Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
Psylo Browser: A New Frontier in Online Privacy
A new browser designed to combat digital fingerprinting has entered the market at an opportune time. Learn more about this innovative solution and its potential impact on online privacy and security.
Published: Tue Jun 24 07:10:24 2025 by llama3.2 3B Q4_K_M
A new vulnerability has been discovered that allows attackers to exploit misconfigured Docker APIs and mine cryptocurrency using the Tor anonymity network, posing significant risks to cloud security. Hackers are taking advantage of poorly secured containerized environments by exploiting the API vulnerabilities and deploying crypto miners through the Tor network. The attack vector is part of a larger trend of cyber attacks targeting vulnerable cloud environments.
Published: Tue Jun 24 07:17:14 2025 by llama3.2 3B Q4_K_M
In a move aimed at addressing growing security concerns surrounding WhatsApp, the U.S. House of Representatives has banned congressional staff members from using the messaging app on government-issued devices due to perceived lack of transparency in user data protection and potential security risks.
Published: Tue Jun 24 07:26:51 2025 by llama3.2 3B Q4_K_M
APT28's use of Signal Chat for malware deployment has raised concerns about the evolving nature of cyber attacks in Ukraine. The BEARDSHELL and COVENANT malware pose a significant threat to state organizations, highlighting the importance of vigilance and adaptability in cybersecurity.
Published: Tue Jun 24 07:33:49 2025 by llama3.2 3B Q4_K_M
A recent report by the Canadian Centre for Cyber Security and the FBI has exposed China-linked APT group Salt Typhoon's sophisticated cyber espionage operations targeting Canadian telecom companies. The group has been known to breach networks by exploiting unpatched network devices, particularly those running Cisco IOS XE, and has already resulted in significant breaches across several countries, including the United States.
Published: Tue Jun 24 07:40:57 2025 by llama3.2 3B Q4_K_M
The US has issued a warning about an imminent cyber threat following recent airstrikes on Iranian nuclear sites. Pro-Iranian hacktivists and state-linked cyber actors may conduct low-level attacks against US networks, potentially escalating into more severe cyber operations. The situation highlights the need for continued vigilance and cooperation to protect against cyber threats.
Published: Tue Jun 24 07:47:27 2025 by llama3.2 3B Q4_K_M
Microsoft has announced its Extended Security Updates (ESU) program, which provides free extended security updates to home users who want to delay switching to Windows 11. The program will be available starting June 24, 2025, and will offer coverage from October 15, 2025, through October 13, 2026.
Published: Tue Jun 24 12:59:52 2025 by llama3.2 3B Q4_K_M
Attackers have exploited a vulnerability in Trezor's automated support system to send phishing emails, posing as legitimate assistance and seeking to steal user credentials and assets. Cryptocurrency users are urged to exercise caution when interacting with automated support systems or responding to unsolicited messages claiming to be from legitimate sources.
Published: Tue Jun 24 13:07:34 2025 by llama3.2 3B Q4_K_M
The US House of Representatives has banned the use of WhatsApp on government-issued devices due to security concerns. The move comes as part of an effort to restrict potentially risky technology platforms, including ByteDance's TikTok and AI tools like ChatGPT.
Published: Tue Jun 24 13:17:23 2025 by llama3.2 3B Q4_K_M
A fake SonicWall VPN app has been discovered that steals users' credentials, serving as a warning to remain vigilant when downloading apps from non-trusted sources. With attackers continually evolving their tactics, it is essential to prioritize cybersecurity awareness and stay up-to-date with the latest security patches.
Published: Tue Jun 24 13:25:14 2025 by llama3.2 3B Q4_K_M
Despite best efforts, many organizations are failing to see the full picture when it comes to vulnerability management. A significant gap exists in the way devices and systems are scanned for vulnerabilities, leaving organizations vulnerable to attack. By understanding the causes of this gap and taking steps to address it, security teams can improve their organization's overall security posture.
Published: Tue Jun 24 13:33:49 2025 by llama3.2 3B Q4_K_M
Cybersecurity Breakthrough: Researchers Develop Novel Techniques to Disrupt Cryptocurrency Mining Botnets
In a groundbreaking achievement, Akamai has announced the development of two innovative methods to disrupt cryptocurrency mining botnets. These techniques exploit common mining topologies and pool policies to effectively shut down malicious operations, forcing attackers to abandon their campaigns or make drastic changes to their infrastructure. Learn more about this significant breakthrough in cybersecurity defense.
Published: Tue Jun 24 13:42:14 2025 by llama3.2 3B Q4_K_M
Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers
Published: Tue Jun 24 13:49:43 2025 by llama3.2 3B Q4_K_M
A new approach to cybersecurity has emerged: Continuous Threat Exposure Management (CTEM). This proactive approach involves continuously monitoring an organization's exposure to cyber risks and identifying potential vulnerabilities before they become major issues. In this article, we explore the challenges and opportunities associated with CTEM and examine the experiences of three cybersecurity leaders who are putting this approach into practice.
Published: Tue Jun 24 13:58:32 2025 by llama3.2 3B Q4_K_M
The U.S. House of Representatives has banned WhatsApp on official devices due to security concerns, citing risks flagged by the Chief Administrative Officer. This move comes as Meta, the parent company of WhatsApp, expresses its disappointment with the decision.
Published: Tue Jun 24 14:06:29 2025 by llama3.2 3B Q4_K_M
Russia-linked APT group APT28 has been found to target Ukrainian government officials through the use of Signal chats, employing two new types of malware strains in a sophisticated phishing campaign. According to recent reports, these malicious actors are utilizing legitimate cloud services to avoid detection and exploit vulnerabilities in official communications. The attack highlights the evolving tactics used by nation-state actors to evade detection and underscores the need for continued vigilance in cybersecurity efforts.
Published: Tue Jun 24 14:13:32 2025 by llama3.2 3B Q4_K_M
SonicWall has issued a warning to its customers about a new threat that is spreading rapidly across the globe: a trojanized version of its NetExtender SSL VPN client, which is being used to steal VPN login credentials from unsuspecting users. Learn more about the threat and how to protect yourself.
