204Articles
10Categories
2025-05-13Date
🚨 CISA KEV 3[−]
13 May KEVCISA Warns of Flaw in TeleMessage App Used by Ex-National Security AdvisorAn information exposure flaw in TeleMessage has been added to CISA’s Known Exploited Vulnerabilities catalog. The post CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor appeared first on SecurityWeek .SECURITYWEEK.COM
13 May KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2025-30400 Microsoft Windows DWM Core Library Use-After-Free Vulnerability CVE-2025-32701 Microsoft Windows Common Log File System (CLFS) Driver …CISA.GOV
13 May KEVRSS feed for CISA KEV vulnerabilities, powered by Vulnerability-Lookupsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.vulnerability-lookup.org/user-manual/feed-syndication/#most-recent-entries-from-known-exploited-vulnerabilitiesINFOSEC.PUB
🐛 COMMON VULNERABILITIES AND EXPOSURES 81[−]
13 MayAttackers Leverage Unpatched Output Messenger 0‑Day to Deliver Malicious PayloadsA Türkiye-affiliated espionage threat actor, tracked by Microsoft Threat Intelligence as Marbled Dust (also known as Sea Turtle and UNC1326), has been exploiting a zero-day vulnerability in Output Messenger, a popular multiplatform chat software. Identified as CVE-2025-27920, thi…GBHACKERS.COM
13 May KEVCISA Flags Hidden Functionality Flaw in TeleMessage TM SGNL on KEV ListCybersecurity and Infrastructure Security Agency (CISA) has escalated its advisory for TeleMessage TM SGNL, adding a critical hidden functionality vulnerability (CVE-2025-47729) to its Known Exploited Vulnerabilities (KEV) catalog. This flaw exposes cleartext copies of user messa…GBHACKERS.COM
13 MayAsus One-Click Flaw Exposes Users to Remote Code Execution AttacksCritical security vulnerability in ASUS DriverHub software has been discovered that allowed attackers to execute arbitrary code with administrator privileges through a simple web visit. Security researcher identified and reported the vulnerability in April 2025, which has since b…GBHACKERS.COM
13 MayF5 BIG-IP Vulnerability Allows Remote Command ExecutionCritical security vulnerability in F5 BIG-IP systems has been discovered that allows authenticated administrators to execute arbitrary system commands, effectively bypassing security boundaries. Identified as CVE-2025-31644, the command injection flaw affects multiple versions of…GBHACKERS.COM
13 MayPoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied by a proof-of-concept (PoC) exploit demonstrating partial sandbox bypass via Apple’s RemoteViewServices framework. The flaw, discovered by researcher wh1te4ever, ex…GBHACKERS.COM
13 MayPoC Released: CVE-2025-31258 Sandbox Escape in macOS via RemoteViewServicessubmitted by kid to cybersecurity 1 points | 0 comments https://securityonline.info/poc-released-cve-2025-31258-sandbox-escape-in-macos-via-remoteviewservices/SH.ITJUST.WORKS
13 MayChina-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems WorldwideA recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. "Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code e…THEHACKERNEWS.COM
13 MayNew EU vulnerability database will complement CVE program, not compete with it, says ENISAFrom this week, the global technology industry has a new database to check for the latest software security flaws: the European Union Vulnerability Database (EUVD). Made operational by the European Union Agency for Cybersecurity (ENISA) to fulfil the EU’s NIS2 cybersecurity Direc…CSOONLINE.COM
13 MayCVE-2025-26646 .NET, Visual Studio, and Build Tools for Visual Studio Spoofing VulnerabilityExternal control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-26684 Microsoft Defender Elevation of Privilege VulnerabilityExternal control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29959 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityUse of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29960 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29964 Windows Media Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29966 Remote Desktop Client Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29967 Remote Desktop Client Remote Code Execution VulnerabilityHeap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29968 Active Directory Certificate Services (AD CS) Denial of Service VulnerabilityImproper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29969 MS-EVEN RPC Remote Code Execution VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29970 Microsoft Brokering File System Elevation of Privilege VulnerabilityUse after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29971 Web Threat Defense (WTD.sys) Denial of Service VulnerabilityOut-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29973 Microsoft Azure File Sync Elevation of Privilege VulnerabilityImproper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29975 Microsoft PC Manager Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29976 Microsoft SharePoint Server Elevation of Privilege VulnerabilityImproper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29977 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29978 Microsoft PowerPoint Remote Code Execution VulnerabilityUse after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29979 Microsoft Excel Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30375 Microsoft Excel Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30376 Microsoft Excel Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30377 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30378 