🚨 CISA KEV 2[−]
14 May KEVCISA adds the notorious TeleMessage flaw to KEV listCISA has added a medium-severity vulnerability discovered in TeleMessage TM SGNL, the messaging application that was used by the former national security advisor Mike Waltz, to its Known Exploited Vulnerabilities (KEV) Catalog. The modified version of the more famous Signal app, …CSOONLINE.COM
14 May KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2025-32756 Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malic…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 22[−]
14 May KEVPatch Tuesday for May: Five zero day vulnerabilities CISOs should focus onCISOs need to pay attention to patching five zero day Windows vulnerabilities and two other holes with available proof-of-concept exploits among the 70 fixes issued today by Microsoft in its May Patch Tuesday releases. Mike Walters, president of Action1, told CSO that leaders sho…CSOONLINE.COM
14 MayFortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice SystemsFortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0. "A stack-based overflow vulnerability [CWE-…THEHACKERNEWS.COM
14 MayIvanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited AttacksIvanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities in question are listed below - CVE-2025-4427 (CVSS score: 5.3) - An authentication by…THEHACKERNEWS.COM
14 May KEVCritical 0-Day in Windows DWM Enables Privilege EscalationMicrosoft has disclosed a significant security vulnerability (CVE-2025-30400) affecting the Windows Desktop Window Manager (DWM) that is actively being exploited in the wild. The flaw, rated as “Important” with a CVSS score of 7.8, allows attackers with local access t…GBHACKERS.COM
14 MayNew Windows RDP Vulnerability Enables Network-Based AttacksMicrosoft has disclosed two critical vulnerabilities in its Windows Remote Desktop services that could allow attackers to execute arbitrary code on vulnerable systems over a network. Designated CVE-2025-29966 and CVE-2025-29967, these heap-based buffer overflow flaws affect the W…GBHACKERS.COM
14 MayNew Microsoft Scripting Engine Vulnerability Exposes Systems to Remote Code AttacksCritical zero-day vulnerability in Microsoft’s Scripting Engine (CVE-2025-30397) has been confirmed to enable remote code execution (RCE) attacks over networks, raising urgent concerns for enterprises and individual users alike. The flaw, classified as a type confusion weakness (…GBHACKERS.COM
14 May KEVWindows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin AccessMicrosoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock, tracked as CVE-2025-32709. This use-after-free flaw enables local attackers with basic user privileges to gain SYSTEM-level access, p…GBHACKERS.COM
14 MayCritical Samsung MagicINFO 9 Server Flaw Allows Arbitrary File WritesSamsung’s SmartTV and digital signage ecosystem faces renewed cybersecurity scrutiny following the disclosure of a critical path traversal vulnerability (CVE-2025-4632) in its MagicINFO 9 Server platform. The flaw, cataloged as SVE-2025-50001 and addressed in the May 2025 Securit…GBHACKERS.COM
14 May KEVWindows CLFS Zero-Day Vulnerability Actively Exploited in the WildMicrosoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being exploited in the wild. Released on May 13, 2025, the vulnerabilities-identified as CVE-2025-32706 and CVE-2025-32701-both allow local privile…GBHACKERS.COM
14 MayChinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical InfrastructureEclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat actors launched a high-tempo exploitation campaign agai…GBHACKERS.COM
14 MayMicrosoft Alerts on AD CS Flaw Enabling Remote Denial-of-Service AttacksMicrosoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as CVE-2025-29968, which could allow authenticated attackers to disrupt critical certificate management operations over a network. Rated Importa…GBHACKERS.COM
14 MayNeue EU-Schwachstellen-Datenbank geht an den StartDie neue EU-Schwachstellen-Datenbank EUVD soll das CVE-Programm ergänzen. artjazz – shutterstock.com Seit dieser Woche verfügt die Technologiebranche über eine neue Datenbank, um die neuesten Sicherheitslücken in Software zu überprüfen: die European Union Vulnerability Database (…CSOONLINE.COM
14 MayMicrosoft Defender Vulnerability Allows Unauthorized Privilege GainNewly disclosed vulnerability in Microsoft Defender for Endpoint (CVE-2025-26684) exposes systems to local privilege escalation attacks by exploiting improper handling of file paths. Rated Important with a CVSS score of 6.7, the flaw enables authenticated attackers with high priv…GBHACKERS.COM
