74Articles
8Categories
2025-05-16Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
16 MaySonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems AccessSonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability. The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthentic…GBHACKERS.COM
16 MayIvanti Endpoint Manager Vulnerabilities Allow Unauthenticated Remote Code ExecutionCritical vulnerability chain in Ivanti Endpoint Manager Mobile (EPMM) has exposed enterprise mobile device management systems to pre-authenticated remote code execution (RCE) attacks. The flaws, tracked as CVE-2025-4427 (authentication bypass) and CVE-2025-4428 (remote code execu…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
16 MayProofpoint buying Hornetsecurity in a play to expand email security scopeMore than of 90% of successful cyberattacks begin with emails, according to the US Cybersecurity and Infrastructure Security Agency (CISA), making them a critical asset that enterprises must protect. Cybersecurity vendor Proofpoint is looking to expand its reach in this area, ann…CSOONLINE.COM
16 MayDie besten IAM-ToolsIdentity & Access Management ist für sicherheitsbewusste Unternehmen im Zero-Trust-Zeitalter Pflicht. Das sind die besten IAM-Anbieter und -Tools. Foto: ne2pi – shutterstock.com Identität wird zum neuen Perimeter: Unternehmen verlassen sich immer seltener auf die traditionell…CSOONLINE.COM
16 MayDivine mandate: Chinese-linked cyber activity is the most common form of hybrid threat facing Australiasubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.defenceconnect.com.au/geopolitics-and-policy/16051-divine-mandate-chinese-linked-cyber-activity-is-the-most-common-form-of-hybrid-threat-facing-australia cross-posted from: lemmy.sdf.org/post/34652759 Arc…INFOSEC.PUB
16 MayDivine mandate: Chinese-linked cyber activity is the most common form of hybrid threat facing Australiasubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.defenceconnect.com.au/geopolitics-and-policy/16051-divine-mandate-chinese-linked-cyber-activity-is-the-most-common-form-of-hybrid-threat-facing-australia cross-posted from: lemmy.sdf.org/post/34652759 Arc…SH.ITJUST.WORKS
16 MayProofpoint Buys Hornetsecurity, A Microsoft 365 Security Specialist For $1 BillionCybersecurity giant Proofpoint has announced its agreement to acquire Hornetsecurity Group, a leading European provider of AI-powered Microsoft 365 security solutions. The deal, reportedly valued at $1 billion, is expected to close in the second half of 2025, although exact finan…GBHACKERS.COM
16 MayCybersecurity Updates: Major Ransomware Attacks Thwarted and Illegal Marketplaces Shut DownIn this episode, Jim Love discusses significant cybersecurity events including Coinbase's refusal to pay a $20 million ransom after a data breach, Broadcom's patch for VMware tools vulnerabilities, and Telegram's shutdown of two illegal marketplaces handling $35 billion in transa…CYBERSECURITYTODAY.LIBSYN.COM
16 MayHackers Win $260,000 on First Day of Pwn2Own Berlin 2025Pwn2Own participants have earned tens of thousands of dollars for Red Hat, Windows, Oracle VirtualBox, Docker Desktop, and AI exploits. The post Hackers Win $260,000 on First Day of Pwn2Own Berlin 2025 appeared first on SecurityWeek .SECURITYWEEK.COM
16 May[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern ApplicationsModern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don’t wait. They exploit…THEHACKERNEWS.COM
16 May KEVCISA tags recently patched Chrome bug as actively exploitedOn Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. [...]BLEEPINGCOMPUTER.COM
16 MayHackers Leveraging PowerShell to Bypass Antivirus and EDR DefensesCybersecurity researchers have uncovered a growing trend in which threat actors are exploiting Microsoft PowerShell a legitimate Windows command-line interface to bypass advanced antivirus and Endpoint Detection and Response (EDR) defenses. This technique, often termed as “Living…GBHACKERS.COM
16 MayResearchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 AttacksResearchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The…THEHACKERNEWS.COM
