🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
23 MayRussian APT28 compromised Western logistics and IT firms to track aid to UkraineIntelligence and cybersecurity agencies from 10 countries has warned in a joint advisory that a cyberespionage group operated by the Russian military intelligence service, the GRU, has been targeting logistics and IT companies for the past three years. Known in the security indus…CSOONLINE.COM
23 MayCISA Alerts on Threat Actors Targeting Commvault Azure App to Steal SecretsOn May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, which is hosted in the Microsoft Azure cloud environment. The U.S. Cybersecurit…GBHACKERS.COM
23 May KEVCritical infrastructure under attack: Flaws becoming weapon of choiceThreat actors are increasingly exploiting vulnerabilities to attack critical infrastructure systems. Critical infrastructure organizations accounted for 70% of all attacks that IBM X-Force responded to last year, with more than one quarter of those attacks carried out using vulne…CSOONLINE.COM
23 MayFortinet Zero-Day Under Attack: PoC Now Publicly AvailableFortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is a stack-based buffer overflow located within the ad…GBHACKERS.COM
23 MayApple XNU Kernel Flaw Enables Attackers to Escalate PrivilegesApple has released urgent security patches addressing CVE-2025-31219, a high-severity vulnerability in its XNU kernel that underpins macOS, iOS, iPadOS, tvOS, watchOS, and visionOS. The flaw, which carries a CVSS score of 8.8 (vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), enables…GBHACKERS.COM
23 MayNETGEAR Router Flaw Allows Full Admin Access by AttackersA severe authentication bypass vulnerability (CVE-2025-4978) has been uncovered in NETGEAR’s DGND3700v2 wireless routers, enabling unauthenticated attackers to gain full administrative control over affected devices. The flaw, rated with a critical CVSSv4 score of 9.3, stems from …GBHACKERS.COM
23 MayBeijing may have breached US government systems before Cityworks plugged a critical flawA now-patched high-severity security flaw affecting Trimble Cityworks — a specialized software used by local governments in the US, utilities, and public agencies to manage their infrastructure and community services—was abused by Chinese hackers to compromise systems before a pa…CSOONLINE.COM
23 MayViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised DevicesCybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network. The threat actor has been observed exploiting a critical security flaw imp…THEHACKERNEWS.COM
23 MayChinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile VulnerabilityIvanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier. These flaws, when chained together, allow unauthenticated remote code execution (RCE) on internet-facing sys…GBHACKERS.COM
23 MayZero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI SecretsA new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt DNS infrastructure, manipulate Non-Human Identity (NHI) secrets, and ultimately bypass zero-trust security frameworks. This research, conducted in a controlled lab environment, hi…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
23 MayCustomer Identity & Access Management: Die besten CIAM-ToolsWir haben die besten Lösungen in Sachen Customer Identity & Access Management für Sie zusammengestellt. Jackie Niam | shutterstock.com Customer Identity & Access Management (CIAM) bildet eine Unterkategorie von Identity & Access Management ( IAM ). CIAM wird dazu eing…CSOONLINE.COM
23 MayHeute startet der CIO Charity Run&Bike 2025Seit Jahren engagiert sich die CIO-Community leidenschaftlich im Rahmen des CIO Charity Run&Bike für gemeinnützige Organisationen. Foundry Es geht los! