105Articles
9Categories
2025-05-20Date
🚨 CISA KEV 2[−]
20 May KEVCISA Adds Actively Exploited Ivanti EPMM Zero-Day to KEV CatalogCybersecurity and Infrastructure Security Agency (CISA) has added two critical zero-day vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The flaws CVE-2025-442…GBHACKERS.COM
20 May KEVCISA Includes MDaemon Email Server XSS Flaw in KEV CatalogCybersecurity and Infrastructure Security Agency (CISA) has added a cross-site scripting (XSS) vulnerability affecting MDaemon Email Server to its Known Exploited Vulnerabilities (KEV) Catalog on May 19, 2025. This critical addition, identified as CVE-2024-11182, highlights a sec…GBHACKERS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
20 MayEthical hackers exploited zero-day vulnerabilities against popular OS, browsers, VMs and AI frameworksSecurity researchers showcased 28 zero-day vulnerabilities during the Pwn2Own contest held during the OffensiveCon conference in Berlin that ended on Saturday. The flaws allowed ethical hackers to compromise software products used across most enterprises including Microsoft Windo…CSOONLINE.COM
20 MayWindows 11 Privilege Escalation Vulnerability Let Attackers Gain Admin Access in Under 300 MillisecondsSecurity researchers have uncovered a critical vulnerability in Windows 11 that allowed attackers to escalate privileges from a standard user to system-level administrator in just 300 milliseconds. The flaw, tracked as CVE-2025-24076, has been patched by Microsoft but represents …GBHACKERS.COM
20 May KEVQilin Exploits SAP Zero-Day Vulnerability Weeks Ahead of Public DisclosureCybersecurity experts at OP Innovate have uncovered evidence that CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer, was actively exploited nearly three weeks before its public disclosure. This flaw, residing in the /developmentserver/metadatauplo…GBHACKERS.COM
20 MaySecurity Flaw in WordPress Plugin Puts 22,000 Websites at Risk of Cyber AttacksCritical security vulnerability has been discovered in Motors, a popular WordPress theme with over 22,000 sales, potentially exposing thousands of websites to complete takeover. Security researchers at Wordfence identified an unauthenticated privilege escalation vulnerability tha…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 34[−]
20 MayCritical pfSense Firewall Flaws Enable Attackers to Inject Malicious CodeSecurity researchers have uncovered three critical vulnerabilities in pfSense firewall software that could allow attackers to inject malicious code, corrupt configurations, and potentially gain unauthorized access to systems. These vulnerabilities were responsibly disclosed to Ne…GBHACKERS.COM
20 MayMalicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User AccountsCybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the …THEHACKERNEWS.COM
20 May4 ways to safeguard CISO communications from legal liabilitiesIn 2019, Russian threat actors began targeting Texas-based business software provider SolarWinds. What started as a dry run to inject malware into SolarWinds’ networks evolved into the boldest software supply chain hack ever , ultimately spreading malicious backdoors to SolarWind…CSOONLINE.COM
20 MayMalicious npm Package in Koishi Chatbots Steals Sensitive Data in Real TimeSocket’s Threat Research Team has uncovered a dangerous npm package named koishi-plugin-pinhaofa, masquerading as a spelling-autocorrect helper for Koishi chatbots. Marketed innocently, this plugin embeds a insidious data-exfiltration backdoor that scans every incoming message fo…GBHACKERS.COM
20 MayO2 VoLTE Flaw Allows Tracking of Customers’ Locations Through Phone CallsSignificant privacy vulnerability in O2 UK’s Voice over LTE (VoLTE) implementation was recently discovered, allowing any caller to access precise location data of call recipients. The security flaw, which exposed sensitive information through IMS (IP Multimedia Subsystem) s…GBHACKERS.COM
20 MayAppsec News & Interviews from RSAC on Identity and AI - Charlotte Wylie, Rami Saas - ASW #331In the news, Coinbase deals with bribes and insider threat, the NCSC notes the cross-cutting problem of incentivizing secure design, we cover some research that notes the multitude of definitions for secure design, and discuss the new Cybersecurity Skills Framework from the OpenS…YOUTUBE.COM
20 MayO2 Service Vulnerability Exposed User LocationA vulnerability in O2’s implementation of the IMS standard resulted in user location data being exposed in network responses. The post O2 Service Vulnerability Exposed User Location appeared first on SecurityWeek .SECURITYWEEK.COM