Microsoft SharePoint Server Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30379 Microsoft Excel Remote Code Execution VulnerabilityRelease of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30381 Microsoft Excel Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30382 Microsoft SharePoint Server Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30383 Microsoft Excel Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30384 Microsoft SharePoint Server Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30386 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30387 Document Intelligence Studio On-Prem Elevation of Privilege VulnerabilityImproper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-27468 Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityImproper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30393 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29826 Microsoft Dataverse Elevation of Privilege VulnerabilityImproper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-30394 Windows Remote Desktop Gateway (RD Gateway) Denial of Service VulnerabilitySensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-30400 Microsoft DWM Core Library Elevation of Privilege VulnerabilityUse after free in Windows DWM allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32701 Windows Common Log File System Driver Elevation of Privilege VulnerabilityUse after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32703 Visual Studio Information Disclosure VulnerabilityInsufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32706 Windows Common Log File System Driver Elevation of Privilege VulnerabilityImproper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-21264 Visual Studio Code Security Feature Bypass VulnerabilityFiles or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32709 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityUse after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-26677 Windows Remote Desktop Gateway (RD Gateway) Denial of Service VulnerabilityUncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-27488 Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege VulnerabilityUse of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-26685 Microsoft Defender for Identity Spoofing VulnerabilityImproper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29829 Windows Trusted Runtime Interface Driver Information Disclosure VulnerabilityUse of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29830 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityUse of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29831 Windows Remote Desktop Services Remote Code Execution VulnerabilityUse after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29832 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29833 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29835 Windows Remote Access Connection Manager Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29836 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29837 Windows Installer Information Disclosure VulnerabilityImproper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29838 Windows ExecutionContext Driver Elevation of Privilege VulnerabilityNull pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29839 Windows Multiple UNC Provider Driver Information Disclosure VulnerabilityOut-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29840 Windows Media Remote Code Execution VulnerabilityStack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29841 Universal Print Management Service Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29842 UrlMon Security Feature Bypass VulnerabilityAcceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29954 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityUncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29955 Windows Hyper-V Denial of Service VulnerabilityImproper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29956 Windows SMB Information Disclosure VulnerabilityBuffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29957 Windows Deployment Services Denial of Service VulnerabilityUncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-29958 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityUse of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29961 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29962 Windows Media Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29963 Windows Media Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-29974 Windows Kernel Information Disclosure VulnerabilityInteger underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.MSRC.MICROSOFT.COM
13 MayCVE-2025-30385 Windows Common Log File System Driver Elevation of Privilege VulnerabilityUse after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30388 Windows Graphics Component Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-30397 Scripting Engine Memory Corruption VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 MayCVE-2025-32702 Visual Studio Remote Code Execution VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32704 Microsoft Excel Remote Code Execution VulnerabilityBuffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32705 Microsoft Outlook Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-32707 NTFS Elevation of Privilege VulnerabilityOut-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2025-24063 Kernel Streaming Service Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 MayCVE-2017-0045 Windows DVD Maker XML External Entity Information Disclosure VulnerabilityCorrected CVE title. This is an informational change only.MSRC.MICROSOFT.COM