16 MayPwn2Own Day 1 – Windows 11, Red Hat Linux, & Oracle VirtualBox HackedSecurity researchers successfully illustrated significant vulnerabilities across several platforms on the first day of Pwn2Own Berlin 2025, taking home a total of $260,000 in prizes. The competition featured 11 different exploit attempts, including the inaugural AI category entri…GBHACKERS.COM
16 MayRussian APT Exploiting Mail Servers Against Government, Defense OrganizationsRussia-linked APT28 has been exploiting mail server vulnerabilities against government and defense entities since September 2023. The post Russian APT Exploiting Mail Servers Against Government, Defense Organizations appeared first on SecurityWeek .SECURITYWEEK.COM
16 MayJenkins Released Security Updates – Multiple Vulnerabilities Fixed That Allow Attackers to Exploit CI/CD PipelinesJenkins, the widely used automation server for CI/CD pipelines, has released a critical security advisory addressing several vulnerabilities in popular plugins. These flaws-ranging from authentication bypasses to cross-site scripting-could allow attackers to compromise Jenkins en…GBHACKERS.COM
16 MayHow to establish an effective AI GRC frameworkEnterprise use of artificial intelligence comes with a wide range of risks in areas such as cybersecurity, data privacy, bias and discrimination, ethics, and regulatory compliance. As such, organizations that create a governance, risk, and compliance (GRC) framework specifically …CIO.COM
16 May‘Would rather pay bounty than ransom’: Coinbase on $20M extortion attemptCoinbase, the largest crypto exchange in the US, is offering a $20 million bounty for information leading to those behind a May 2025 breach that compromised customer data. In a Wednesday evening filing with the Securities and Exchange Commission (SEC), the company said it was inf…CSOONLINE.COM
16 MayWindows Defender Application Control Bypassed Using Operationalizing Browser Exploitssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/windows-defender-application-control-bypassed/SH.ITJUST.WORKS
16 MayRansomware gangs increasingly use Skitnet post-exploitation malwareRansomware gang members increasingly use a new malware called Skitnet ("Bossnet") to perform stealthy post-exploitation activities on breached networks. [...]BLEEPINGCOMPUTER.COM
16 MayHackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2OwnDuring the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. [...]BLEEPINGCOMPUTER.COM
16 MayIsrael arrests new suspect behind Nomad Bridge $190M crypto hackAn American-Israeli national named Osei Morrell has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million. [...]BLEEPINGCOMPUTER.COM
16 MayCritical WordPress Plugin Flaw Puts Over 10,000 Sites of CyberattackA serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver Jackson, a member of the Patchstack Alliance community. This vulnerability in the plugin, which boasts over 10,000 active installations, allo…GBHACKERS.COM
16 MayWe Plugged It In… And It Called China! 😱A team of cybersecurity experts tested a smart device in a controlled lab environment—what they found was terrifying. The device immediately established a secret connection to China, adding hidden modules designed for ad fraud, proxy exploitation, and even hijacking Gmail and Wha…YOUTUBE.COM
16 MayCybersecurity’s Groundhog Day 🐿️Cyber pros Jason and Matthew dive into a brutally honest truth — after 16 years, we’re still battling the same four cybersecurity threats: ransomware, human error, third-party risk, and vulnerability. Nothing's changed. This short exposes the repetitive cycle the industry can't s…YOUTUBE.COM
📋 SECURITY BULLETINS 2[−]
16 MayWindows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker KeySecurity update KB5058379 for Windows 10, released in May 2025, is causing significant technical issues for numerous systems. Users report their devices are unexpectedly booting into Windows Recovery mode and requiring BitLocker recovery keys following the update installation. Wi…GBHACKERS.COM
16 MayMicrosoft confirms May Windows 10 updates trigger BitLocker recovery​Microsoft has confirmed that some Windows 10 and Windows 10 Enterprise LTSC 2021 systems will boot into BitLocker recovery after installing the May 2025 security updates. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 3[−]