20 MayCritical Multer Vulnerability Puts Millions of Node.js Apps at RiskCritical security vulnerability has been discovered in Multer, one of the most widely used Node.js middleware packages for handling file uploads. The vulnerability affects all versions from 1.4.4-lts.1 up to but not including 2.0.0, potentially exposing millions of web applicatio…GBHACKERS.COM
20 MayWordPress Plugin Flaw Puts 22,000 Websites at Risk of Cyber AttacksA severe security flaw has been uncovered in the Motors WordPress theme, a popular choice for car dealerships and listings with over 22,000 sales on ThemeForest. Researcher Foxyyy reported a critical Privilege Escalation vulnerability through the Wordfence Bug Bounty Program, ear…GBHACKERS.COM
20 MayCritical VMware Cloud Foundation Vulnerability Exposes Sensitive DataBroadcom’s VMware division has disclosed three significant security vulnerabilities in its Cloud Foundation platform that could allow attackers to gain unauthorized access to sensitive information and internal services. The advisory, published today (May 20, 2025), details …GBHACKERS.COM
20 MaySkitnet malware: The new ransomware favoriteRansomware operators are now actively using a modular malware, Skitnet, sold on underground forums including RAMP since April 2024. According to cybersecurity firm Prodaft, the multi-stage malware is being used for stealing sensitive data post-compromise and establishing continue…CSOONLINE.COM
20 May KEVVulnerability Exploitation Probability Metric Proposed by NIST, CISA ResearchersThe Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization. The post Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers appeared first on SecurityWeek .SECURITYWEEK.COM
20 MayYou’ve already been targeted: Why patch management is mission-criticalSecurity is evolving because attackers already have. The rise in threats facing IT teams today is not random. It reflects how profitable cybercrime has become. While the global illicit drug trade is estimated at up to 652 billion dollars a year, cybercrime costs the world an esti…CSOONLINE.COM
20 MayAWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service ExploitationCybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "…THEHACKERNEWS.COM
20 MayNATO-Flagged Vulnerability Tops Latest VMware Security Patch BatchVMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available. The post NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch appeared first on SecurityWeek .SECURITYWEEK.COM
20 MayHackers Abuse TikTok and Instagram APIs to Verify Stolen Account CredentialsCybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and si…GBHACKERS.COM
20 May8 KI-Sicherheitsrisiken, die Unternehmen übersehenIn ihrem Wettlauf um Produktivitätssteigerungen durch generative KI übersehen die meisten Unternehmen die damit verbundenen Sicherheitsrisiken. Summit Art Creations – Shutterstock.com Laut einer Studie des Weltwirtschaftsforums , die in Zusammenarbeit mit Accenture durchgeführt w…CSOONLINE.COM
20 MayRedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis InstancesDatadog Security Research has uncovered a formidable new cryptojacking campaign dubbed “RedisRaider,” specifically targeting Linux servers with publicly accessible Redis instances. This sophisticated Linux worm employs aggressive propagation techniques and advanced ob…GBHACKERS.COM
20 MayThe AI Fix #51: Divorce by coffee grounds, and why AI robots need your brainIn episode 51 of The AI Fix, a Greek man's marriage is destroyed after ChatGPT reads his coffee, a woman dumps her husband to marry an AI called Leo, and Graham wonders whether it's time to upload his brain into a lunchbox-packing robot. Meanwhile, a humanoid robot goes full Mich…GRAHAMCLULEY.COM
20 MayYour Speaker Could Hack You – Thanks to AirPlay 💀A newly discovered zero-click RCE vulnerability in Apple’s AirPlay protocol could turn everyday audio devices—including smart speakers and car systems—into dangerous cyber weapons. With over 2 billion Apple devices and tens of millions of third-party accessories in use, this “wor…YOUTUBE.COM
20 MayMore_Eggs Malware Uses Job Application Emails to Distribute Malicious PayloadsThe More_Eggs malware, operated by the financially motivated Venom Spider group (also known as Golden Chickens), continues to exploit human trust through meticulously crafted social engineering. Sold as a Malware-as-a-Service (MaaS) to notorious threat actors like FIN6 and Cobalt…GBHACKERS.COM