13 MayResearchers bypass Intel’s Spectre fixes — six years of CPUs at riskSix years after Intel made architectural changes to its CPUs to mitigate speculative execution vulnerabilities, researchers have developed a new technique that can bypass some of those mitigations. Called Branch Privilege Injection (BPI), the new attack method was developed by re…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 50[−]
13 MaySo schützen Zugriffskontrollen vor Ransomwareloading="lazy" width="400px"> Um sich vor Ransomware-Angriffen zu schützen, sollten Unternehmen ihre Logins absichern. Fit Ztudio – shutterstock.com Ransomware bleibt eine der größten Gefahren für Unternehmen – trotz wachsender Investitionen in IT-Sicherheit. Die Ursache: Der Ers…CSOONLINE.COM
13 MayTop-Tipps für die erfolgreiche Nutzung von BedrohungsdatenMit STIX und TAXII werden Bedrohungsdaten nicht nur übertragen, sondern strategisch nutzbar gemacht. Gorodenkoff – shutterstock.com Unternehmen, die der Flut von Sicherheitsverletzungen und Angriffen Einhalt gebieten wollen, schaffen sich in der Regel eine Threat Intelligence Pla…CSOONLINE.COM
13 May KEVDeepfake attacks are inevitable. CISOs can’t prepare soon enough.An employee in the finance department at a retail company recently got a call from his CFO directing him to wire $700,000 to a business the company was in the process of acquiring. The executive noted that the transaction was extremely time sensitive. It seemed a bit out of the o…CSOONLINE.COM
13 MayTürkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish ServersA Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. "These exploits have resulted in a collection of related user data from targe…THEHACKERNEWS.COM
13 MayMerck’s CISO Volker Buß on securing global operationsVolker Buß joined the German multinational science and technology company Merck Group in 2021. Merck is present in more than 60 countries and employs more than 60,000 people worldwide. Buß talks about his experience and how to handle a cyber attack. The Merck Group employs around…CSOONLINE.COM
13 MayMoldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research AgencyMoldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021. "He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money la…THEHACKERNEWS.COM
13 MayCIO des Jahres 2025 – jetzt mitmachen und bis Ende Mai bewerbenloading="lazy" width="400px"> So sehen Siegerinnen und Sieger aus. Die Gewinnerinnen und Gewinner des vergangenen Jahres jubeln über ihre CIO-des-Jahres-Awards. Machen auch Sie mit und bewerben Sie sich – dann stehen Sie vielleicht im Oktober 2025 auf der großen Gala-Bühne und dü…CSOONLINE.COM
13 MaySecure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubb... - ASW #330Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and …YOUTUBE.COM
13 MayOutput Messenger Zero-Day Exploited by Turkish Hackers for Iraq SpyingA Turkey-affiliated espionage group has exploited a zero-day vulnerability in Output Messenger since April 2024. The post Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayCourt Rules Against NSO GroupThe case is over : A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought against Israel-based NSO Group for exploiting a software vulnerability that hijacked the phones of thousands of users. I’m sure it’ll be appealed. Everything …SCHNEIER.COM
13 May KEVCISA’s alert pivot reflects a new era of decentralized cyber threat communicationIn a move that may redefine how the US government communicates cyber threats to the public and enterprises, the Cybersecurity and Infrastructure Security Agency (CISA) has announced a significant shift in its alert dissemination strategy. Going forward, only high-priority alerts—…CSOONLINE.COM
13 MayHackers Abuse PyInstaller to Deploy Stealthy macOS InfostealerJamf Threat Labs has identified a novel macOS infostealer that exploits PyInstaller, a legitimate open-source tool used to bundle Python scripts into standalone Mach-O executables. This marks the first documented instance of PyInstaller being weaponized to deploy infostealers on …GBHACKERS.COM
13 MayEuropean Vulnerability Database Launches Amid US CVE Chaossubmitted by kid to cybersecurity 4 points | 0 comments https://www.infosecurity-magazine.com/news/european-vulnerability-database-us/SH.ITJUST.WORKS
13 MayRadware Says Recently Disclosed WAF Bypasses Were Patched in 2023The Radware Cloud WAF product vulnerabilities disclosed by CERT/CC were addressed two years ago. The post Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
13 MaySAP Patches Another Critical NetWeaver VulnerabilitySAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability. The post SAP Patches Another Critical NetWeaver Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayZoom Workplace Apps Flaws Allow Hackers to Gain Elevated AccessZoom has released multiple security bulletins addressing seven newly discovered vulnerabilities in Zoom Workplace Apps, with one rated as high severity. All vulnerabilities were disclosed on May 13, 2025, and could potentially allow attackers to escalate privileges through variou…GBHACKERS.COM
13 MayFour Hackers Caught Exploiting Old Routers as Proxy ServersU.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Alek…GBHACKERS.COM
