CampusCoin Student Feed Aggregator

+ LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages—A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a...

+ Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware—The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infect...

+ Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack—The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attac...

+ Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation—Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and ...

+ Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools—A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that instal...

+ CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Ac...

+ Thousands Download Malicious npm Libraries Impersonating Legitimate Tools—Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked ...

+ Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords—Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that de...

+ Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits—Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of se...

+ CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agenc...

+ Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency—The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving co...

+ UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App—The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers ser...

+ HubPhish Abuses HubSpot Tools to Target 20,000 European Users for Credential Theft—Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and t...

+ HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft—Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and t...

+ Not Your Old ActiveState: Introducing our End-to-End OS Platform—Having been at ActiveState for nearly eight years, I’ve seen many iterations of our product. However, one thing has stayed true over the years: Our co...

+ APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP—The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging mal...

+ ONLY Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Evaluation—Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments ...

+ BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products—BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access (PRA) and Remote Support (RS) products that could potentiall...

+ INTERPOL Pushes for "Romance Baiting" to Replace "Pig Butchering" in Scam Discourse—INTERPOL is calling for a linguistic shift that aims to put to an end to the term "pig butchering," instead advocating for the use of "romance baiting...

+ Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts—Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million (around $263 million) for a 2018 data br...

+ Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected—Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. ...

+ Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware—A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker...

+ Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks—A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cyb...

+ Even Great Companies Get Breached — Find Out Why and How to Stop It—Even the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained...

+ Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware—A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C+...

+ 5 Practical Techniques for Effective Cyber Threat Hunting—Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. A...

+ Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection—Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. "Written in Go, CoinLurker employs cut...

+ The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal—A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twic...

+ CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catal...

+ DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages—Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of...

+ NoviSpy Spyware Installed on Journalist's Phone After Unlocking It With Cellebrite Tool—A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed Nov...

+ ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips—This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools t...

+ Data Governance in DevOps: Ensuring Compliance in the AI Era—With the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and complian...

+ New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide—Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-br...

+ New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP—Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the Unite...

+ Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes—The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service ...

+ Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action—Germany's Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at...

+ Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques—Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undo...

+ 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits—A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have e...

+ Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection—A security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribut...

+ DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years—The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People's Republic of Korea (DPRK or North Korea) for their ...

+ Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms—Iran-affiliated threat actors have been linked to a new custom malware that's geared toward IoT and operational technology (OT) environments in Israel...

+ How to Generate a CrowdStrike RFM Report With AI in Tines—Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practition...

+ New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection—Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and direct...

+ FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized—The U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox ("rydox[.]ru" and "rydox[.]cc") for sel...

+ Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online—Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leak...

+ Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States—The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome...

+ Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS—Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transpare...

+ SaaS Budget Planning Guide for IT Professionals—SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS...

+ WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins—Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could ope...

+ Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested—A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took the...

+ Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service—The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known b...

+ New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools—A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities witho...

+ Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts—Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows...

+ ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms—Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control ...

+ Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017—Cybersecurity researchers have discovered a novel surveillance program that's suspected to be used by Chinese police departments as a lawful intercept...

+ What is Nudge Security and How Does it Work?—Regain control of SaaS sprawl with Day One discovery of all SaaS and GenAI accounts along with workflows to help you mitigate security risks, curb rog...

+ Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia—A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at leas...

+ Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability—Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one tha...

+ U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls—The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally i...

+ Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities—Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could...

+ Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged—Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass ...

+ Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam—Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version o...

+ The Future of Network Security: Automated Internal and External Pentesting—In today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration ...

+ Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands—Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands w...

+ Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage—A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern ...

+ Ongoing Phishing and Malware Campaigns in December 2024—Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats.  Her...

+ CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force—The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the...

+ Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering—The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set ...

+ ⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8)—This week’s cyber world is like a big spy movie. Hackers are breaking into other hackers’ setups, sneaky malware is hiding in popular software, and AI...

+ Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI—Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could per...

+ Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions—Identity security is all the rage right now, and rightfully so. Securing identities that access an organization’s resources is a sound security model....

+ Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices—A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight. "Proxy malware and servi...

+ Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar—Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and ...

+ Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions—In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ult...

+ Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data—Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Real...

+ Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok—In a historic decision, Romania's constitutional court has annulled the result of the first round of voting in the presidential election amid allegati...

+ FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine—A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB)...

+ Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks—Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O,...

+ Conquering the Complexities of Modern BCDR—The modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities ...

+ More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader—The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS...

+ Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware—The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malwar...

+ This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges—As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote a...

+ Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access—Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel Mi...

+ Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers—Europol on Thursday announced the shutdown of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale. The operatio...

+ Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor—A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows ...

+ Want to Grow Vulnerability Management into Exposure Management? Start Here!—Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it...

+ Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers—A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According to Broadcom-ow...

+ ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan—The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations ...

+ NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions—The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks th...

+ CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, Proj...

+ Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities—The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrati...

+ Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown—Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purpose...

+ 7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments—Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. H...

+ How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges—Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to en...

+ Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library—Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two m...

+ Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks—A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People's Republic...

+ Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console—Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execu...

+ Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access—A critical security vulnerability has been disclosed in SailPoint's IdentityIQ identity and access management (IAM) software that allows unauthorized ...

+ Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses—Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a...

+ Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability—Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (...

+ NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise—Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be...

+ North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks—The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that origina...

+ Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads—A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetS...

+ SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan—Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoa...

+ A Guide to Securing AI App Development: Join This Cybersecurity Webinar—Artificial Intelligence (AI) is no longer a far-off dream—it’s here, changing the way we live. From ordering coffee to diagnosing diseases, it’s every...

+ THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)—Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which...

+ 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play—Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware kn...

+ INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million—A global law enforcement operation has led to the arrest of more than 5,500 suspects involved in financial crimes and the seizure of more than $400 mi...

+ Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested—A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities ...

+ AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections—A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion aga...

+ Protecting Tomorrow's World: Shaping the Cyber-Physical Future—The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous chal...

+ Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks—Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an a...

+ Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks—Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offeri...

+ U.S. Citizen Sentenced for Spying on Behalf of China's Intelligence Agency—A 59-year-old U.S. citizen who immigrated from the People's Republic of China (PRC) has been sentenced to four years in prison for conspiring to act a...

+ Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP—Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be ...

+ The Future of Serverless Security in 2025: From Logs to Runtime Protection—Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operationa...

+ XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner—Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by start...

+ Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware—A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems sinc...

+ U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider—U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that ...

+ Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels—Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Li...

+ Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers—A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, accordi...

+ Latest Multi-Stage Attack Scenarios with Real-World Examples—Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of se...

+ APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign—The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lur...

+ INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled—An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures an...

+ Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign—A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigu...

+ Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks—Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install...

+ Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats—When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in ...

+ RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks—The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the oth...

+ Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries—The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its atta...

+ CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and ...

+ Google's New Restore Credentials Tool Simplifies App Login After Android Migration—Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating...

+ PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot—The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious ...

+ THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)—We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s c...

+ Flying Under the Radar - Security Evasion Techniques—Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass...

+ Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks—Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp'...

+ Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections—Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm...

+ Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites—Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Stor...

+ North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn—The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of socia...

+ Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia—Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Record...

+ APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware—The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell. The attack campaign is said to ...

+ China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign—A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facil...

+ Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?—Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and col...

+ Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks—Meta Platforms, Microsoft, and the U.S. Department of Justice (DoJ) have announced independent actions to tackle cybercrime and disrupt services that ...

+ PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries—Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular arti...

+ Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign—As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws th...

+ Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor—The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of c...

+ 10 Most Impactful PAM Use Cases for Enhancing Organizational Security—Privileged access management (PAM) plays a pivotal role in building a strong security strategy. PAM empowers you to significantly reduce cybersecurity...

+ North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs—Threat actors with ties to the Democratic People's Republic of Korea (DPRK) are impersonating U.S.-based software and technology consulting businesses...

+ Cyber Story Time: The Boy Who Cried "Secure!"—As a relatively new security category, many security operators and executives I’ve met have asked us “What are these Automated Security Validation (AS...

+ Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online—New research has uncovered more than 145,000 internet-exposed Industrial Control Systems (ICS) across 175 countries, with the U.S. alone accounting fo...

+ 5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme—Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S. for targeting employees of companies across the c...

+ Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects—Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code reposito...

+ NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data—Threat hunters are warning about an updated version of the Python-based NodeStealer that's now equipped to extract more information from victims' Face...

+ Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments—Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim's funds at scale. The techn...

+ NHIs Are the Future of Cybersecurity: Meet NHIDR—The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data an...

+ Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package—Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04...

+ Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity—Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is n...

+ China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks—A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in Sou...

+ Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities—Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under ac...

+ Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation—Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. ...

+ Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices—The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks ...

+ Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts—Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming...

+ Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority—Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rat...

+ New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems—Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors ...

+ Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign—U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable...

+ Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation—Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerge...

+ New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers—Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering informati...

+ The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think—According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous...

+ THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)—What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways...

+ Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy—Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and be...

+ Beyond Compliance: The Advantage of Year-Round Network Pen Testing—IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here’s the thing: hac...

+ Fake Discount Sites Exploit Black Friday to Hijack Shopper Information—A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal o...

+ NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit—Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used m...

+ Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites—A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that...

+ PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released—Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a zero-day vulnerability im...

+ PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released—Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerabilit...

+ Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials—A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as par...

+ Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations—Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reco...

+ Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform—Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning (ML) platform that, if successfully exploited, could a...

+ Live Webinar: Dive Deep into Crypto Agility and Certificate Management—In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send sho...

+ Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia—A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia ...

+ How AI Is Transforming IAM and Identity Security—In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in...

+ High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables—Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged use...

+ Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin—Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S....

+ CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition so...

+ Experts Uncover 70,000 Hijacked Domains in Widespread 'Sitting Ducks' Attack Scheme—Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phi...

+ Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes—Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. "Cloaking...

As of 12/21/24 9:51am. Last new 12/21/24 9:51am.  Score: 401