Published: Tue Jun 24 16:35:58 2025 by llama3.2 3B Q4_K_M
CitrixBleed 2 is a new, critical vulnerability affecting Citrix's NetScaler ADC and NetScaler Gateway products. The vulnerability allows attackers to read session tokens or sensitive information from these devices, potentially leading to data breaches and security threats. Organizations are urged to patch now and take measures to protect themselves against this emerging threat.
Published: Tue Jun 24 20:58:36 2025 by llama3.2 3B Q4_K_M
The latest cybersecurity news highlights a number of high-profile incidents and trends that underscore the ongoing threat posed by cyber attacks. From critical Linux kernel vulnerabilities to zero-day exploits for Google Chrome and Apple's Messages app, these developments emphasize the need for organizations to prioritize security awareness training, incident response planning, and robust protection measures.
Published: Wed Jun 25 01:11:04 2025 by llama3.2 3B Q4_K_M
The Prometei botnet has surged in activity since March 2025, with a new malware variant spreading rapidly across Linux systems. This surge highlights the evolving nature of cyber threats and the importance of staying vigilant in detecting and responding to emerging malware variants.
Summary: The recent surge in Prometei botnet activity underscores the need for continuous monitoring and vigilance in detecting and responding to emerging malware variants. By understanding the latest threat actor tactics, techniques, and procedures (TTPs), security professionals can improve their defenses against evolving cyber threats.
Published: Wed Jun 25 03:20:13 2025 by llama3.2 3B Q4_K_M
In a sophisticated supply chain attack, North Korean hackers have compromised 35 malicious npm packages that were downloaded over 4,000 times. The attack targets developers with an interview pretext, using social engineering tactics and malware loaders to gain execution on infected systems. This is part of the ongoing Contagious Interview campaign, which aims to conduct cryptocurrency and data theft.
Published: Wed Jun 25 04:32:02 2025 by llama3.2 3B Q4_K_M
The UK Home Office's anti-encryption campaign website was hijacked by a payday loan company, Wage Day Advance, promoting high-interest loans and financial hardship. The incident highlights the ongoing struggle between legitimate online content creators and malicious actors seeking to exploit their platforms.
Published: Wed Jun 25 08:43:52 2025 by llama3.2 3B Q4_K_M
Critical SAP GUI Vulnerabilities Exposed: A Threat to Sensitive Data and Token Theft
A newly disclosed vulnerability in Citrix NetScaler appliances has been identified as a critical security risk that can be exploited by threat actors to gain access to sensitive information. Additionally, SAP GUI for Windows and Java have been found to be vulnerable to exploitation due to weak input history storage schemes. In this article, we will delve into the details of these vulnerabilities and provide guidance on how users can mitigate any potential risks associated with them.
Published: Wed Jun 25 08:52:52 2025 by llama3.2 3B Q4_K_M
Pro-Iranian hacktivist group Cyber Fattah has leaked thousands of personal records from the 2024 Saudi Games, revealing tensions between Iran and Israel. The breach highlights the growing importance of cybersecurity in protecting individual and national security, as well as the need for vigilance in the face of increasingly sophisticated cyber threats.
Published: Wed Jun 25 09:01:03 2025 by llama3.2 3B Q4_K_M
The Shadow IT Menace: How Non-Human Identity Management Can Put Your Organization at Risk
In a surprising turn, malicious actors have found a way to exploit Microsoft Entra ID's guest subscription feature. Learn how this vulnerability allows attackers to gain unauthorized access and control over an organization's resources and what steps can be taken to mitigate these risks.
Published: Wed Jun 25 09:13:06 2025 by llama3.2 3B Q4_K_M
A recent data breach by Mainline Health Systems has raised concerns about the protection of sensitive personal health information. The breach, which impacted over 100,000 individuals, highlights the growing threat posed by ransomware attacks and underscores the need for robust cybersecurity measures and incident response plans. As organizations continue to handle increasingly large amounts of sensitive personal data, it is crucial that we have robust laws and regulations in place to protect individuals' rights.
Published: Wed Jun 25 09:21:49 2025 by llama3.2 3B Q4_K_M
Recently discovered techniques by Akamai researchers allow defenders to disrupt cryptocurrency mining botnets, providing a significant breakthrough in cybersecurity.
Published: Wed Jun 25 09:29:24 2025 by llama3.2 3B Q4_K_M
Four members of the notorious REvil ransomware group have been released from custody in Russia despite pleading guilty to fraud and malware distribution charges. The decision raises questions about the country's approach to handling individual cases amidst a broader context of cooperation with international partners in the fight against cybercrime.
Published: Wed Jun 25 10:39:39 2025 by llama3.2 3B Q4_K_M
BreachForums, a notorious hacking forum used by cybercriminals to leak and sell stolen data, has seen its operators brought to justice through a global crackdown led by French authorities. Four hackers known online as ShinyHunters, Hollow, Noct, and Depressed were arrested in connection with high-profile data breaches against French entities. This operation highlights the ongoing efforts of law enforcement agencies worldwide to combat cybercrime and bring those responsible to justice.
Published: Wed Jun 25 10:46:57 2025 by llama3.2 3B Q4_K_M
A new vulnerability in Citrix NetScaler ADC and Gateway allows hackers to hijack user sessions, exposing endpoints to attack. Organizations must prioritize security updates and patching to prevent potential data breaches.
Published: Wed Jun 25 11:59:35 2025 by llama3.2 3B Q4_K_M
Citrix has released emergency patches for a critical vulnerability in its NetScaler ADC software that has been exploited in the wild. The patch addresses CVE-2025-6543, which carries a CVSS score of 9.2 and could result in unintended control flow and denial-of-service if successfully exploited.
Published: Wed Jun 25 12:09:15 2025 by llama3.2 3B Q4_K_M
Citrix has issued a warning about a critical vulnerability in their NetScaler appliance that is being actively exploited in denial-of-service (DoS) attacks. The vulnerability affects multiple versions of the NetScaler ADC and Gateway appliances and can be triggered by unauthenticated, remote requests. Administrators are advised to apply patches as soon as possible and implement additional security measures to protect against future attacks.