20 MayAccenture Files Leak – New Research Reveals Projects Controlling Billions of User DataA new research report released today by Progressive International, Expose Accenture, and the Movement Research Unit uncovers the sprawling influence of Accenture, the world’s largest consultancy firm, in driving a global wave of surveillance, exclusion, and authoritarianism. The …GBHACKERS.COM
20 MayHazy Hawk gang exploits DNS misconfigs to hijack trusted domainsA threat actor named 'Hazy Hawk' has been using DNS CNAME hijacking to hijack abandoned cloud endpoints of domains belonging to trusted organizations and incorporate them in large-scale scam delivery and traffic distribution systems (TDS). [...]BLEEPINGCOMPUTER.COM
20 MayCISA Releases Thirteen Industrial Control Systems AdvisoriesCISA released thirteen Industrial Control Systems (ICS) advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-140-01 ABUP IoT Cloud Platform ICSA-25-140-02 National Instruments…CISA.GOV
20 MayHazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware DeliveryA threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records. The hijacked domains are then…THEHACKERNEWS.COM
20 MayNATO-Flagged Vulnerability Tops Latest VMware Security Patch Batchsubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/nato-flagged-vulnerability-tops-latest-vmware-security-patch-batch/SH.ITJUST.WORKS
20 MaySK Telecom says malware breach lasted 3 years, impacted 27 million numbersSK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. [...]BLEEPINGCOMPUTER.COM
20 MayEU High Level Group (established by EU commission) recommends forcing all devices in the EU to be sold with ”integrated Law Enforcement access” and sanctioning non-EU approved messaging servicessubmitted by deinu to cybersecurity 1 points | 0 comments https://home-affairs.ec.europa.eu/document/download/1105a0ef-535c-44a7-a6d4-a8478fce1d29_en?filename=Recommendations+of+the+HLG+on+Access+to+Data+for+Effective+Law+Enforcement_en.pdf EU High Level Group (established by EU …SH.ITJUST.WORKS
20 MayVanHelsing ransomware builder leaked on hacking forumThe VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum. [...]BLEEPINGCOMPUTER.COM
20 MayPremium WordPress 'Motors' theme vulnerable to admin takeover attacksA critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers to hijack administrator accounts and take complete control of websites. [...]BLEEPINGCOMPUTER.COM
20 MayWhat Do You Want Me to DEPRIORITIZE? (CISO Reality Check)In the high-stakes world of cybersecurity, CISOs face brutal choices every day. In this short clip, Ben Carr drops a truth bomb that every tech leader needs to hear: you can't do everything—so what gets cut? With limited time, money, and people, tough calls have to be made. This …YOUTUBE.COM
20 MayMicrosoft’s Upgrade Plan: Waste More, Upgrade FasterMicrosoft is ending support for Windows 10, but here’s the twist: they’re pushing millions of perfectly working PCs into the trash heap. In this short, cybersecurity expert Doug White highlights how the shift to Windows 11 is less about innovation and more about forcing hardware …YOUTUBE.COM
20 MayPowerSchool hacker pleads guilty to student data extortion schemeA 19-year-old college student from Worcester, Massachusetts, has agreed to plead guilty to a massive cyberattack on PowerSchool that extorted millions of dollars in exchange for not leaking the personal data of millions of students and teachers. [...]BLEEPINGCOMPUTER.COM
20 MayThreat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from OrganizationsSummary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with threat actors de…CISA.GOV
📋 SECURITY BULLETINS 1[−]
20 MayMicrosoft Issues Urgent Patch to Resolve BitLocker Recovery ProblemMicrosoft has released an emergency update to address a critical issue affecting Windows 10 devices with specific Intel processors. The update (KB5061768) fixes a problem introduced in the May 13, 2025 security update that was causing unexpected system failures and forcing users …GBHACKERS.COM
📢 SECURITY ADVISORIES 11[−]
20 MayMadhu Gottumukkala Officially Announced as CISA Deputy DirectorNew CISA Deputy Director Madhu Gottumukkala has joined the agency from South Dakota’s Bureau of Information and Technology. The post Madhu Gottumukkala Officially Announced as CISA Deputy Director appeared first on SecurityWeek .SECURITYWEEK.COM
20 MaySouth Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom MalwareHigh-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. "The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in speci…THEHACKERNEWS.COM
20 MayAWS, Honeywell, Marriott… What Do They Want from World Governments?When cybersecurity leaders from Amazon Web Services, Honeywell, and Marriott speak, the world listens. In this short, top CISOs voice their frustration with the chaos of fragmented global cyber laws—and demand one unified standard. The call to action is clear: it’s time for world…YOUTUBE.COM