14 MayCritical Vulnerability in Windows Remote Desktop Gateway Allows Denial-of-Service AttacksMicrosoft has disclosed two critical vulnerabilities in its Remote Desktop Gateway (RDG) service, posing significant risks to organizational networks. CVE-2025-26677 and CVE-2025-29831, both rated Important by Microsoft, enable denial-of-service (DoS) attacks and remote code exec…GBHACKERS.COM
14 MayCritical Microsoft Outlook Flaw Enables Remote Execution of Arbitrary CodeNewly disclosed vulnerability in Microsoft Outlook (CVE-2025-32705) permits attackers to execute arbitrary code on compromised systems through a memory corruption flaw. Rated 7.8 (CVSS v3.1) and classified as Important by Microsoft, this out-of-bounds read vulnerability (CWE-125)…GBHACKERS.COM
14 MayChina-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures in UK, U.S., and Saudi Arabiasubmitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures cross-posted from: lemmy.sdf.org/post/34536054 Archived China-Nexus Nation State Act…INFOSEC.PUB
14 MayChina-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures in UK, U.S., and Saudi Arabiasubmitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://blog.eclecticiq.com/china-nexus-nation-state-actors-exploit-sap-netweaver-cve-2025-31324-to-target-critical-infrastructures Archived China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to T…SH.ITJUST.WORKS
14 MayNew Adobe Photoshop Vulnerability Enables Arbitrary Code ExecutionAdobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in Photoshop 2024 and 2025 that could enable arbitrary code execution on Windows and macOS systems. The flaws, discovered by external resea…GBHACKERS.COM
14 MaySevere Adobe Illustrator Flaw Allows Remote Code ExecutionAdobe has issued an urgent security update for its widely used graphic design software, Adobe Illustrator, following the discovery of a critical heap-based buffer overflow vulnerability tracked as CVE-2025-30330. This flaw, which allows arbitrary code execution on affected system…GBHACKERS.COM
14 MayNews alert: INE Security highlights monthly CVE Labs aimed at sharpening real-world defenseCary, NC, May 14, 2025, CyberNewswire — INE Security , a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security…LASTWATCHDOG.COM
14 May KEVSamsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 ExploitSamsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw. "Improper limitation of a path…THEHACKERNEWS.COM
14 May KEVIvanti patches two EPMM flaws exploited in the wildIT software company Ivanti released emergency patches for its enterprise mobile device management (MDM) solution after learning of in-the-wild attacks exploiting two previously unknown vulnerabilities. The two flaws have moderate and high severity, but when combined in an exploit…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 31[−]
14 MaySpain to vet power plants’ cybersecurity for ‘great blackout’ causeThe Spanish government has yet to determine the specific causes of the blackout that left the country without power for an entire day on April 28. Discovering the cause, as Prime Minister Pedro Sánchez announced in an appearance before Congress on May 7, “will take some time,” as…CSOONLINE.COM
14 MayMark's and Spencer Data Breach, Vulnerable Routers, Fortinet Exploits, and New Ransomware ThreatsIn this episode of Cybersecurity Today, host Jim Love covers recent cybersecurity incidents including a data breach at Mark's and Spencer, the FBI's alert on outdated routers being exploited, and critical Fortinet vulnerabilities actively used in attacks. Additionally, the episod…CYBERSECURITYTODAY.LIBSYN.COM
14 MayCritical Microsoft Office Vulnerabilities Enable Malicious Code ExecutionMicrosoft has addressed three critical security flaws in its Office suite, including two vulnerabilities rated Critical and one Important, all enabling remote code execution (RCE) via use-after-free memory corruption weaknesses. These vulnerabilities, disclosed between March and …GBHACKERS.COM
14 MayIvanti Patches Two EPMM Zero-Days Exploited to Hack CustomersIvanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution. The post Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayMicrosoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps ServerMicrosoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important…THEHACKERNEWS.COM