16 MayTop 10 Best Practices for Effective Data ProtectionData is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you bui…THEHACKERNEWS.COM
16 MayChinese Agent Impersonate as Stanford Student For Intelligence GatheringChinese intelligence operative posing as a Stanford University student has been uncovered following an investigation into suspicious approaches made to students conducting China-related research. The agent, using the alias “Charles Chen,” targeted several students ove…GBHACKERS.COM
🔥 INCIDENT REPORTING 12[−]
16 MayResearchers Replicate Advanced Tactics and Tools of VanHelsing RansomwareCybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs) of the VanHelsing ransomware, a potent ransomware-as-a-service (RaaS) operation that surfaced in March 2025. This cyber threat has rapidly gained notoriety wi…GBHACKERS.COM
16 MayFrigidstealer Malware Targets macOS Users to Harvest Login CredentialsAn macOS users, a new information-stealing malware dubbed FrigidStealer has emerged as a formidable threat since January 2025. This insidious malware capitalizes on user trust by masquerading as routine browser updates, luring unsuspecting individuals into downloading a malicious…GBHACKERS.COM
16 MayPrescription for disaster: Sensitive patient data leaked in Ascension breachAscension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. Read more in my article on the Fortra blog.FORTRA.COM
16 MayIn Other News: Hackers Not Behind Blackout, CISO Docuseries, Dior Data BreachA summary of noteworthy stories that might have slipped under the radar this week. The post In Other News: Hackers Not Behind Blackout, CISO Docuseries, Dior Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
16 MayGoogle Warns UK Retailer Hackers Now Targeting USGoogle says the hacking group behind the recent cyberattacks on UK retailers is now shifting focus to the US. The post Google Warns UK Retailer Hackers Now Targeting US appeared first on SecurityWeek .SECURITYWEEK.COM
16 MayRansomware group uses ClickFix to attack businessesThe Interlock ransomware group is using the ClickFix technique to compromise corporate infrastructure. We explain how the attack works.KASPERSKY.COM
16 MayCybersecurity Chaos: The Easter Weekend Nightmare!When a major cyber threat drops right before a holiday, IT teams don’t get a break. That’s exactly what happened when EternalBlue and other vulnerabilities surfaced just before Easter weekend—forcing security teams to scramble, patch systems, and prevent potential disaster. Why d…YOUTUBE.COM
16 MayNew Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy PayloadsA newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack. Cybersecurity researchers have uncovered a multi-stage infection chain that begins with a deceptive PDF document titled “Pay Adjus…GBHACKERS.COM
16 MayAgentic AI Ransomware Is On Its WayAgentic AI-enabled ransomware is not here yet, but likely will be very soon. I am talking this year or by 2026.KNOWBE4.COM
16 MayThey Sort You by REVENUE Before Attacking!Hackers aren’t guessing who to target—they’re calculating. In this clip, Adrian Sanabria reveals how attackers literally use spreadsheets to sort thousands of vulnerable servers... by company revenue. The higher the revenue, the bigger the bullseye. It’s not personal. It’s busine…YOUTUBE.COM
16 MayUS man who hacked SEC’s X account to spike Bitcoin price sentenced to prisonThe Department of Justice announced Eric Council Jr. was sentenced to 14 months in prison for the hack.TECHCRUNCH.COM
16 MayTreat PII Like It's Radioactive... Or Go Bankrupt 💥When Kalyani Pawar drops the mic on data security, cybersecurity pros better listen. In this short, she exposes how a startup’s weak API authentication led to a catastrophic PII breach—and why personal data in 2025 should be treated like hazardous waste. With companies like Panda…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 26[−]
16 MayISC Stormcast For Friday, May 16th, 2025 https://isc.sans.edu/podcastdetail/9454, (Fri, May 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 MayTor Oniux Tool Offers Anonymous Linux App TrafficTor Project has unveiled oniux, a new command-line utility that provides comprehensive network isolation for Linux applications, ensuring all traffic routes exclusively through the Tor network. This tool aims to eliminate the risk of accidental data leaks that can occur with trad…GBHACKERS.COM