🔥 INCIDENT REPORTING 13[−]
20 MayDDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive serversubmitted by cm0002 to cybersecurity 1 points | 0 comments https://micahflee.com/ddosecrets-publishes-410-gb-of-heap-dumps-hacked-from-telemessages-archive-server/INFOSEC.PUB
20 MayThe Crowded Battle: Key Insights from the 2025 State of Pentesting ReportIn the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyb…THEHACKERNEWS.COM
20 MayThreat Actors Deploy Bumblebee Malware via Poisoned Bing SEO ResultsA newly identified cyberattack campaign has revealed the persistent and evolving threat of Bumblebee malware, a sophisticated downloader first discovered in 2022 and linked to ransomware groups like Conti. According to a recent report by Cyjax, threat actors have orchestrated a c…GBHACKERS.COM
20 MayEvent Preview: 2025 Threat Detection & Incident Response (Virtual) SummitSecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st. The post Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit appeared first on SecurityWeek .SECURITYWEEK.COM
20 MayCyberattack on Serviceaide Compromises Data of 480,000 Catholic Health PatientsData breach at Serviceaide, Inc., a technology vendor for Catholic Health, exposed sensitive information belonging to approximately 480,000 patients. The incident, caused by an improperly secured Elasticsearch database, left names, Social Security numbers, medical records, and lo…GBHACKERS.COM
20 MayDDoSecrets Adds 410GB of TeleMessage Breach Data to Indexsubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/ddosecrets-adds-410gb-telemessage-breach-data-index/SH.ITJUST.WORKS
20 MayInterlock ransomware evolving under the radarsubmitted by kid to cybersecurity 1 points | 0 comments https://blog.sekoia.io/interlock-ransomware-evolving-under-the-radar/SH.ITJUST.WORKS
20 May100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting AdsAn unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. "The actor …THEHACKERNEWS.COM
20 MayLockBit Leak Shows Affiliates Use Pressure Tactics, Rarely Get Paidsubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/lockbit-leak-affiliates-pressure-tactics-rarely-paid/SH.ITJUST.WORKS
20 MayA familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick AssistAnother adversary picks up the email bombing / vishing Storm-1811 playbook, doing thorough reconnaissance to target specific employees with fake help desk call—this time, over the phone.SOPHOS.COM
20 MayNew Nitrogen Ransomware Targets Financial Firms in the US, UK and Canadasubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/nitrogen-ransomware-targets-financial-firms-us-uk-canada/SH.ITJUST.WORKS
20 MaySK Telecom says malware breach lasted 3 years, impacted 27 million numberssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/sk-telecom-says-malware-breach-lasted-3-years-impacted-27-million-numbers/SH.ITJUST.WORKS
20 MayMobile carrier Cellcom confirms cyberattack behind extended outagesWisconsin wireless provider Cellcom has confirmed that a cyberattack is responsible for the widespread service outage and disruptions that began on the evening of May 14, 2025. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 27[−]
20 MayISC Stormcast For Tuesday, May 20th, 2025 https://isc.sans.edu/podcastdetail/9458, (Tue, May 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 MayMicrosoft 365 Users Targeted by Tycoon2FA Linked Phishing Attack to Steal CredentialsA new wave of targeted phishing campaigns, linked to the Tycoon2FA group, has been identified specifically targeting Microsoft 365 users. Security researchers have observed that these campaigns are leveraging an innovative tactic: the use of malformed URLs containing backslash ch…GBHACKERS.COM
20 MayTor Browser 14.5.2 Released: Bug Fixes and Enhanced FeaturesTor Project has launched Tor Browser 14.5.2, a significant update addressing security vulnerabilities, refining cross-platform functionality, and enhancing build system reliability. This release integrates critical Firefox security patches, resolves longstanding privacy-related b…GBHACKERS.COM
20 MayW3LL Phishing Kit Launches Active Campaign to Steal Outlook Login CredentialsCybersecurity researchers have recently uncovered a sophisticated phishing campaign leveraging the notorious W3LL Phishing Kit. Originally identified by Group-IB in 2022, W3LL differentiates itself in the criminal ecosystem as a phishing-as-a-service (PaaS) tool, supported by a u…GBHACKERS.COM