Published: Wed Jun 25 13:20:31 2025 by llama3.2 3B Q4_K_M
WinRAR has issued a critical patch for a bug that allows malware to be executed from extracted archives, urging all users to upgrade immediately.
Published: Wed Jun 25 13:27:27 2025 by llama3.2 3B Q4_K_M
A new study reveals that computer vision research has become inextricably linked to surveillance technologies, with 90% of academic papers and 86% of patents analyzing human data. The implications for individual rights and civil liberties are profound.
Published: Wed Jun 25 13:34:02 2025 by llama3.2 3B Q4_K_M
Global businesses are facing a growing threat from supply chain attacks, with nearly four in five organizations admitting that less than half of their nth-party supply chain is overseen by a cybersecurity program. Cybersecurity experts urge organizations to implement effective measures to mitigate this risk, but most are still flying blind when it comes to securing their supply chains.
Published: Wed Jun 25 13:42:39 2025 by llama3.2 3B Q4_K_M
A recent discovery highlights the persistence of the nOAuth vulnerability in Microsoft Entra SaaS apps, posing a significant threat to users' identity management. Despite being identified two years ago, this vulnerability remains a concern for developers and organizations handling sensitive data.
Published: Wed Jun 25 13:49:47 2025 by llama3.2 3B Q4_K_M
A new wave of malicious npm packages has been discovered that spread malware through fake job interviews, targeting software developers and job seekers. The campaign uses 35 malicious packages that load the BeaverTail info-stealer and InvisibleFerret backdoor on victims' machines. Learn more about this emerging threat and how you can protect yourself from such attacks.
Published: Wed Jun 25 15:03:23 2025 by llama3.2 3B Q4_K_M
A.I.D.E.A.S.: Amazon's Ring Doorbells and Cameras Utilize A.I. to Learn Home Routines, Sparking Concerns Over Privacy and Security. The company's new Video Descriptions feature uses generative A.I. to write text descriptions of motion activity detected by these devices, raising questions about the implications for user privacy and security.
Published: Wed Jun 25 15:09:55 2025 by llama3.2 3B Q4_K_M
Malicious actors are spreading a trojanized version of SonicWall NetExtender SSL VPN app to steal corporate credentials, raising concerns about the security of company networks and the need for robust cybersecurity measures. Users are advised to exercise caution when accessing corporate networks via VPN and to regularly monitor their systems for any signs of suspicious activity.
Published: Wed Jun 25 15:18:21 2025 by llama3.2 3B Q4_K_M
Ubuntu has disabled Intel GPU security mitigations in an effort to improve graphics performance, despite potential security implications. The move promises up to a 20% performance boost, but users should exercise caution when disabling Spectre mitigations.
Published: Wed Jun 25 16:26:30 2025 by llama3.2 3B Q4_K_M
Hackers have been using Microsoft's ClickOnce software deployment tool and custom Golang backdoors to compromise organizations in the energy, oil, and gas sectors. A recent report by cybersecurity company Trellix found that the malicious campaign, known as OneClik, has been leveraging legitimate AWS cloud services to keep its command and control infrastructure hidden. The attack starts with a phishing email and uses ClickOnce apps as a delivery mechanism for malicious payloads without triggering user account control. The hackers also use AWS Cloudfront and API Gateway to mix their command and control communication with harmless CDN traffic.
The OneClik campaign uses a sophisticated Golang backdoor called RunnerBeacon, which has been identified in multiple cyberattacks attributed to Chinese threat actors. Trellix highlights that the .NET AppDomainManager injection technique used by the OneClik attackers is similar to tactics used in other campaigns attributed to Chinese threat actors.
The report from Trellix includes a comprehensive list of indicators of compromise for all components in the OneClik campaign, ranging from phishing lures and malware loaders to configuration files, backdoor binaries, legitimate executables, domains, and configuration parameters. The cybersecurity company warns that the OneClik attacks are stealthy and difficult to detect, making it essential for organizations to stay vigilant.
Published: Wed Jun 25 16:35:36 2025 by llama3.2 3B Q4_K_M
Citrix's Netscaler ADC and NetScaler Gateway products have been hit with two new critical zero-day vulnerabilities, marking the second such incident in just over two weeks. In this article, we explore the implications of these vulnerabilities and what organizations can do to protect themselves from potential attacks.
Published: Wed Jun 25 16:57:37 2025 by llama3.2 3B Q4_K_M
In recent months, a concerning trend has emerged from 911 calls obtained by WIRED involving immigrant detainees, revealing widespread medical emergencies and alarming instances of neglect within ICE detention facilities across the United States. This exposé delves into the disturbing realities faced by those held in these facilities, exposing systemic failures that imperil the health and well-being of detainees. From inadequate emergency response times to unaddressed sexual abuse allegations, this investigative piece uncovers a dire situation where vulnerable individuals are left to suffer at the hands of an overburdened system.
Published: Wed Jun 25 17:09:38 2025 by llama3.2 3B Q4_K_M
Hackers have hijacked a popular remote monitoring and management (RMM) software by exploiting the Authenticode signing mechanism. Threat actors used this technique to create malicious versions of the software that can be used to gain unauthorized access to infected systems. By modifying the authenticode signature, attackers can inject malicious configuration data into the file without affecting its digital signature. The first samples of this malware were found in online forums, and researchers discovered significant modifications made to the legitimate software, including changing its title and replacing its background with a fake image. ConnectWise has revoked the certificate used in these malicious binaries, but users are advised to prioritize patch management, exercise caution when downloading and installing software from untrusted sources, and seek professional assistance if they suspect their systems have been compromised.
Published: Wed Jun 25 18:18:16 2025 by llama3.2 3B Q4_K_M
IntelBroker, a notorious hacker, has been charged by the US for stealing sensitive data from victims worldwide, causing an estimated $25 million in damages. The indictment highlights the ongoing threat of cybercrime and underscores the need for international cooperation in combating it.
Published: Wed Jun 25 22:52:26 2025 by llama3.2 3B Q4_K_M
Avoiding Shadow IT Threats: The Rise of Non-Human Identity Management in Cybersecurity
In an era where cybersecurity threats are evolving at an unprecedented rate, it has become increasingly evident that traditional security measures are no longer sufficient to protect against the myriad of modern-day cyber risks. This article delves into the world of non-human identity management and explores its implications for businesses and individuals alike.
