A sophisticated phishing operation involving more than 20 malicious applications distributed through the Google Play Store, specifically designed to steal cryptocurrency wallet credentials from unsuspecting users. The discovery, made by Cyble Research and Intelligence Labs (CRIL), reveals a coordinated campaign…
Tag: EN
Hackers Upload Weaponized Packages to PyPI Repositories to Steal AWS, CI/CD and macOS Data
A sophisticated malware campaign has emerged targeting the Python Package Index (PyPI) repository, with cybercriminals deploying weaponized packages designed to steal sensitive cloud infrastructure credentials and corporate data. The malicious package, identified as “chimera-sandbox-extensions,” represents a new breed of supply…
Zoomcar Says Hackers Accessed Data of 8.4 Million Users
The Indian car sharing marketplace Zoomcar learned that its systems were hacked after a threat actor contacted employees. The post Zoomcar Says Hackers Accessed Data of 8.4 Million Users appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Asheville Eye Associates Says 147,000 Impacted by Data Breach
Asheville Eye Associates says the personal information of 147,000 individuals was stolen in a November 2024 data breach. The post Asheville Eye Associates Says 147,000 Impacted by Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Police shut down long-running dark web drug market
Law enforcement authorities across Europe have dismantled Archetyp Market, the most enduring dark web drug market, following a large-scale operation involving six countries, supported by Europol and Eurojust. Between 11 and 13 June, a series of coordinated actions took place…
Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine
Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from regulators, insurers, and rising threats, many still treat cybersecurity as an afterthought. As a result, providers may struggle…
⚡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More
Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren’t. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when something’s wrong.…
North Korean APT Hackers Target Ukrainian Government Agencies to Steal Login Credentials
North Korean Advanced Persistent Threat (APT) hackers, specifically the Konni group, have shifted their focus to Ukrainian government agencies in a targeted phishing campaign aimed at stealing login credentials and distributing malware. This attack, observed in February 2025, marks a…
New Anubis RaaS includes a wiper module
Anubis RaaS now includes a wiper module, permanently deleting files. Active since Dec 2024, it launched an affiliate program in Feb 2025. Anubis is a new RaaS that combines file encryption capability with a rare “wipe mode,” permanently deleting files…
Got a new password manager? How to clean up the credential mess you left in the cloud
Every major browser on every platform offers a way to save passwords and passkeys. If you use a third-party password manager, those built-in features can create a big mess. Here’s how to clean things up. This article has been indexed…
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
We are in the middle of an AI gold rush. Generative AI (Gen AI) has exploded from research labs into everyday business workflows at breakneck speed. Marketing, software development, customer support, HR, companies across industries deploy Gen AI tools to…
240,000 Impacted by Data Breach at Eyecare Tech Firm Ocuco
The KillSec ransomware group has stolen hundreds of gigabytes of data from Ireland-based eyecare technology company Ocuco. The post 240,000 Impacted by Data Breach at Eyecare Tech Firm Ocuco appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
GUEST ESSAY: The AI illusion: Don’t be fooled, innovation without guardrails is just risk–at scale
Artificial intelligence is changing everything – from how we search for answers to how we decide who gets hired, flagged, diagnosed, or denied. Related: Does AI take your data? It offers speed and precision at unprecedented scale. But without intention,…
Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus
Nessus users should update patches as soon as possible This article has been indexed from www.infosecurity-magazine.com Read the original article: Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus
Hackers Compromise Discord Invite to Inject Malicious Links Delivering AsyncRAT
Threat actors have exploited Discord’s invite system to distribute malicious links, ultimately delivering AsyncRAT and other harmful payloads. Discord, a widely trusted platform for gamers, developers, and communities, has become a target for cybercriminals who abuse its infrastructure particularly the…
Hackers Can Hide Images in Text Data and Embeds Directly into DNS TXT Records
A novel method has emerged that demonstrates how digital images can be seamlessly embedded within DNS TXT records, effectively transforming domain name infrastructure into an unconventional image storage system. This innovative technique, dubbed “dnsimg,” represents a novel approach to data…
North Korean APT Hackers Attacking Ukrainian Government Agencies to Steal Login Credentials
North Korean advanced persistent threat (APT) groups have launched a sophisticated cyber campaign against Ukrainian government agencies, marking a significant departure from their traditional targeting patterns. This shift in focus represents a potentially strategic alignment with Russian interests, as North…
Threat Actors Using Fake Travel Websites to Infect Users’ PCs with XWorm Malware
A sophisticated cybercrime campaign has emerged targeting holiday travelers through meticulously crafted fake travel booking websites designed to mimic legitimate platforms like Booking.com. The operation, which gained significant momentum in the first quarter of 2025, represents an alarming evolution in…
Spy school dropout: GCHQ intern jailed for swiping classified data
Student ‘believed he could finish’ software dev ‘project alone and therefore that the rules did not apply to him’ A former GCHQ intern was jailed for seven-and-a-half years for stealing top-secret files during a year-long placement at the British intelligence…
US ‘Reviews’ Google’s $32bn Wiz Buy Over Competition Concerns
US Justice Department reportedly investigating whether Google’s largest-ever deal for cloud security firm Wiz would harm competition This article has been indexed from Silicon UK Read the original article: US ‘Reviews’ Google’s $32bn Wiz Buy Over Competition Concerns