13 MayHow phishing emails are sent from no-reply@accounts.google.com | Kaspersky official blogScammers are exploiting Google services to send phishing emails that appear to originate from accounts.google.com, disguising the messages as subpoenas.KASPERSKY.COM
13 MayM&S says customer data stolen in cyberattack, forces password resetsMarks and Spencer (M&S) confirms that customer data was stolen in a cyberattack last month, when ransomware was used to encrypt servers. [...]BLEEPINGCOMPUTER.COM
13 MayOutput Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spyingsubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/output-messenger-zero-day-exploited-by-turkish-hackers-for-iraq-spying/SH.ITJUST.WORKS
13 MayF5 BIG-IP Vulnerability Allows Remote Command Executionsubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/f5-big-ip-vulnerability-allows-rce/SH.ITJUST.WORKS
13 MayMalicious PyPI Package Posing as Solana Tool Stole Source Code in 761 DownloadsCybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets. The package, named sol…THEHACKERNEWS.COM
13 MayIvanti warns of critical Neurons for ITSM auth bypass flaw​Ivanti has released security updates for its Neurons for ITSM IT service management solution that mitigate a critical authentication bypass vulnerability. [...]BLEEPINGCOMPUTER.COM
13 MayBritain’s intelligence services see “direct connection between Russian cyber attacks and physical threats to our security"submitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://therecord.media/uk-spies-see-connection-russia cross-posted from: lemmy.sdf.org/post/34478394 Archived Britain’s intelligence services are seeing a “direct connection between Russian cyber attacks and physica…INFOSEC.PUB
13 MayBritain’s intelligence services see “direct connection between Russian cyber attacks and physical threats to our security"submitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://therecord.media/uk-spies-see-connection-russia cross-posted from: lemmy.sdf.org/post/34478394 Archived Britain’s intelligence services are seeing a “direct connection between Russian cyber attacks and physica…SH.ITJUST.WORKS
13 MayHackers Weaponize KeePass Password Manager to Spread Malware and Steal PasswordsThreat actors have successfully exploited the widely-used open-source password manager, KeePass, to spread malware and facilitate large-scale password theft. The attack, which was reported by WithSecure’s Incident Response team, involved modifying and re-signing KeePass installer…GBHACKERS.COM
13 MayRansomware Attacks Surge by 123% Amid Evolving Tactics and StrategiesThe 2025 Third-Party Breach Report from Black Kite highlights a staggering 123% surge in ransomware attacks during 2024, driven largely by sophisticated exploitation of third-party vendor ecosystems. As cybercriminals refine their tactics, third-party vendors have emerged as the …GBHACKERS.COM
13 MayFortinet fixes critical zero-day exploited in FortiVoice attacksFortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. [...]BLEEPINGCOMPUTER.COM
13 May KEVFortinet FortiVoice Zero-day Vulnerability Actively Exploited in The WildA critical stack-based buffer overflow vulnerability (CWE-121) has been discovered in multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. A critical zero-day vulnerability in FortiVoice systems is being actively exploited in the …GBHACKERS.COM
13 MayHe Used a Fortinet Box… And Got More Than He Bargained For!He thought using a Fortinet box meant his network was safe… until reality hit. 😱 Many companies focus on securing their internal code but overlook the hidden risks in enterprise software and hardware. The truth? Hackers often exploit vulnerabilities in the very tools meant to pro…YOUTUBE.COM
13 MayIvanti Released Security Updates to Fix for the Mutiple RCE Vulnerabilities – Patch NowIvanti, a leading enterprise software provider, has released critical security updates addressing vulnerabilities across several products, including Endpoint Manager Mobile (EPMM), Neurons for ITSM (on-premises), Cloud Services Application (CSA), and Neurons for MDM (N-MDM). Thes…GBHACKERS.COM
13 May KEVMicrosoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flawsToday is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. [...]BLEEPINGCOMPUTER.COM
13 MayZero-Day Attacks Highlight Another Busy Microsoft Patch TuesdayPatch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category. The post Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayIvanti fixes EPMM zero-days chained in code execution attacksIvanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. [...]BLEEPINGCOMPUTER.COM
13 MayMicrosoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flawssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2025-patch-tuesday-fixes-5-exploited-zero-days-72-flaws/SH.ITJUST.WORKS
13 May KEVMicrosoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-DayMicrosoft has released its May 2025 Patch Tuesday updates, addressing 72 security vulnerabilities across its software portfolio, including Windows, Microsoft Office, Azure, and Visual Studio. Microsoft patched a total of 72 vulnerabilities, including 29 related to Remote Code Exe…GBHACKERS.COM
13 MayMicrosoft to Lay Off About 3% of Its WorkforceThe tech giant didn’t disclose the total amount of lost jobs but it will amount to about 6,000 people. The post Microsoft to Lay Off About 3% of Its Workforce appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayAI Picked a Side… And Shocked Everyone 👀Tensions were high, minds were racing, and then one question brought the entire cybersecurity panel to a standstill. Even the AI had to pick a side. In this unexpected moment, what was said forced experts like Jeff Man, Mandy Logan, and Paul to reevaluate everything they thought …YOUTUBE.COM