20 MayChinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi OrganizationThreat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group's intrusio…THEHACKERNEWS.COM
20 MayCloudSEK Raises $19 Million for Threat Intelligence PlatformThreat protection and intelligence firm CloudSEK raises $19 million in funding from new and existing investors. The post CloudSEK Raises $19 Million for Threat Intelligence Platform appeared first on SecurityWeek .SECURITYWEEK.COM
20 MayDPRK IT Workers Impersonate Polish and US Nationals to Secure Full-Stack Developer PositionsA alarming cybersecurity report by Nisos has uncovered a sophisticated employment scam network potentially affiliated with the Democratic People’s Republic of Korea (DPRK). This network targets remote engineering and full-stack blockchain developer roles by impersonating Polish a…GBHACKERS.COM
20 MayAll things infostealers. Week 20, 2025 – Kinda Blog by CryptoLeksubmitted by CryptoLek to cybersecurity 1 points | 0 comments https://cryptolek.info/2025/05/19/all-things-infostealers-week-20-2025/ A brief look at all things infostealers for the week 20, 2025 (12.05.2025–18.05.2025). This week observed updates from LummaC2, MonsterV2 and Katz…INFOSEC.PUB
20 MayDoorDash HackA DoorDash driver stole over $2.5 million over several months: The driver, Sayee Chaitainya Reddy Devagiri, placed expensive orders from a fraudulent customer account in the DoorDash app. Then, using DoorDash employee credentials, he manually assigned the orders to driver account…SCHNEIER.COM
20 MayO2 UK patches bug leaking mobile user location from call metadatasubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/o2-uk-patches-bug-leaking-mobile-user-location-from-call-metadata/SH.ITJUST.WORKS
20 MayWindows 10 emergency updates fix BitLocker recovery issuessubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/windows-10-emergency-updates-fix-bitlocker-recovery-issues/SH.ITJUST.WORKS
20 MayTrustCloud Raises $15 Million for Security Assurance PlatformAI-native security assurance firm TrustCloud has raised $15 million in a strategic funding round led by ServiceNow Ventures. The post TrustCloud Raises $15 Million for Security Assurance Platform appeared first on SecurityWeek .SECURITYWEEK.COM
20 MayGo-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abusesubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/go-based-malware-deploys-xmrig-miner-on.htmlSH.ITJUST.WORKS
20 MayHackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted AttacksRussian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While …GBHACKERS.COM
20 MayRegeneron to Buy 23andMe for $256M Amid Growing Data Privacy ConcernsBiotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for genetic testing pioneer 23andMe, offering $256 million for the majority of the company’s assets. Announced Monday, the deal would transfer 23andMe’s consum…GBHACKERS.COM
20 MayKimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RATCybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent Threat (APT) group, deploying intricately crafted PowerShell payloads to deliver the XWorm Remote Access Trojan (RAT). This operation showcases the …GBHACKERS.COM
20 MayWhy That Security Trend Spike Is Actually Fake (Sorta)When a cybersecurity report shows a massive trend spike, most people panic. But in this short, Jason and Adrian break down the real story behind the numbers. It wasn’t a sudden surge in attacks—it was just better data. For once, the report reveals the exact dataset, where it came…YOUTUBE.COM
20 MayRVTools hit in supply chain attack to deliver Bumblebee malwaresubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/rvtools-hit-in-supply-chain-attack-to-deliver-bumblebee-malware/INFOSEC.PUB
20 MayRVTools hit in supply chain attack to deliver Bumblebee malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/rvtools-hit-in-supply-chain-attack-to-deliver-bumblebee-malware/SH.ITJUST.WORKS
20 MayService desks are under attack: What can you do about it?submitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/service-desks-are-under-attack-what-can-you-do-about-it/SH.ITJUST.WORKS
20 MayThe Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Websitesubmitted by Pro to cybersecurity 1 points | 0 comments https://research.checkpoint.com/2025/impersonated-kling-ai-site-installs-malware/ AI media generation is a significant trend in how we use the Internet in 2025. Kling AI is a widely used platform, with 6 million users since …INFOSEC.PUB
