half of them attributed to the group’s new ransomware version This article has been indexed from www.infosecurity-magazine.com Read the original article: New LockBit Ransomware Victims…