14 MayCISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - ... - BSW #395In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded intervie…YOUTUBE.COM
14 May KEVFortinet Patches Zero-Day Exploited Against FortiVoice AppliancesFortinet has patched a dozen vulnerabilities, including a critical flaw exploited in the wild against FortiVoice instances. The post Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayWeaponized PyPI Package Targets Developers to Steal Source CodeSecurity researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on developers working with the Solana blockchain, serving as a terrifying reminder of the ongoing hazards that lurk in the open-source software…GBHACKERS.COM
14 MayResearchers discover new security vulnerability in Intel processorssubmitted by Pro to cybersecurity 1 points | 0 comments https://ethz.ch/en/news-and-events/eth-news/news/2025/05/eth-zurich-researchers-discover-new-security-vulnerability-in-intel-processors.htmlINFOSEC.PUB
14 MayLearning How to Hack: Why Offensive Security Training Benefits Your Entire Security TeamOrganizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirme…THEHACKERNEWS.COM
14 MayEU Cybersecurity Agency ENISA Launches European Vulnerability DatabaseExperts say the European Vulnerability Database, or EUVD, should be a good resource, but only if ENISA manages to maintain it properly. The post EU Cybersecurity Agency ENISA Launches European Vulnerability Database appeared first on SecurityWeek .SECURITYWEEK.COM
14 MaySAP patches second zero-day flaw exploited in recent attackssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/sap-patches-second-zero-day-flaw-exploited-in-recent-attacks/SH.ITJUST.WORKS
14 MayPatch Tuesday, May 2025 EditionMicrosoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond are fixes for tw…KREBSONSECURITY.COM
14 MayMicrosoft Defender Vulnerability Allows Attackers to Elevate Privilegessubmitted by kid to cybersecurity 3 points | 0 comments https://cybersecuritynews.com/microsoft-defender-vulnerability-allows-attackers/SH.ITJUST.WORKS
14 MayThreat Actors Exploit AI and LLM Tools for Offensive Cyber OperationsA recent report from the S2W Threat Intelligence Center, TALON, sheds light on the escalating misuse of generative AI and large language models (LLMs) by threat actors on the dark web for malicious cyber operations. As LLMs like ChatGPT, Claude, and DeepSeek grow in capability, t…GBHACKERS.COM
14 MayNation-State Actors Target Healthcare Institutions to Sabotage IT and OT SystemsThe nation-state actors have increasingly set their sights on healthcare institutions worldwide, launching sophisticated cyberattacks aimed at disrupting both Information Technology (IT) and Operational Technology (OT) systems. These attacks, often orchestrated by state-sponsored…GBHACKERS.COM
14 MayFashion giant Dior discloses cyberattack, warns of data breachHouse of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information. [...]BLEEPINGCOMPUTER.COM
14 MayKatz Stealer Malware Hits 78+ Chromium and Gecko-Based BrowsersNewly disclosed information-stealing malware dubbed Katz Stealer has emerged as a significant threat to users of Chromium and Gecko-based browsers, with capabilities to extract sensitive data from over 78 browser variants. Developed in C and Assembly (ASM) for lightweight efficie…GBHACKERS.COM
14 MayChipmaker Patch Tuesday: Intel, AMD, Arm Respond to New CPU AttacksIntel, AMD and Arm each published security advisories on Patch Tuesday, including for newly disclosed CPU attacks. The post Chipmaker Patch Tuesday: Intel, AMD, Arm Respond to New CPU Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayResearchers Unveil New Mechanism to Track Compartmentalized Cyber ThreatsCisco Talos, in collaboration with The Vertex Project, has introduced an innovative approach to tackle the rising complexity of compartmentalized cyber threats. As modern cyberattacks increasingly involve multiple threat actors executing distinct stages of an attack kill chain-su…GBHACKERS.COM
14 MaySteel giant Nucor Corporation facing disruptions after cyberattackA cybersecurity incident on Nucor Corporation's systems forced the company to take offline parts of its networks and implement containment measures. [...]BLEEPINGCOMPUTER.COM
14 MayFocused Phishing: Attack Targets Victims With Trusted Sites and Live ValidationNew phishing tactics are abusing trusted domains, real CAPTCHAs, and server-side email validation to selectively target victims with customized fake login pages. Keep Aware's latest research breaks down the full attack chain and how these zero-day phish operate. [...]BLEEPINGCOMPUTER.COM