13 MayAdobe Patches Big Batch of Critical-Severity Software FlawsAdobe Patch Tuesday headlined by a major Adobe ColdFusion update patching a wide swatch of code execution and privilege escalation attacks. The post Adobe Patches Big Batch of Critical-Severity Software Flaws appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayMicrosoft Patch Tuesday: May 2025, (Tue, May 13th)Today, Microsoft released its expected update for the May patch on Tuesday. This update fixes 78 vulnerabilities. 11 are rated as critical, and 66 as important. Five of the vulnerabilities have already been exploited and two were publicly known but not yet exploited. 70 of the vu…ISC.SANS.EDU
13 MayThe Clock Is Ticking: Why Phishing Remains The Fastest-Moving Cyber Threat in 2025Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: transforming your largest attack surface - your workforce - into your biggest security asset is crit…KNOWBE4.COM
13 MaySAP patches second zero-day flaw exploited in recent attacksSAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. [...]BLEEPINGCOMPUTER.COM
13 MayCritical Patches Issued for Microsoft Products, May 13, 2025Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
13 MayNews Alert: INE Security outlines top 5 training priorities emerging from RSAC 2025Cary, NC, May 13, 2025, CyberNewswire –Fresh from a high-impact presence at RSAC 2025, where INE Security welcomed thousands of visitors to its interactive booth at San Francisco’s Moscone Center, the global cybersecurity training and certification provider is addressing so…LASTWATCHDOG.COM
13 MayIs That Guy in the Lobby… Hacking Your System?A CVSS 10 vulnerability in Cisco's IOS XE for wireless controllers could let an attacker gain full root access—without even entering your building. Doug White breaks it down with a real-world twist: imagine the guy loitering in your lobby, Alienware laptop on his knees, already i…YOUTUBE.COM
13 May4 critical leadership priorities for CISOs in the AI eraEveryone knows CISOs aren’t really working that hard in those cushy offices. Heck, they’re only thwarting compliance nightmares, blocking costly cyberattacks, protecting employees from predatory phishing emails , and now dodging the feds. You know, just the little things needed t…CSOONLINE.COM
13 May12 AI terms you (and your flirty chatbot) should know by nowWith the meteoric rise of generative AI (genAI) in the past few years, from data-scientist discussion groups to mainstream news coverage, one thing has become crystal clear: It’s ChatGPT’s world — we’re just here to supply the prompts. The pace at which genAI tools have evolved i…CSOONLINE.COM
13 May KEVWhat’s New in Android Security and Privacy in 2025Posted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Android’s intelligent protections keep you safe from everyday dangers. Our dedication to your security is validated by security experts, who consistently rank top Android devices highest in security, and s…SECURITY.GOOGLEBLOG.COM
13 MayAdvanced Protection: Google’s Strongest Security for Mobile DevicesPosted by Il-Sung Lee, Group Product Manager, Android Security Protecting users who need heightened security has been a long-standing commitment at Google, which is why we have our Advanced Protection Program that provides Google’s strongest protections against targeted attacks. …SECURITY.GOOGLEBLOG.COM
13 MayMultiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Fortinet Products, the most severe of which could allow for arbitrary code execution. The products affected by vulnerabilities in this round of monthly Fortinet patches is: FortiADC is an application delivery controller (ADC) from …CISECURITY.ORG
📋 SECURITY BULLETINS 2[−]
13 MayApple Releases Security Patches to Fix Critical Data Exposure FlawsApple released critical security updates for macOS Sequoia 15.5 on May 12, 2025, addressing over 40 vulnerabilities across system components ranging from kernel-level memory corruption risks to app sandbox escapes. The patches target flaws that could allow attackers to access sen…GBHACKERS.COM
13 MayMicrosoft will update Office apps on Windows 10 until 2028Microsoft has backtracked on its plan to end support for Office apps on Windows 10 later this year and announced that it will continue providing security updates for three more years, until 2028. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 6[−]
13 MayCISA mutes own website, shifts routine cyber alerts to Musk’s X, RSS, email • The Registersubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/05/12/cisa_vulnerabilities_updates_x/INFOSEC.PUB
13 MayIAM 2025: Diese 10 Trends entscheiden über Ihre SicherheitsstrategieDie Kernaussage der EIC Conference 2025: IAM ist ein ganzheitlicher Architekturansatz und kein Toolset. Zolak – shutterstock.com Identity & Access Management (IAM) ist nicht länger eine Frage der Tool-Auswahl, sondern der Architektur. Diese Kernaussage prägte die European Ide…CSOONLINE.COM
13 MayFive Years Later: Evolving IoT Cybersecurity GuidelinesThe Background…and NIST’s Plan for Improving IoT Cybersecurity The passage of the Internet of Things (IoT) Cybersecurity Improvement Act in 2020 marked a pivotal step in enhancing the cybersecurity of IoT products. Recognizing the increasing internet connectivity of physical devi…NIST.GOV
🔥 INCIDENT REPORTING 14[−]