16 MayFileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based AttacksCybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office docum…THEHACKERNEWS.COM
16 MayHackers Target Industrial Automation Systems Using Over 11,600 Malware VariantsHackers are stepping up their attacks on Industrial Control Systems (ICS) in the first quarter of 2025, employing an arsenal of 11,679 different malware families. This is a worrying development for industrial cybersecurity. According to a Kaspersky security solutions Report, the …GBHACKERS.COM
16 MayFBI Warns of Deepfake Messages Impersonating Senior OfficialsThe FBI says former federal and state government officials are targeted with texts and AI-generated voice messages impersonating senior US officials. The post FBI Warns of Deepfake Messages Impersonating Senior Officials appeared first on SecurityWeek .SECURITYWEEK.COM
16 MayHacker stehlen BVG-KundendatenKunden der Berliner Verkehrsbetriebe (BVG) sind von einer Datenpanne betroffen. Media centre BVG Die Berliner Verkehrsbetriebe (BVG) haben ihre Kunden kürzlich über ein Datenleck informiert. Wie eine BVG-Sprecherin gegenüber dem Tagesspiegel betonte, erfolgte der IT-Angriff nicht…CSOONLINE.COM
16 MayFrom 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense GrowthThe 15th edition of NATO’s Locked Shields cyber defense exercise brought together 4,000 experts from 41 countries. The post From 60 to 4,000: NATO’s Locked Shields Reflects Cyber Defense Growth appeared first on SecurityWeek .SECURITYWEEK.COM
16 MaySSH Auth Key Reuse Uncovers Advanced Targeted Phishing CampaignA meticulously orchestrated phishing campaign targeting Kuwait’s fisheries, telecommunications, and insurance sectors has been exposed by Hunt.io researchers, revealing a sprawling network of over 230 malicious domains and a tightly knit cluster of servers. First detected i…GBHACKERS.COM
16 MayAPT Group 123 Targets Windows Systems in Ongoing Malicious Payload CampaignGroup123, a North Korean state-sponsored Advanced Persistent Threat (APT) group also known by aliases such as APT37, Reaper, and ScarCruft, continues to target Windows-based systems across multiple regions. Active since at least 2012, the group has historically focused on South K…GBHACKERS.COM
16 MayFBI Alerts Public to Malicious Campaign Impersonating US Government OfficialsFederal Bureau of Investigation has issued a warning about an ongoing malicious messaging campaign targeting current and former senior US government officials and their contacts. Since April 2025, threat actors have been impersonating high-ranking US officials through text messag…GBHACKERS.COM
16 MayOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
16 MayFrigidStealer Malware Hits macOS Users via Fake Safari Browser Updatessubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/frigidstealer-malware-macos-fake-safari-browser-update/SH.ITJUST.WORKS
16 MayFileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/fileless-remcos-rat-delivered-via-lnk.htmlSH.ITJUST.WORKS
16 MayCybercriminal Andrei Tarasov Escapes US Extradition, Returns to RussiaAndrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as “Aels,” has returned to Russia after evading US extradition. Released from Berlin’s Moabit Prison on January 5, 2024, Tarasov had been held for approximately six months followi…GBHACKERS.COM
16 MaySHARED INTEL Q&A: AI in the SOC isn’t all about speed — it’s more so about smoothing processThe SOC has long been the enterprise’s first line of defense. But despite years of investment in threat feeds and automation platforms, the same question persists: why does intelligence still struggle to translate into timely action? Related: IBM makes the … (more…) The pos…LASTWATCHDOG.COM
16 MayHealthcare Cyber-Attacks Intensify, Sector Now Prime Targetsubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/healthcare-cyber-attacks-intensify/SH.ITJUST.WORKS