14 MayThreat Actors Leverage Weaponized HTML Files to Deliver Horabot MalwareA recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by threat actors deploying Horabot malware, predominantly targeting Spanish-speaking users in Latin America. This high-severity threat, detailed in the 2025 Global Threat Landscape Report,…GBHACKERS.COM
14 May KEVMicrosoft primes 71 fixes for May Patch TuesdayFive issues actively exploited in the wild, but the real excitement may have been handled in advanceSOPHOS.COM
14 MayAustralian Human Rights Commission leaks docs to search enginesThe Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines. [...]BLEEPINGCOMPUTER.COM
14 MayRansomware gangs join ongoing SAP NetWeaver attacksRansomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers. [...]BLEEPINGCOMPUTER.COM
14 MayBianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic TrojanAt least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, …THEHACKERNEWS.COM
14 MayThis One Word Is Wasting Millions in CybersecurityEveryone in tech says "be polite to AI"... but at what cost? In this short, cybersecurity experts reveal how simple words like “please” and “thank you” are secretly draining millions in compute resources. It's a wild reality check on how language, AI, and infrastructure collide. …YOUTUBE.COM
14 MayCyber CEO Arrested… Or Was He? 👀 #ITDramaWhat really happened to the cybersecurity CEO? 🚨 Was he arrested—or is that just the internet doing its thing again? In this short, Rob Allen spills the details on a bizarre case involving malware, a public hospital, and a suspiciously placed waiting room computer. It’s got drama…YOUTUBE.COM
14 MayMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. D…CISECURITY.ORG
14 MayRisky Business #791 -- Woof! Copilot for Sharepoint coughs up creds and keysOn this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back! The ransomware ecosystem is finding life a bit tough lately SAP Netweaver bug being used by Chinese APT crew…RISKY.BIZ
📋 SECURITY BULLETINS 2[−]
14 MayICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix ContactIndustrial giants Siemens, Schneider Electric and Phoenix Contact have released ICS security advisories on the May 2025 Patch Tuesday. The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayMicrosoft fixes Linux boot issues on dual-boot Windows systemsMicrosoft has fixed a known issue preventing Linux from booting on dual-boot systems with Secure Boot enabled after installing the August 2024 Windows security updates. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 14[−]
14 MayKosovar Administrator of Cybercrime Marketplace Extradited to USKosovo citizen Liridon Masurica has appeared in a US court, facing charges for his role in operating the cybercrime marketplace BlackDB.cc. The post Kosovar Administrator of Cybercrime Marketplace Extradited to US appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayGoogle Chrome to block admin-level browser launches for better securityGoogle is rolling out a change to Chromium that "de-elevates" Google Chrome so it does not run as an administrator to increase security in Windows. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 7[−]
14 MayMarks & Spencer räumt Cyberangriff einDer britische Retail-Riese Marks & Spencer wurde von Cyberkriminellen heimgesucht und kämpft nun mit den Folgen. WD Stock Photos | shutterstock.com Wie Marks & Spencer (M&S) im Rahmen eines “ Cyber Incident Update ” vom 22. April mitteilte, hat die Unternehmensgruppe …CSOONLINE.COM
14 MayEarth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE CampaignsA cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors. …THEHACKERNEWS.COM
14 MayTwilio denies breach following leak of alleged Steam 2FA codessubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/twilio-denies-breach-following-leak-of-alleged-steam-2fa-codes/SH.ITJUST.WORKS
14 MayAustralian Human Rights Commission Data Breach Exposes Sensitive Documents Submitted via Websitesubmitted by kid to cybersecurity 1 points | 0 comments https://securityonline.info/australian-human-rights-commission-data-breach-exposes-sensitive-documents-submitted-via-website/SH.ITJUST.WORKS