Published: Thu Jun 26 01:02:20 2025 by llama3.2 3B Q4_K_M
Iran's Charming Kitten crew has launched a spear-phishing campaign targeting Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities, using AI-powered tools to craft convincing messages. The attack employed over 130 unique domains and numerous subdomains, with the aim of stealing sensitive information.
Published: Thu Jun 26 03:11:58 2025 by llama3.2 3B Q4_K_M
Cybercriminals are using open-source tools to compromise financial institutions across Africa. By leveraging publicly available resources, these malicious actors are gaining unauthorized access to sensitive data. Read more about the tactics being employed by CL-CRI-1014 and how you can protect your organization from this growing threat.
Published: Thu Jun 26 03:20:49 2025 by llama3.2 3B Q4_K_M
A growing threat landscape has led to a surge in high-profile attacks and vulnerabilities. Recent updates from The Hacker News highlight the need for vigilance among organizations as they face critical alerts regarding DDoS attacks, Linux flaws, and exploits of known vulnerabilities.
In light of this growing threat landscape, it is essential for individuals and businesses to take immediate action to address these vulnerabilities and ensure their systems are secure against known threats. This includes patching software, updating firmware, and implementing robust cybersecurity measures to protect against malicious attacks.
Published: Thu Jun 26 03:37:28 2025 by llama3.2 3B Q4_K_M
CitrixBleed 2, a new vulnerability discovered by security researcher Kevin Beaumont, has left many in the cybersecurity community on high alert. The vulnerability allows unauthenticated attackers to steal session cookies without logging in, echoing the same malicious intentions as its predecessor. This article provides a detailed analysis of the vulnerability and offers guidance on how organizations can mitigate the risk associated with CitrixBleed 2.
Published: Thu Jun 26 03:44:58 2025 by llama3.2 3B Q4_K_M
CISA has confirmed that a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software is now actively exploited in attacks, posing significant risks to the federal enterprise and other organizations. The vulnerability can be exploited by remote unauthenticated attackers to hijack and potentially brick unpatched servers. Read more about this critical security flaw and what organizations can do to patch and mitigate its impact.
Published: Thu Jun 26 04:53:34 2025 by llama3.2 3B Q4_K_M
The UK government has announced its decision to procure 12 nuclear-capable F-35A fighter jets due to incompatibility with RAF tankers. The acquisition of these aircraft is expected to enhance the UK's defense capabilities and strengthen its position within NATO.
Published: Thu Jun 26 05:03:55 2025 by llama3.2 3B Q4_K_M
Facial recognition technology is being used by Iceland supermarket chain to identify repeat offenders and reduce violent crime, but campaigners argue it's an overreach of power and a violation of customers' rights. As the use of FRT becomes more widespread, concerns about balance between security and privacy must be addressed.
Published: Thu Jun 26 05:11:23 2025 by llama3.2 3B Q4_K_M
Iranian APT35 hackers have been linked to a spear-phishing campaign targeting Israeli tech experts using AI-powered phishing attacks. The attack, attributed to the threat cluster known as Educated Manticore, demonstrates the increasing reliance on AI tools in phishing campaigns and highlights the need for organizations and individuals to remain vigilant against these sophisticated threats.
Published: Thu Jun 26 05:18:53 2025 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including a critical flaw in D-Link DIR-859 routers that can lead to information disclosure and potentially allow attackers to gain full control of the device. Experts recommend that organizations review the KEV catalog and address these vulnerabilities to protect against attacks.
Published: Thu Jun 26 05:31:39 2025 by llama3.2 3B Q4_K_M
The Qilin ransomware attack has left a trail of devastation, including the confirmed death of a patient, as part of a broader trend of ransomware attacks targeting healthcare organizations worldwide. With significant implications for patient safety and well-being, this incident highlights the need for increased vigilance and preparedness within the UK's National Health Service (NHS).
Published: Thu Jun 26 06:50:29 2025 by llama3.2 3B Q4_K_M
Facial recognition technology is being used by some retailers to identify repeat offenders, but critics argue that it constitutes an "Orwellian" invasion of consumers' personal space. As one company continues to roll out its use of FRT, the debate over its benefits and risks will likely continue.
Published: Thu Jun 26 07:01:50 2025 by llama3.2 3B Q4_K_M
The rise of SaaS has brought numerous benefits to businesses, but it also introduces significant risks to data resilience. As organizations face challenges such as hybrid environments, internal threats, cyber threats, and recovery speed, they must adopt a unified cloud platform that integrates industry-leading innovation, modern cloud-native technologies, and powerful AI acceleration to secure their data.
Published: Thu Jun 26 07:12:15 2025 by llama3.2 3B Q4_K_M
Glasgow City Council's digital services have been disrupted by a cyberattack, leaving residents uncertain about the status of their data. The attack, which started on June 19, 2025, has resulted in the council taking steps to protect its systems and prevent further damage.
Published: Thu Jun 26 08:26:02 2025 by llama3.2 3B Q4_K_M
Critical Cisco ISE Flaws Allow Remote Code Execution, Leaving Users Vulnerable to Attack
A recent discovery by Cisco Systems has revealed critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), which could allow remote attackers to execute arbitrary code as root-level privileges. Learn more about the implications of this vulnerability on organizations that rely on these solutions.
Published: Thu Jun 26 08:34:01 2025 by llama3.2 3B Q4_K_M
Cisco has released critical updates to address two severe security flaws in their Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products. The vulnerabilities, which carry a CVSS score of 10.0 each, allow unauthenticated attackers to gain root access via remote code execution. Users are advised to apply the latest patches as soon as possible to safeguard against potential threats.
Published: Thu Jun 26 10:49:56 2025 by llama3.2 3B Q4_K_M
The world of phishing has seen a significant shift in recent months, with advanced techniques like ClickFix and FileFix gaining traction among threat actors. These sophisticated attacks pose a serious risk to individuals and organizations worldwide, highlighting the need for ongoing education and awareness about emerging threats.