16 MayKnowBe4 Leads the Charge Against Cybersecurity Threats with Unmatched AI CapabilitiesWhen it comes to artificial intelligence (AI) and human risk management (HRM), not all AI is created equal.KNOWBE4.COM
16 MayCommunications Backdoor in Chinese Power InvertersThis is a weird story : U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. [&#…SCHNEIER.COM
16 MayThe Internet Is a Mess… and AI Eats It UpAI was supposed to be the solution to our problems. But in this clip, cybersecurity expert Doug White flips that idea on its head. He exposes how artificial intelligence isn’t pulling knowledge from a pool of genius—it’s just regurgitating what’s already online… and a lot of that…YOUTUBE.COM
16 MayPrinter Company Distributes Malicious Drivers Infected with XRed MalwareProcolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code, including the notorious XRed backdoor malware. The issue came to light when Cameron Coward, a YouTuber behind the channel Serial Hobbyism, attempted to review a…GBHACKERS.COM
16 MaySophisticated NPM Attack Leverages Google Calendar2 for Advanced CommunicationA startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package os-info-checker-es6. First published on March 19, 2025, with initial versions appearing benign, the package rapidly evolved into a compl…GBHACKERS.COM
16 MayEmail-based Attacks Accounted for Most Cyber Insurance Claims Last YearBusiness email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.KNOWBE4.COM
16 MayFriday Squid Blogging: Pet Squid SimulationFrom Hackaday.com , this is a neural network simulation of a pet squid. Autonomous Behavior: The squid moves autonomously, making decisions based on his current state (hunger, sleepiness, etc.). Implements a vision cone for food detection, simulating realistic foraging behavior. …SCHNEIER.COM
16 MaySteganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More... - SWN #477Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-477YOUTUBE.COM
16 MayWeekly Update 452Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. Funny how excited people can get about something as simple as a sticker. They're always in hot demand and occupy an increasingly large portion of my luggage as w…TROYHUNT.COM
16 MayRisky Biz Soap Box: Push Security's browser-first twist on identity securityIn this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. Push has built an identity security platform that collects identity information and events from your users’ browsers. It can detect phish kits and shu…RISKY.BIZ
🌐 CYBER THREAT LANDSCAPE 2[−]
16 MayNew HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech SectorsCybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. "Over the past few months, it has expanded aggressively, c…THEHACKERNEWS.COM
16 MayPrinter maker Procolored offered malware-laced drivers for monthsFor at least half a year, the official software supplied with Procolored printers included malware in the form of a remote access trojan and a cryptocurrency stealer. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 4[−]
16 MayUS charges 12 more suspects linked to $230 million crypto theftTwelve more suspects were charged in a RICO conspiracy for their alleged involvement in the theft of over $230 million in cryptocurrency and laundering the funds using crypto exchanges and mixing services. [...]BLEEPINGCOMPUTER.COM
16 MayChatbot Said WHAT?! 79% Hallucination Rate ExposedAI models are revolutionizing cybersecurity... but what happens when they start making stuff up? In this short, Doug White breaks down the jaw-dropping results of a recent QA test revealing that one chatbot hallucinated 79% of the time 🤯. Whether you're a cybersecurity pro or jus…YOUTUBE.COM
16 MayChatGPT rolls out Codex, an AI tool for software programmingOpenAI is rolling out 'Codex' for ChatGPT, which is an AI agent that automates and delegates programming tasks for software engineers. [...]BLEEPINGCOMPUTER.COM
16 MayWindows 10 LTSC: The OS Built for Cybersecurity Pros!Windows 10 LTSC isn’t your average Windows. No OneDrive. No App Store. No weather apps. And that’s exactly why cybersecurity pros are obsessed with it. In this clip, Paul and Bill break down why this stripped-down version is the dream OS for anyone who just wants performance, sta…YOUTUBE.COM