13 MaySuspected DoppelPaymer Ransomware Group Member ArrestedA 45-year-old individual was arrested in Moldova for his suspected involvement in DoppelPaymer ransomware attacks. The post Suspected DoppelPaymer Ransomware Group Member Arrested appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayINE Security Alert: Top 5 Takeaways from RSAC 2025Comprehensive Training Platform Delivers Solutions for AI Security, Cloud Management, and Incident Response Readiness. Fresh from a high-impact presence at RSAC 2025, where INE Security welcomed thousands of visitors to its interactive booth at San Francisco’s Moscone Center, the…GBHACKERS.COM
13 MayMarks & Spencer Says Data Stolen in Ransomware AttackMarks & Spencer has confirmed that personal information was stolen in a recent cyberattack claimed by a ransomware group. The post Marks & Spencer Says Data Stolen in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayMarks & Spencer confirms customers’ personal data was stolen in hackA ransomware gang reportedly took credit for the data breach.TECHCRUNCH.COM
13 MayCybercriminals Hide Undetectable Ransomware Inside JPG Imagessubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/undetectable-ransomware-inside-jpg-images/SH.ITJUST.WORKS
13 MayYou think ransomware is bad? Wait until it infects CPUssubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/05/11/cpu_ransomware_rapid7/SH.ITJUST.WORKS
13 MayA Subtle Form of Siege: DDoS Smokescreens as a Cover for Quiet Data Breachessubmitted by kid to cybersecurity 1 points | 0 comments https://www.tripwire.com/state-of-security/subtle-form-siege-ddos-smokescreens-cover-quiet-data-breachesSH.ITJUST.WORKS
13 MayAirline carrying out deportation flights confirms cyberattack to SECsubmitted by kid to cybersecurity 1 points | 0 comments https://therecord.media/airline-carrying-out-deportation-flights-confirms-cyberattack-secSH.ITJUST.WORKS
13 MayMarks & Spencer Confirms Customer Data Breach in Recent Cyber AttackBritish retail giant Marks & Spencer has officially confirmed that customer personal data was compromised during a cyber attack that began three weeks ago. The retailer revealed that the breach affects potentially millions of customers whose information has been stolen, thoug…GBHACKERS.COM
13 MayTwo years’ jail for down-on-his-luck man who sold ransomware onlineA man has been jailed in Ireland for two years after pleading guilty to offences related to his illegal online business that sold ransomware and other malware, as well as stolen credit card details, and false bank accounts. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
13 MayGovernment email alert system GovDelivery used to send scam messagesThe state of Indiana attributed the scam emails to a compromised contractor's account.TECHCRUNCH.COM
13 MayTwilio denies breach following leak of alleged Steam 2FA codesTwilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. [...]BLEEPINGCOMPUTER.COM
13 MayLooks Like a Resume. It’s Actually a Backdoor…When a file looks like a legit resume but secretly hides a JavaScript payload called “More_eggs,” it’s not a job opportunity—it’s an attack. In this short, cybersecurity expert Doug White explains how attackers like VenomSpider target professionals with fake job applications that…YOUTUBE.COM
13 MayThe Cyber Ransom Debate: Pay Up or Shut Down?When ransomware strikes, cybersecurity professionals face a brutal decision—protect business continuity by paying off attackers, or take a stand and risk prolonged chaos. In this short, Aaran breaks down the real-world tension behind ransomware attacks and delivers a bold profess…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 32[−]
13 MayISC Stormcast For Tuesday, May 13th, 2025 https://isc.sans.edu/podcastdetail/9448, (Tue, May 13th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
13 MayEarth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in TaiwanTrend™ Research discusses the evolving tradecraft of threat actor Earth Ammit, proven by the advanced toolset used in its TIDRONE and VENOM campaigns that targeted the drone supply chain.TRENDMICRO.COM
13 MayAuthor’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoatedThe cybersecurity landscape has never moved faster — and the people tasked with defending it have never felt more exposed. Related: How real people are really using GenAI Today’s Chief Information Security Officers (CISOs) operate in a pressure cooker: responsible … (more…)…LASTWATCHDOG.COM
13 MayCobalt Strike 4.11.1 Released With SSL Checkbox FixCobalt Strike has announced the release of version 4.11.1, an out-of-band update addressing several critical issues discovered in the previous 4.11 release. The update primarily fixes a module stomping issue that could cause system crashes in specific circumstances, resolves prob…GBHACKERS.COM
13 MayResearchers Uncover Remote IT Job Fraud Scheme Involving North Korean NationalsThe United States indicted fourteen North Korean nationals for orchestrating a sophisticated scheme to secure remote IT jobs at American companies and nonprofits using stolen identities. This operation, which has funneled at least $88 million USD to the North Korean government (D…GBHACKERS.COM
