Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks This article has been indexed from www.infosecurity-magazine.com Read the original article: Scattered Lapsus$ Hunters Signal Shift in Tactics
Tag: EN
OpenAI Debuts AI-Enabled Browser, ChatGPT Atlas
OpenAI launches ChatGPT Atlas browser in direct competition with Google’s dominant Chrome, building AI into web experience This article has been indexed from Silicon UK Read the original article: OpenAI Debuts AI-Enabled Browser, ChatGPT Atlas
Vidar Stealer Exploits: Direct Memory Attacks Used to Capture Browser Credentials
On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums, introducing a sophisticated information-stealing malware that employs direct memory injection to bypass modern browser security protections. This new version represents…
Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025
Participants exploited 34 previously unknown vulnerabilities to hack printers, NAS devices, and smart home products. The post Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Keycard emerges from stealth with identity and access solution for AI agents
Keycard emerged from stealth with its identity and access platform for AI agents that integrates with organizations’ existing user identity solutions. Keycard’s platform identifies AI agents, lets users assign task-based permissions and dynamically enforces policy while tracking all activity. With…
Netherlands’ Axelera Expands AI Chip Range With ‘Europa’
Axelera’s Europa chip aimed at AI inference tasks complements Metis range for deployment in AI edge applications This article has been indexed from Silicon UK Read the original article: Netherlands’ Axelera Expands AI Chip Range With ‘Europa’
Are We Failing to Secure Files? Attackers Aren’t Failing to Check
According to a new Ponemon study, weak file protections now account for several cybersecurity incidents a year for many organizations. Unsafe file-sharing practices, malicious vendor files, weak access controls, and obscured file activity are largely to blame. File Integrity Monitoring…
UK data regulator defends decision not to investigate MoD Afghan data breach
ICO says probe unnecessary after reviewing ministry’s handling of leak The UK’s data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the lives of thousands of Afghans connected with the British…
Russian hackers replace malware with new tools, Windows updates cause login issues, campaign targets high-profile servers
Russian state hackers replace burned malware with new tools Recent Windows updates cause login issues on some PCs Sophisticated campaign targets servers of high-profile organizations Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs…
Google Partners with StopNCII to Block Revenge Porn
Google has partnered with UK nonprofit StopNCII to enhance its defenses against non-consensual intimate imagery (NCII), commonly known as revenge porn. This collaboration uses digital… The post Google Partners with StopNCII to Block Revenge Porn appeared first on Panda Security…
Netherlands, China In Talks Over Nexperia’s Future
Dutch Economy Minister speaks with China counterpart as auto industry fears shortage of chips from Netherlands’ Nexperia This article has been indexed from Silicon UK Read the original article: Netherlands, China In Talks Over Nexperia’s Future
Millions of Credentials Stolen Each Day by Stealer Malware
The cybercrime ecosystem surrounding stealer malware has reached unprecedented scale, with threat actors now processing millions of stolen credentials daily through sophisticated distribution networks. Security researchers have been monitoring these operations for nearly a year, revealing an alarming infrastructure that…
How to Detect and Mitigate Hit and Run DDoS Attacks
Most DDoS attacks are short in duration. According to Cloudflare, 92% of layer 3/4 attacks and 75% of HTTP DDoS attacks in Q2 2025,ended within 10 minutes. A subset of these are Hit and Run DDos Attacks, which are gaining…
Life, death, and online identity: What happens to your online accounts after death?
The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital footprints, spanning countless online accounts, from email and social media to banking, investments,…
New Rust Malware “ChaosBot” Hides Command-and-Control Inside Discord
A sophisticated, Rust-based malware dubbed ChaosBot has been exposed utilizing the Discord platform for its Command and Control (C2) operations. This isn’t your average botnet; it’s a new generation of threat that hides its malicious traffic by communicating over the…
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been quickly upgrading its malware since May 2025, when its LOSTKEYS malware was exposed.…
Threat Actors Compromise Xubuntu Website To Deliver Malicious Windows Executable
Threat actors infiltrated the official Xubuntu website, redirecting torrent downloads to a malicious ZIP file containing Windows-targeted malware. The incident, uncovered on October 18, 2025, highlights vulnerabilities in community-maintained Linux distribution sites amid rising interest in alternatives to end-of-life operating…
New Salt Typhoon Attacks Leverage Zero-Days and DLL Sideloading
Salt Typhoon represents one of the most persistent and sophisticated cyber threats targeting global critical infrastructure today. Believed to be linked to state-sponsored actors from the People’s Republic of China, this advanced persistent threat group has executed a series of…
OpenFGA: The open-source engine redefining access control
OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained access control in their applications. At its core, OpenFGA enables teams to define who can…
For blind people, staying safe online means working around the tools designed to help
Blind and low-vision users face the same password challenges as everyone else, but the tools meant to make security easier often end up getting in the way. A study from the CISPA Helmholtz Center for Information Security and DePaul University…