Infected 4.3 million Chrome and Edge users via extensions; ShadyPanda exploited browser marketplaces This article has been indexed from www.infosecurity-magazine.com Read the original article: ShadyPanda’s Seven-Year Campaign Infects 4.3M Chrome and Edge Users
Tag: EN
The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security
When familiar security concepts carry unfamiliar meanings for different audiences, teams talk past each other without even realizing it. This silent disconnect weakens communication, clarity, and outcomes. The post The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security appeared…
X’s New Location Feature Exposes Foreign Manipulation of US Political Accounts
X’s new location feature has revealed that many high-engagement US political accounts, particularly pro-Trump ones, are actually operated from countries outside the United States such as Russia, Iran, and Kenya. This includes accounts that strongly claim to represent American…
More Breaches, More Risks: Experts say Protect Your Data Now
As data breaches surge, experts warn consumers to guard personal information before it reaches the dark web With data breaches becoming almost routine, more consumers are being forced to confront the risks of having their personal information exposed online. …
Forward Edge-AI delivers quantum-safe data diode and earns communications patent
Forward Edge-AI announced two major milestones in advancing quantum-resistant communications: the United States Patent and Trademark Office (USPTO) has issued a Notice of Allowance for its patent application covering attack-resilient, trust-verified communications, and the company has delivered its Isidore Quantum…
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted exploitation”. According to the December Android security bulletin, both vulnerabilities affect the Android Framework, which is a collection of core…
120,000 Cameras Hacked In South Korea
Police announced on Sunday the arrests of four people in South Korea who allegedly breached more than 120,000 video cameras located in private homes The post 120,000 Cameras Hacked In South Korea first appeared on CyberMaterial. This article has been…
French Soccer Federation Suffers Cyberattack
The French soccer federation (FFF) confirmed on Thursday that it had been targeted by a cyber-attack resulting in the theft of data related to its members. The post French Soccer Federation Suffers Cyberattack first appeared on CyberMaterial. This article has…
Police Shut Down Cryptomixer Service
Law enforcement agencies from Switzerland and Germany have executed a significant operation, dubbed “Operation Olympia,” resulting The post Police Shut Down Cryptomixer Service first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original article: Police Shut…
North Korea Lazarus Group Hits Crypto
South Korean government officials are actively investigating a sophisticated cyberattack that resulted in the theft of $30 million worth of cryptocurrency The post North Korea Lazarus Group Hits Crypto first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
India Orders Phones To Preinstall App
India’s telecommunications ministry has issued a directive requiring all major mobile device manufacturers to preload a government-backed cybersecurity The post India Orders Phones To Preinstall App first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Whispering poetry at AI can make it break its own rules
Malicious prompts rewritten as poems have been found to bypass AI guardrails. Which models resisted and which failed the poetic jailbreak test? This article has been indexed from Malwarebytes Read the original article: Whispering poetry at AI can make it…
New eBPF Filters for Symbiote and BPFdoor Malware
FortiGuard Labs discovered new Symbiote and BPFDoor variants exploiting eBPF filters to enhance stealth through IPv6 support, UDP traffic, and dynamic port hopping for covert C2 communication. This article has been indexed from FortiGuard Labs Threat Research Read the…
FTC schools edtech outfit after intruder walked off with 10M student records
Regulator says Illuminate ignored years of warnings, stored kids’ data in plain text, and kept districts in the dark US edtech provider Illuminate Education just got dinged by the Federal Trade Commission for allegedly failing to keep an attacker from…
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper. The activity…
Glassworm Malware Strikes Again In VS Code
The Glassworm campaign is a serious, ongoing malware attack targeting the developer community, specifically through malicious extensions The post Glassworm Malware Strikes Again In VS Code first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Smarttube Breach Pushes Malicious Update
The popular open-source SmartTube YouTube client for Android TV experienced a significant security breach when an attacker managed to gain access The post Smarttube Breach Pushes Malicious Update first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Shadypanda Extensions Hit Millions Users
The long-running malicious operation known as “ShadyPanda” has successfully amassed over 4.3 million installations of browser extensions for Chrome and Edge The post Shadypanda Extensions Hit Millions Users first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
Phishing 3.0: AI and Deepfake-Driven Social Engineering Attacks
Phishing is no longer an easy-to-detect cyberattack. With the rise of artificial intelligence, attackers now launch AI-driven phishing campaigns to mimic human behavior. They can now generate flawless emails and use deepfake phishing attacks. Email security threats are more prominent…
Hackers Leverages Telegram, WinSCP, Google Chrome, and Microsoft Teams to Deploy ValleyRat
A new malware campaign has emerged that exploits the trust users place in popular applications. Threat actors are distributing trojanized installers for Telegram, WinSCP, Google Chrome, and Microsoft Teams to deploy ValleyRat, a remote access trojan designed for long-term system…