13 MayOrca Snaps Up Opus in Cloud Security Automation PushOrca positioned the deal as an expansion of its capabilities into the realm of AI-based autonomous remediation and prevention. The post Orca Snaps Up Opus in Cloud Security Automation Push appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayRepeated Firmware Key-Management Failures Undermine Intel Boot Guard and UEFI Secure BootThe security of fundamental technologies like Intel Boot Guard and UEFI Secure Boot has been seriously questioned due to persistent cryptographic key management issues within the UEFI firmware ecosystem, which have been exposed in a number of concerning exposes. These mechanisms,…GBHACKERS.COM
13 MayPupkinStealer Targets Windows Users to Steal Browser Login CredentialsA newly identified information-stealing malware dubbed PupkinStealer has emerged as a significant threat to Windows users, with its first sightings reported in April 2025. Written in C# using the .NET framework, this malicious software is engineered to pilfer sensitive data, incl…GBHACKERS.COM
13 MayNorth Korean Konni APT Targets Ukraine with Malware to track Russian Invasion ProgressThe North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia. Enterprise security firm Proofpoint said the end goal of the campaign is to collect i…THEHACKERNEWS.COM
13 MayPhishing Scams on the Rise with Sophisticated PhaaS Toolkits and Realistic Fake Pagessubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/phishing-scams-on-the-rise-with-sophisticated-phaas/SH.ITJUST.WORKS
13 MayHackers Weaponizing PDF Invoices to Attack Windows, Linux & macOS Systemssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/hackers-weaponizing-pdf-invoices/SH.ITJUST.WORKS
13 MayPhishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detectionsubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/phishing-campaign-uses-blob-urls/SH.ITJUST.WORKS
13 May4 Hackers Arrested After Millions Made in Global Botnet Businesssubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/endpoint-security/4-hackers-arrested-global-botnet-businessSH.ITJUST.WORKS
13 MayApple Patches Major Security Flaws in iOS, macOS Platformssubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/apple-patches-major-security-flaws-in-ios-macos-platforms/SH.ITJUST.WORKS
13 MayFake image-to-video AI sites deliver novel ‘Noodlophile’ infostealersubmitted by kid to cybersecurity 2 points | 0 comments https://www.scworld.com/brief/fake-image-to-video-ai-sites-deliver-novel-noodlophile-infostealerSH.ITJUST.WORKS
13 MaySpain investigates cyber weaknesses at small power plants after blackout, FT reportssubmitted by kid to cybersecurity 2 points | 0 comments https://www.reuters.com/business/energy/spain-investigates-cyber-weaknesses-small-power-plants-after-blackout-ft-reports-2025-05-13/SH.ITJUST.WORKS
13 MayScattered Spider Launches Supply Chain Attacks on UK Retail OrganizationsScattered Spider, also known as Roasting 0ktapus and Scatter Swine, has emerged as a formidable threat actor targeting UK retail organizations. Active since May 2022, this financially motivated group has historically focused on telecommunications and business process outsourcing …GBHACKERS.COM
13 MayAdvancing Cybersecurity in AustraliaPalo Alto Networks Prisma Access Browser Achieves IRAP Assessment Government organisations and critical infrastructure entities are the custodians of some of the most important and sensitive data in the world. This data … The post Advancing Cybersecurity in Australia appear…PALOALTONETWORKS.COM
13 MaySharing Intelligence Beyond CTI Teams, Across Wider Functions and DepartmentsCTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams. The post Sharing Intelligence Beyond CTI Teams, Across Wider Functions and Departments appeared first on SecurityWeek .SECURITYWEEK.COM
13 MayNorth Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progresssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/north-korean-konni-apt-targets-ukraine.htmlSH.ITJUST.WORKS
13 MayScattered Spider Launches Supply Chain Attacks on UK Retail Organizationssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/scattered-spider-launches-supply-chain-attacks/SH.ITJUST.WORKS
13 MayOne Paste = One Stolen Wallet (Cybersecurity Alert)Cybersecurity expert Doug White reveals a chilling new tactic hackers use—without breaking into your device. This short explains how a simple clipboard monitoring malware called a “clipper” can silently replace your copied crypto wallet address with the attacker’s, stealing your …YOUTUBE.COM
13 MaySwan Vector APT Targets Organizations with Malicious LNK and DLL ImplantsA newly identified advanced persistent threat (APT) campaign, dubbed “Swan Vector” by Seqrite Labs, has been targeting educational institutions and mechanical engineering industries in East Asian nations, particularly Taiwan and Japan. Discovered in April 2025, this c…GBHACKERS.COM
13 MayResearchers Introduce Mythic Framework Agent to Enhance Pentesting Tool PerformancePenetration testing is still essential for upholding strong security procedures in a time when cybersecurity threats are changing quickly. Recently, a team of security professionals has announced significant advancements in penetration testing tools with the introduction of a new…GBHACKERS.COM
13 MayUK Considers New Enterprise IoT Security Lawsubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/government-enterprise-iot-security/SH.ITJUST.WORKS
13 MayNew Intel CPU flaws leak sensitive data from privileged memorysubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-intel-cpu-flaws-leak-sensitive-data-from-privileged-memory/SH.ITJUST.WORKS
13 MayGovernment email alert system GovDelivery used to send scam messagessubmitted by neme to cybersecurity 2 points | 0 comments https://techcrunch.com/2025/05/13/government-email-alert-system-govdelivery-used-to-send-scam-messages/SH.ITJUST.WORKS