20 MayThe Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Websitesubmitted by Pro to security 2 points | 0 comments https://research.checkpoint.com/2025/impersonated-kling-ai-site-installs-malware/ AI media generation is a significant trend in how we use the Internet in 2025. Kling AI is a widely used platform, with 6 million users since its l…PROGRAMMING.DEV
20 MayThe Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Websitesubmitted by Pro to cybersecurity 1 points | 0 comments https://research.checkpoint.com/2025/impersonated-kling-ai-site-installs-malware/ AI media generation is a significant trend in how we use the Internet in 2025. Kling AI is a widely used platform, with 6 million users since …SH.ITJUST.WORKS
20 MayRSAC 2025: Welcome to the Age of AI SurrenderAt RSAC 2025, cybersecurity professionals weren’t panicking — they were strangely calm. Jackie McGuire and Adrian Sanabria captured the surreal vibe: it’s no longer about stopping AI… it’s about surviving the fallout. This short dives into that moment when the infosec world stopp…YOUTUBE.COM
20 MayAI Shame Is Real… Even in CybersecurityMany cybersecurity pros are quietly using AI tools like ChatGPT—but won’t admit it. Why? Because their peers and managers might see them as lazy, less competent, or too dependent. This silent stigma exists across all roles, ages, and genders. Some even hide their AI use just to a…YOUTUBE.COM
20 MayWSL, Defendnot, Clippy, Crawlomatic, Take It Down, Pwn2Own, Aaran Leyland, and More.. - SWN #478WSL, Defendnot, Clippy, Crawlomatic, Take It Down, Pwn2Own, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-478YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
20 MayGo-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration AbuseCybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs. "RedisRaider aggressively scans randomized portions of the IPv…THEHACKERNEWS.COM
20 MayRVTools hit in supply chain attack to deliver Bumblebee malwareThe official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack where hackers replaced a DLL in the distributed installer to drop the Bumblebee malware loader on users' machines. [...]BLEEPINGCOMPUTER.COM
20 MayKrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoSKrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Thi…KREBSONSECURITY.COM
20 MayTrojanized RVTools push Bumblebee malware in SEO poisoning campaignThe official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware loader on users' machines. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 9[−]
20 MaySophos Partners with Capsule on New Cyber Insurance ProgramThe partnership rewards real-world, observable security controls, while removing the traditional barriers to insurance coverage.SOPHOS.COM
20 MaySEC Twitter hack: Man imprisoned for role in attack that caused Bitcoin’s price to soar.Eric Council Jr. pleaded guilty to charges related to the January 2024 hack of the US Securities and Exchange Commission's (SEC) Twitter account, which saw a fake announcement about the Bitcoin cryptocurrency posted to its followers. Read more in my article on the Hot for Securit…BITDEFENDER.COM
20 MayService desks are under attack: What can you do about it?Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks to trick agents into changing passwords, disabling MFA, and granting access. Learn more from Specops Software on how to secure your service desk. [...]BLEEPINGCOMPUTER.COM
20 MayResearchers Scanning the Internet, (Tue, May 20th)We have been using our data to identify researchers scanning the internet for a few years. Currently, we are tracking 36 groups performing such scans, and our data feed of the IP addresses used contains around 33k addresses [1]. ISC.SANS.EDU
20 MayCISO vs. CFO: Who Actually Runs the Business?Who really calls the shots in a business—the CISO or the CFO? With the CISO role gaining maturity and visibility in recent years, this video dives into the evolving landscape of leadership in corporate security versus finance. Watch as Jeff Pollard explains the growing importance…YOUTUBE.COM
20 MayAI, Data Scraping & Cybersecurity: The War Has Begun ⚔️AI-powered data scraping is changing the cybersecurity game, but is it for better or worse? 🤯 As artificial intelligence advances, so does the demand for massive amounts of online data—fueling a billion-dollar industry where legal and ethical lines are blurred. From real estate l…YOUTUBE.COM
20 MayThe people in Elon Musk’s DOGE universeMeet the DOGE staffers and senior advisors in Elon Musk's inner circle, and how they got there.TECHCRUNCH.COM
20 MayPhishing through Google Ads: attacks on SEO and marketingScammers are using Google Ads to promote phishing copies of Semrush and even Google Ads to hack business accounts and steal company data.KASPERSKY.COM