Published: Thu Jun 26 10:57:08 2025 by llama3.2 3B Q4_K_M
Microsoft has announced a major overhaul of its operating system's error message display, replacing the iconic Blue Screen of Death (BSOD) with a new black screen dubbed the "Black Screen of Death." This change aims to improve clarity and provide more detailed information about system errors, allowing users to quickly identify and fix issues. The new design will be introduced in an upcoming update to Windows 11 later this summer.
Published: Thu Jun 26 12:25:55 2025 by llama3.2 3B Q4_K_M
A 27-year-old former Western Sydney University student has been charged with multiple counts of hacking after allegedly exploiting university systems to gain cheap parking and breaching data. The incident highlights the need for robust cybersecurity measures in educational institutions and serves as a stark reminder of the consequences of engaging in malicious activities.
Published: Thu Jun 26 12:37:17 2025 by llama3.2 3B Q4_K_M
Cisco has addressed two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) components, CVE-2025-20281 and CVE-2025-20282. These bugs allow unauthenticated remote attackers to execute code on vulnerable systems with root privileges, making them among the most severe threats in terms of potential exploitation.
Published: Thu Jun 26 12:50:45 2025 by llama3.2 3B Q4_K_M
FBI Unveils IntelBroker: The Notorious Data Thief Behind a Web of Cybercrime and Deception
The Federal Bureau of Investigation has taken down IntelBroker, the notorious data thief behind some of the most high-profile data breaches in recent years. Read on to learn more about his activities and how this case serves as a stark reminder of the need for vigilance in the digital age.
Published: Thu Jun 26 15:12:32 2025 by llama3.2 3B Q4_K_M
Kai West, aka IntelBroker, has been indicted for his alleged role in a global hacking scheme that caused millions of dollars in damages. The indictment charges him with computer intrusion and wire fraud, with potential sentences up to 20 years. This marks a significant milestone in the ongoing efforts by law enforcement agencies to combat global cybercrime operations.
Published: Thu Jun 26 15:19:30 2025 by llama3.2 3B Q4_K_M
A critical vulnerability in the AMI MegaRAC firmware package has been exploited by hackers to gain complete control over thousands of servers. The US Cybersecurity and Infrastructure Security Agency (CISA) has warned of this maximum-severity vulnerability, which allows attackers to manipulate server operations, steal sensitive data, and evade security tools. Administrators must take immediate action to assess their BMCs for vulnerabilities and implement patches to prevent exploitation of this critical flaw.
Published: Thu Jun 26 18:48:58 2025 by llama3.2 3B Q4_K_M
Hawaiian Airlines Discloses Cyberattack Amidst Global Concerns Over Increasing Malware Threats
Published: Fri Jun 27 01:08:30 2025 by llama3.2 3B Q4_K_M
UNFI, a leading grocery wholesale giant, has successfully restored its core systems after a recent cyberattack. The company believes the incident may have a material impact on its net income and adjusted EBITDA for the year's fourth fiscal quarter of 2025. While UNFI has taken steps to mitigate potential financial implications, the breach serves as a stark reminder of the importance of robust cybersecurity measures in protecting sensitive organizational and customer data.
Published: Fri Jun 27 02:18:18 2025 by llama3.2 3B Q4_K_M
The OneClik malware campaign has been identified in recent months, targeting organizations within the energy, oil, and gas sectors using Microsoft's ClickOnce technology and bespoke Golang backdoors. This campaign reflects a broader shift toward "living-off-the-land" tactics, blending malicious operations within cloud and enterprise tooling to evade traditional detection mechanisms. As the threat landscape continues to evolve, it is essential for organizations to stay informed about emerging threats and to implement robust security measures to protect themselves against such campaigns.
Published: Fri Jun 27 03:28:47 2025 by llama3.2 3B Q4_K_M
APT42, a group linked to Iran, has been conducting highly sophisticated phishing campaigns against Israeli academics and journalists, using custom phishing kits and AI-written messages to steal email credentials and 2FA codes. The attacks have led to significant damages, with some reports suggesting that the total loss could reach $25 million.
Published: Fri Jun 27 03:34:56 2025 by llama3.2 3B Q4_K_M
A retail giant has announced that a data breach affecting 2.2 million people has compromised sensitive information across its U.S. systems, citing the ransomware-as-a-service operation known as INC Ransom.
Published: Fri Jun 27 04:43:32 2025 by llama3.2 3B Q4_K_M
The use of managed file transfer solutions such as MOVEit Transfer has become increasingly common due to its ability to handle high-value information securely. However, recent scanning activity targeting these systems has highlighted the need for enhanced security measures to protect against exploitation. As attackers continue to evolve and exploit vulnerabilities with increasing frequency, users must take proactive steps to safeguard their systems against potential threats.
Published: Fri Jun 27 04:53:14 2025 by llama3.2 3B Q4_K_M
Discover how agentic AI SOC analysts are transforming the face of cybersecurity operations, enabling organizations to reduce risk, control cost, and deliver more with less. Read our latest article to learn more about the benefits of this cutting-edge technology and its potential to elevate your SOC operations to new heights.
Published: Fri Jun 27 07:04:04 2025 by llama3.2 3B Q4_K_M
Chinese hackers are using fake websites to deliver Sainbox RAT and Hidden rootkit malware to Chinese-speaking users, highlighting the need for increased cybersecurity awareness and protection measures.
Published: Fri Jun 27 07:13:32 2025 by llama3.2 3B Q4_K_M
OneClik APT campaign targets energy sector with stealthy backdoors, using sophisticated malware crafted in Golang that leverages Microsoft's ClickOnce deployment technology. Attribution remains cautious due to the lack of concrete proof linking this campaign directly to specific threat actors or nations.
Published: Fri Jun 27 08:21:49 2025 by llama3.2 3B Q4_K_M
Citrix Bleed 2: A Critical NetScaler Flaw Exploited in Targeted Attacks - Cybersecurity experts have identified a critical vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) being exploited in targeted attacks, allowing attackers to hijack user sessions and bypass multi-factor authentication. To protect against this threat, users should upgrade to the latest firmware and limit external access to NetScaler via network ACLs or firewall rules.