14 MayHealthcare Cyberattacks in 2024 Expose 276 Million Patient Records CompromisedThe healthcare sector faced an unprecedented wave of cyber threats, with a staggering 92% of organizations reporting at least one cyberattack. This alarming statistic resulted in the compromise of over 276 million patient records, equating to approximately 758,000 records breache…GBHACKERS.COM
14 MayWhy Critical Infrastructure Might Be Next in the Cyber WarGovernments might be preparing for a massive cybersecurity shift — and critical infrastructure is right in the crosshairs. In this short, Aaran breaks down a bold 3-phase plan to fight ransomware by banning payments, starting with high-risk sectors. Could this really disrupt the …YOUTUBE.COM
14 MayRansomware gangs join ongoing SAP NetWeaver attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/ransomware-gangs-join-ongoing-sap-netweaver-attacks/SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 21[−]
14 MayISC Stormcast For Wednesday, May 14th, 2025 https://isc.sans.edu/podcastdetail/9450, (Wed, May 14th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
14 MayEarth Ammit Hackers Deploy New Tools to Target Military DronesThe threat actor group known as Earth Ammit, believed to be associated with Chinese-speaking APTs, has emerged as a significant concern for military and industrial sectors in Eastern Asia. This group orchestrated two distinct campaigns-VENOM and TIDRONE-primarily targeting Taiwan…GBHACKERS.COM
14 MayResearchers Unveil New Threat-Hunting Techniques to Detect Azure Managed Identity AbuseA group of cybersecurity specialists from Hunters, working under the prestigious Team Axon, have presented sophisticated threat-hunting techniques in a ground-breaking research paper titled “Mastering Azure Managed Identities: Attack & Defense, Part 2,” with the g…GBHACKERS.COM
14 MayAs US vuln-tracking falters, EU enters with its own security bug databasesubmitted by neme to cybersecurity 4 points | 0 comments https://www.theregister.com/2025/05/13/eu_security_bug_database/SH.ITJUST.WORKS
14 MayVulnerabilities Patched by Juniper, VMware and ZoomJuniper Networks, VMware, and Zoom have announced patches for dozens of vulnerabilities across their products. The post Vulnerabilities Patched by Juniper, VMware and Zoom appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayGoogle’s Advanced Protection Now on AndroidGoogle has extended its Advanced Protection features to Android devices. It’s not for everybody, but something to be considered by high-risk users. Wired article , behind a paywall.SCHNEIER.COM
14 MayVulnerabilities Patched by Juniper, VMware and Zoomsubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/vulnerabilities-patched-by-juniper-vmware-and-zoom/SH.ITJUST.WORKS
14 MayHorabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emailssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/horabot-malware-targets-6-latin.htmlSH.ITJUST.WORKS
14 MayUnit 42 Develops Agentic AI Attack FrameworkThreat actors are advancing AI strategies and outpacing traditional security. CXOs must critically examine AI weaponization across the attack chain. The post Unit 42 Develops Agentic AI Attack Framework appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
14 MayHackers Weaponize KeePass Password Manager to Deliver Malware & Steal Passwordssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/hackers-weaponize-keepass-password-manager/SH.ITJUST.WORKS
14 May89 million Steam account details just got leaked, so now's a good time to change your passwordsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.xda-developers.com/89-million-steam-account-details-leak/INFOSEC.PUB
14 MayNew HTTPBot Botnet Rapidly Expands to Target Windows MachinesThe HTTPBot Botnet, a novel Trojan developed in the Go programming language, has seen a sharp rise in activity since its first detection in August 2024. According to the latest findings from NSFOCUS Fuying Lab’s Global Threat Hunting system, HTTPBot has rapidly expanded its reach…GBHACKERS.COM
14 MayIs AI Use in the Workplace Out of Control?Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore. The post Is AI Use in the Workplace Out of Control? appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayTA406 Hackers Target Government Entities to Steal Login CredentialsThe North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni, has set its sights on Ukrainian government entities. Proofpoint researchers have uncovered a dual-pronged offensive involving both credential harvesting and malware deployment through highl…GBHACKERS.COM