13 MayHow to Protect Your Business from Scattered Spider's Latest Attack MethodsMandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.KNOWBE4.COM
13 MayNorth Korea ramps up cyberspying in Ukraine to assess war riskThe state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations. [...]BLEEPINGCOMPUTER.COM
13 MayDeepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation - SWN #476Deepfake porn, South Korea, Operation Moonlander, Chinese AI, FBI, AI use damages professional reputation, Joshua Marpet and More Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-476YOUTUBE.COM
13 MayIntel data-leaking Spectre defenses scared off once againsubmitted by cm0002 to cybersecurity 0 points | 0 comments https://www.theregister.com/2025/05/13/intel_spectre_race_condition/INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 2[−]
13 MayDeepfake Defense in the Age of AIThe cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage large language models (LLMs) to impersonate trusted individuals and automate these social engineering tactics at scale.  Let’s review the status of these rising …THEHACKERNEWS.COM
13 MayAndroid 16 expands 'Advanced Protection' with device-level securityGoogle is announcing improvements for the Advanced Protection feature in Android 16 that strengthen defenses against sophisticated spyware attacks. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
13 MayThe AI Fix #50: AI brings dead man back for killer’s trial, and the judge loves itIn episode 50 of The AI Fix, AI brings a slain man back from the dead so he can appear at his killer's trial, Mark gets a mysterious phone call, Trump uses AI to become Pope Donald the First, Zuck ponders the nature of friendship, Apple says the quiet part out loud, xAI springs a…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 13[−]
13 MayIntroducing the Sophos MSP Elevate programAccelerating MSP business growth and elevating customers' defenses with differentiated cybersecurity products and services.SOPHOS.COM
13 MayIncrease Red Team Operations 10X with Adversarial Exposure ValidationRed teams uncover what others miss — but they can't be everywhere, all the time. Adversarial Exposure Validation combines BAS + Automated Pentesting to extend red team impact, uncover real attack paths, and validate defenses continuously. Learn more from Picus Security on how AEV…BLEEPINGCOMPUTER.COM
13 MayCybersecurity Isn’t Insurance — It’s Survival!When Jason stepped into his cybersecurity leadership role, he didn’t wait around for approval — he went straight to the CEO and CFO. Most executives still treat cybersecurity like it’s just IT insurance, but Jason knew better. He broke that mindset and positioned security as a st…YOUTUBE.COM
13 MayNew Intel CPU flaws leak sensitive data from privileged memoryA new "Branch Privilege Injection" flaw in all modern Intel CPUs allows attackers to leak sensitive data from memory regions allocated to privileged software like the operating system kernel. [...]BLEEPINGCOMPUTER.COM
13 MayHow CISOs Quietly Influence Billions in Revenue!Most people think CISOs are just security experts, but the truth is—they're secretly driving billions in revenue! 💰 Yet, many don't even realize the impact they have on a company’s bottom line. When CISOs shift from being seen as a cost center to a profit driver, they unlock a wh…YOUTUBE.COM
13 MayGoogle announces new security features for Android for protection against scam and theftAt the Android Show on Tuesday, ahead of Google I/O, Google announced new security and privacy features for Android. These new features include new protections for calls, screen sharing, messages, device access, and system-level permissions. With these features, Google aims to pr…TECHCRUNCH.COM
13 MayWindows 10 KB5058379 update fixes SgrmBroker errors in Event ViewerMicrosoft has released the KB5058379 cumulative update for Windows 10 22H2 and Windows 10 21H2, with four fixes and changes, including one for an SGRMBroker bug. [...]BLEEPINGCOMPUTER.COM
13 MayWindows 11 KB5058411 and KB5058405 cumulative updates releasedMicrosoft has released Windows 11 KB5058411 and KB5058405 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]BLEEPINGCOMPUTER.COM
13 MayCybersecurity Is Teamwork... and Tech HeadachesMost people think cybersecurity is all hacking and coding—but here’s the reality: endless meetings, constant communication, and navigating AI-powered workflows. In this short clip, real professionals open up about what a day in cybersecurity really looks like. It's not just solo …YOUTUBE.COM
13 MayGoogle introduces Advanced Protection mode for its most at-risk Android usersA single flip of a settings button enables a host of defenses against hacking.ARSTECHNICA.COM
13 MayNineteen Sophos Women Recognized by CRN’s Women of the ChannelCRN honors Sophos women whose channel expertise and vision are deserving of recognition.SOPHOS.COM
13 MayTrend Micro Puts a Spotlight on AI at Pwn2Own BerlinGet a sneak peak into how Trend Micro's Pwn2Own Berlin 2025 is breaking new ground, focusing on AI infrastructure and finding the bugs to proactively safeguard the future of computing.TRENDMICRO.COM
13 MayxAI’s promised safety report is MIAElon Musk’s AI company, xAI, has missed a self-imposed deadline to publish a finalized AI safety framework, as noted by watchdog group The Midas Project. xAI isn’t exactly known for its strong commitments to AI safety as it’s commonly understood. A recent report…TECHCRUNCH.COM