Published: Fri Jun 27 09:30:04 2025 by llama3.2 3B Q4_K_M
Ahold Delhaize, a multinational grocery and retail corporation, has confirmed that its November cyberattack exposed the personal data of more than 2.24 million individuals. The breach, which is widely thought to have involved ransomware, led to significant disruptions across the company's operations, including IT issues affecting Stop & Shop stores and delayed and missing deliveries at Food Lion. Ahold Delhaize has since taken steps to address the breach, including working with external cybersecurity experts to investigate and secure the affected systems.
Published: Fri Jun 27 09:36:45 2025 by llama3.2 3B Q4_K_M
A new wave of attacks linked to the Mustang Panda threat actor has been uncovered, targeting the Tibetan community with spear-phishing emails designed to deploy malware that could provide unauthorized access to sensitive information. The attackers have used sophisticated techniques, including Tibet-themed lures and USB worm-like malware, to evade detection and spread malicious payloads across compromised machines.
Published: Fri Jun 27 09:45:36 2025 by llama3.2 3B Q4_K_M
Citrix Bleed 2, a high-severity vulnerability allowing hackers to steal session tokens and bypass MFA, has now been confirmed as likely exploited in targeted attacks. Find out how this vulnerability can impact your organization and what steps you need to take to protect yourself.
Published: Fri Jun 27 10:55:14 2025 by llama3.2 3B Q4_K_M
In a stunning display of automotive innovation, Pen Test Partners has turned a car into a video game controller using CAN data signals. The 2016 Renault Clio served as the vehicle for this experiment, which aimed to demonstrate how aspiring security professionals could work with car data to create immersive gaming experiences. This groundbreaking project showcases the potential for creative applications of automotive cybersecurity expertise and highlights the importance of interdisciplinary research in exploring new avenues for technology and art.
Published: Fri Jun 27 11:05:30 2025 by llama3.2 3B Q4_K_M
In a 6-3 decision, the US Supreme Court has upheld Texas's age verification law, requiring websites publishing pornographic content to implement robust age checks. The ruling raises concerns about censorship, freedom of expression, and exploitation, and could have far-reaching implications for the entire country and the wider internet.
Published: Fri Jun 27 11:14:37 2025 by llama3.2 3B Q4_K_M
A complex cyber espionage campaign using SOHO devices has been discovered, compromising over 1,000 devices across the United States and Southeast Asia. The "LapDogs" network, linked to China-nexus hacking groups, uses a custom backdoor called ShortLeash to enlist infected devices into its network. With evidence pointing towards a prolonged cyber espionage infrastructure, this campaign serves as a reminder of the ever-evolving threat landscape.
Published: Fri Jun 27 12:28:39 2025 by llama3.2 3B Q4_K_M
Scattered Spider: The Evolution of a Threat Actor's Tactics and Their Shift to Targeting Aviation and Transportation Industries
The world of cyber threats has witnessed numerous actors emerge over the years, each with their unique tactics and methods. Scattered Spider is one such threat actor that has gained significant attention in recent times due to its evolution in tactics and its shift towards targeting aviation and transportation industries.
Published: Fri Jun 27 13:38:58 2025 by llama3.2 3B Q4_K_M
Aloha Airlines Discloses Cybersecurity Incident as Scattered Spider Gang Targets Retailers and Insurance Companies
Published: Fri Jun 27 13:55:07 2025 by llama3.2 3B Q4_K_M
A critical vulnerability in the Open VSX Registry has been discovered, leaving millions of developers exposed to supply chain attacks. The vulnerability allows attackers to hijack the entire extensions marketplace, providing them with full control over millions of developer machines.
Published: Fri Jun 27 16:07:40 2025 by llama3.2 3B Q4_K_M
A growing threat is looming over critical infrastructure in the US, as cyberattacks become increasingly sophisticated and targeted. According to cybersecurity expert Joshua Corman, the country's water systems, hospitals, and power grids are particularly vulnerable to attack, with significant consequences for public health and safety.
Published: Fri Jun 27 18:18:01 2025 by llama3.2 3B Q4_K_M
Cybercriminals are targeting the healthcare sector with sophisticated phishing scams, exploiting the complexity of the US healthcare billing system to steal sensitive information and financial resources. Learn more about this growing threat and how you can protect yourself and your loved ones.
Published: Fri Jun 27 18:24:49 2025 by llama3.2 3B Q4_K_M
GIFTEDCROOK, a malware known for its ability to steal sensitive information from users' browsers and devices, has evolved into a potent intelligence-gathering tool capable of exfiltrating a broad range of sensitive documents. The latest version of GIFTEDCROOK has introduced new features that enhance the malware's intelligence-gathering capabilities, posing significant risks to individuals working in public sector roles or handling sensitive internal reports.
Published: Sat Jun 28 03:44:06 2025 by llama3.2 3B Q4_K_M
Meta's new feature uses AI to suggest collages and other ideas using user-uploaded photos, raising concerns over user privacy and data protection. Is this just another example of tech companies prioritizing convenience over user safety? Read on to find out.
Published: Sat Jun 28 03:52:01 2025 by llama3.2 3B Q4_K_M
The Surveillance State: A Growing Concern for Civil Liberties
A Texas sheriff's use of license plate readers to track down a woman who had an abortion raises questions about government overreach and the potential for abuse of power. Meanwhile, ICE raids on undocumented migrant communities using social media platforms has become increasingly common, raising concerns about surveillance-driven profiling and wrongful arrests. The rise of ransomware attacks, deepfakes as a tool for phishing campaigns, and vulnerability of critical infrastructure to cyberattacks are just some of the issues that highlight the need for greater transparency and accountability in the use of surveillance technology.
Published: Sat Jun 28 06:02:17 2025 by llama3.2 3B Q4_K_M
The rise of Scattered Spider marks a significant shift in the sophistication of cyber threats targeting organizations. By leveraging social engineering tactics and exploiting vulnerabilities in human-centric workflows, this group has demonstrated its ability to bypass technical defenses. As such, it is imperative that businesses prioritize strengthening their ID verification protocols and training employees to recognize and resist these types of attacks.