14 MayGoogle Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop FilesGoogle Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect malicious .desktop files, a novel attack vector leveraged by threat actors to compromise systems. Initially documented by Zscaler researchers in 2023, this technique involves the…GBHACKERS.COM
14 MayHow to Use the WRONG Remote Desktop (Microsoft Style) 🧠💥Microsoft strikes again with a naming disaster that's leaving cybersecurity pros scratching their heads. In this short, Doug White hilariously breaks down the chaos behind Microsoft’s latest app — the so-called Windows App, which isn't Windows, isn’t Remote Desktop, but somehow i…YOUTUBE.COM
14 MayInsight: Rogue communication devices found in Chinese solar power inverterssubmitted by floofloof to cybersecurity 1 points | 0 comments https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/SH.ITJUST.WORKS
14 MayUpcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak: I’m speaking (remotely) at the Sektor 3.0 Festival in Warsaw, Poland, May 21-22, 2025. The list is maintained on this page .SCHNEIER.COM
14 MayXinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea LaunderingA Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee. According to a report published by blockchain analytics firm E…THEHACKERNEWS.COM
14 MayGoogle Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance SpywareGoogle bundles multiple safeguards under a single Android toggle to protect high-risk users from advanced mobile malware implants. The post Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware appeared first on SecurityWeek .SECURITYWEEK.COM
14 MayCaught Being a Nerd in Public? This Happens…A group of cybersecurity pros gets hilariously sidetracked when a Star Trek reference drops mid-convo. From Wesley falling into a garden to mispronouncing Will Wheaton's name 10 different ways, this moment captures the exact chaos when geek culture crashes into infosec life. Proo…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
14 MayHorabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing EmailsCybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is "using crafted emails that im…THEHACKERNEWS.COM
14 MayHackers behind UK retail attacks now targeting US companiesGoogle warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
14 MaySmashing Security podcast #417: Hello, Pervert! – Sextortion scams and Discord disastersDon't get duped, doxxed, or drained! In this episode of "Smashing Security" we dive into the creepy world of sextortion scams, and investigate how crypto wallet firm Ledger's Discord server was hijacked in an attempt to phish for cryptocurrency recovery phrases. All this and more…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 8[−]
14 MayAnother day, another phishing campaign abusing google.com open redirects, (Wed, May 14th)A couple of weeks ago, I came across a phishing campaign that highlights a recurring issue with open redirect vulnerabilities in well-known and trusted services.
ISC.SANS.EDU
14 MayHow to implement zero trust: first steps and success factorsKey guides for implementing zero trust in your company, and how to avoid common mistakes.KASPERSKY.COM
14 MayKosovo extradites BlackDB admin to face US cybercrime chargesA Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. [...]BLEEPINGCOMPUTER.COM
14 MayCTM360 Identifies Surge in Phishing Attacks Targeting Meta Business UsersA new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CT…THEHACKERNEWS.COM
14 MayThey Say Data Is Like Oil… But They’re WRONG! 🚨Everyone says “data is the new oil,” but they couldn’t be more wrong! 🚨 Unlike oil, data isn’t interchangeable—your data, my data, and everyone else’s are completely unique. 🔥 So why do people keep making this comparison? In this short, Dimitri Sirota breaks down why data is way …YOUTUBE.COM
14 MayA Cyber Expert’s Warning: If You Can’t Predict It, You Can’t Secure It!If security isn’t predictable, is it really secure? 🤔 Cybersecurity expert Tim MalcomVetter breaks down why randomness in security is a recipe for disaster. Without consistent responses to threats, proving security correctness becomes impossible—turning your defenses into pure ch…YOUTUBE.COM
14 MaySophos Firewall v21.5: DNS protectionHow to make the most of the new features in Sophos Firewall v21.5.SOPHOS.COM
14 MayWhite House scraps plan to block data brokers from selling Americans’ sensitive dataThe decision to reverse course comes after an industry lobby group called for the rule change to be withdrawn.TECHCRUNCH.COM