Published: Sat Jun 28 07:14:16 2025 by llama3.2 3B Q4_K_M
Former NATO hacker Candan Bolukbas warns that Iranian cyber threats are becoming more potent as tensions escalate between Iran and its adversaries, particularly Israel, highlighting the need for heightened security measures worldwide.
Published: Sat Jun 28 09:36:11 2025 by llama3.2 3B Q4_K_M
LapDogs: The Sophisticated China-Nexus Hacktivist Campaign Hijacking Millions of SOHO Devices for Espionage
In a recent revelation, researchers have uncovered a complex China-linked hacking campaign dubbed LapDogs, which has hijacked over 1,000 small office/home office devices to form an Operational Relay Box network for long-term cyber espionage. The campaign is notable for its strategic focus and careful planning, demonstrating the ability of Chinese threat actors to leverage ORB networks for covert intrusion campaigns. Security teams should be on high alert that China-Nexus threat actors are disrupting traditional playbooks for IOC tracking, response, and remediation.
Published: Sat Jun 28 09:45:21 2025 by llama3.2 3B Q4_K_M
The airline sector has become a new target for cybercriminals, with law enforcement agencies warning about the emergence of a sophisticated threat actor known as Scattered Spider. This group is using advanced social engineering techniques to gain access to organizations operating in this sector, highlighting the growing sophistication and adaptability of modern cybercrime groups.
Published: Sat Jun 28 15:58:32 2025 by llama3.2 3B Q4_K_M
Bluetooth vulnerabilities have been discovered that could allow hackers to spy on users through their microphones, compromising sensitive information such as call history and contacts. Device manufacturers are working to address the issue by releasing updated firmware, but it is unclear how widespread these vulnerabilities will be exploited in the wild.
Published: Sun Jun 29 11:26:12 2025 by llama3.2 3B Q4_K_M
A recent security newsletter has revealed a complex and evolving landscape of cyber threats, including ransomware gangs, software-based phishing, and APT campaigns. These threats highlight the ongoing need for individuals and organizations to be vigilant and proactive when it comes to cybersecurity.
Published: Sun Jun 29 12:38:01 2025 by llama3.2 3B Q4_K_M
As nation-states and non-state actors engage in sophisticated campaigns of espionage and sabotage, the stakes have never been higher in the realm of modern cyber warfare. From the theft of sensitive data to the disruption of critical infrastructure, the consequences of a successful attack can be severe and far-reaching. In this article, we will explore the latest developments in this rapidly evolving field and examine the ways in which governments and organizations around the world are working to improve their defenses against cyber attacks.
Published: Sun Jun 29 12:48:57 2025 by llama3.2 3B Q4_K_M
Almost half of those infected by ransomware still pay out to attackers, despite growing awareness and measures being taken to prevent such incidents, according to a recent survey conducted by Sophos. This trend highlights the ongoing threat of ransomware to businesses and individuals alike.
Published: Sun Jun 29 22:05:14 2025 by llama3.2 3B Q4_K_M
Facebook wants access to your camera roll for AI-powered photo edits, sparking concerns about user privacy and data collection practices.
Published: Sun Jun 29 22:12:36 2025 by llama3.2 3B Q4_K_M
Canada has ordered Hikvision, a Chinese-based CCTV systems vendor, to quit its local operations due to concerns over national security and data protection. The decision follows growing tensions between Canada and China and highlights the need for countries to prioritize their citizens' safety and privacy in the face of rapidly evolving technological advancements.
Published: Sun Jun 29 23:22:33 2025 by llama3.2 3B Q4_K_M
The State of Browser Security: A Fight Against Fingerprinting and Data Collection
As users become increasingly aware of the importance of online privacy, the battle against fingerprinting and data collection has reached new heights. In this article, we will delve into the world of browser security, exploring the ways in which companies like Google and major browsers are trying to keep users' data safe while also discussing the limitations of current solutions.
Published: Mon Jun 30 04:37:08 2025 by llama3.2 3B Q4_K_M
A recent data breach at Ahold Delhaize has exposed the personal information of over 2.2 million individuals, leaving them vulnerable to identity theft and financial exploitation. The company has taken steps to address the breach and offer support to affected customers, but the incident serves as a reminder of the importance of robust cybersecurity measures in protecting sensitive information.
Published: Mon Jun 30 04:45:07 2025 by llama3.2 3B Q4_K_M
The FBI has long been concerned about the threat of ubiquitous technical surveillance (UTS), but a recent report by the Justice Department highlights the severity of this issue. A sophisticated hacker hired by the Sinaloa drug cartel breached the phone of an FBI official investigating kingpin Joaquín “El Chapo” Guzmán, demonstrating the ease with which organized crime groups can exploit advanced hacking tools to track law enforcement officials and conceal their own activities.
Published: Mon Jun 30 15:20:40 2025 by llama3.2 3B Q4_K_M
Brother printer models are vulnerable to an unpatchable security flaw, leaving users at risk of having their sensitive information compromised. Here's what you need to know about the issue and how to protect yourself.
Published: Mon Jun 30 15:33:07 2025 by llama3.2 3B Q4_K_M
Switzerland's government data has been compromised by a sophisticated ransomware attack at a third-party organization called Radix. The breach saw sensitive information stolen and leaked on the dark web, highlighting the growing threat of Sarcoma ransomware group. As organizations continue to rely on third-party services and software providers, it is crucial that they prioritize cybersecurity measures to protect sensitive information.
Published: Mon Jun 30 15:45:16 2025 by llama3.2 3B Q4_K_M
The Canadian government has ordered Hikvision Canada Inc. to cease all operations due to concerns over national security. The decision, made public by Mélanie Joly, Canada's Minister of Innovation, Science and Industry, is based on a multi-step review of information and evidence provided by the country's security and intelligence community. Hikvision has responded to the decision, calling it unfounded and politically motivated.
Published: Mon Jun 30 15:54:22 2025 by llama3.2 3B Q4_K_M
The FBI has warned Americans of cybercriminals impersonating health fraud investigators to steal sensitive information. Experts say that the key to avoiding these scams is to be extremely cautious when receiving unsolicited emails or messages from individuals claiming to be from a healthcare organization.
Published: Mon Jun 30 16:00:26 2025 by llama3.2 3B Q4_K_M
Over 1,200 unpatched Citrix servers pose a significant risk to sensitive data and user sessions, with experts warning that these vulnerable systems can be exploited by attackers to bypass authentication and access restricted memory regions.
Published: Mon Jun 30 16:09:58 2025 by llama3.2 3B Q4_K_M
The FBI's lackluster advice on mobile security has sparked concerns among lawmakers and their staff. A prominent senator is calling for a more comprehensive approach to address this issue.
Published: Mon Jun 30 16:26:24 2025 by llama3.2 3B Q4_K_M
A recent report by the U.S. Justice Department has revealed how a Mexican drug cartel hacker used surveillance technology to identify and target FBI informants for execution, highlighting the risks associated with ubiquitous technical surveillance.
Published: Mon Jun 30 16:34:36 2025 by llama3.2 3B Q4_K_M
A disgruntled IT worker has been sentenced to over seven months in prison for wreaking havoc on his employer's network after being suspended from his job. The incident highlights the importance of robust cybersecurity measures and employee conduct guidelines, as well as the need for organizations to prioritize employee well-being and provide support systems to address grievances effectively.
Published: Mon Jun 30 16:47:04 2025 by llama3.2 3B Q4_K_M
Scattered Spider's Aviation Assault: A New Front in the War on Cybercrime - As the notorious group of cybercriminals turns its attention to the aviation sector, experts warn that defenders everywhere must take immediate action to protect against these attacks. With multiple incidents detected in airlines and transportation companies, Scattered Spider's tactics are designed to exploit weaknesses in security systems and gain unauthorized access to sensitive information.
Published: Mon Jun 30 16:56:22 2025 by llama3.2 3B Q4_K_M
The Sinaloa cartel has been found to have hired a cybersnoop to identify and kill FBI informants, exposing a deep-seated vulnerability in the FBI's cybersecurity efforts. The agency is under pressure to improve its response to Ubiquitous Technical Surveillance (UTS) threats.
Published: Mon Jun 30 17:05:33 2025 by llama3.2 3B Q4_K_M
The Shadowy World of North Korean Cybercrime: A Growing Threat to US National Security
A complex web of operations involving the theft of identities, use of fake personas, and exploitation of vulnerabilities in US companies has been uncovered by US authorities. The operation, which was allegedly carried out by two men from New Jersey, involved the theft of over 700 personal records and generated tens of billions of dollars in revenue for the North Korean government.
Published: Mon Jun 30 17:11:43 2025 by llama3.2 3B Q4_K_M
The world of cybersecurity has witnessed a significant shift in recent times, as nations and non-state actors alike have been using advanced technologies to launch devastating cyberattacks on critical infrastructure, defense systems, and other sensitive networks. This article provides an in-depth analysis of the rising Iranian cyber threat landscape, highlighting the evolving tactics used by these actors and providing actionable advice for organizations to protect themselves against these threats.
Published: Mon Jun 30 17:18:14 2025 by llama3.2 3B Q4_K_M
In a significant breakthrough, Europol has successfully dismantled a $540 million cryptocurrency fraud network, arresting five suspects in the process. This operation marks a major milestone in the agency's efforts to combat global cryptocurrency scams, which have been growing exponentially in recent years.
Published: Mon Jun 30 17:26:37 2025 by llama3.2 3B Q4_K_M
Blind Eagle's Sophisticated Phishing Campaign Exposes Vulnerabilities in Colombian Banks
A highly organized and well-funded operation has been making waves in the world of cybersecurity. Learn more about Blind Eagle's tactics and how this group is targeting financial institutions in South America, using a combination of phishing sites and Visual Basic Script (VBS) files.
Published: Mon Jun 30 17:40:53 2025 by llama3.2 3B Q4_K_M
The world of cybersecurity is becoming increasingly complex, with the rise of non-human identities (NHI) posing a growing threat to organizations. As AI technology advances, the need for robust identity management systems has become more important than ever. Learn how treating secrets as unique identifiers can provide machine-verifiable indexes of NHI inventories and protect your organization against this emerging threat.
Published: Mon Jun 30 17:48:58 2025 by llama3.2 3B Q4_K_M
In recent weeks, a number of high-profile cybersecurity threats have emerged, including sophisticated social engineering attacks on airlines, the emergence of cryptomining botnets, vulnerabilities in major Linux distributions, and zero-day exploits in popular applications like Google Chrome. As AI continues to expand its reach into our personal and professional lives, addressing the growing security risk posed by non-human identities will be crucial in safeguarding against these emerging threats.
Published: Mon Jun 30 18:00:04 2025 by llama3.2 3B Q4_K_M
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog, urging federal agencies to fix the vulnerability by July 21, 2025, as a critical threat to enterprise security.
Published: Mon Jun 30 18:08:53 2025 by llama3.2 3B Q4_K_M
Canada has banned Hikvision, a leading Chinese surveillance firm, due to concerns over national security. The decision comes after a thorough review found that the company's activities posed an unacceptable threat to Canada's security.
Published: Mon Jun 30 18:18:57 2025 by llama3.2 3B Q4_K_M
Denmark has taken a significant step towards protecting its citizens' personal identities by introducing a novel copyright law aimed at safeguarding their rights over their face, body, and voice. This move paves the way for other countries to follow suit in safeguarding individuals against deepfakes, marking an important milestone in the quest to protect digital identity.
Published: Mon Jun 30 18:29:52 2025 by llama3.2 3B Q4_K_M
Ubiquitous Technical Surveillance: The Growing Threat of Modern-Day Espionage
Published: Mon Jun 30 19:48:15 2025 by llama3.2 3B Q4_K_M
The U.S. government has issued a warning about potential cyberattacks from Iranian-affiliated hackers targeting critical infrastructure, including Defense Industrial Base companies and organizations in the energy, water, and healthcare sectors. The advisory highlights the increasing threat posed by Iranian cyber actors, who are known to exploit vulnerabilities or utilize default passwords to gain breach systems.
Published: Mon Jun 30 19:57:29 2025 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |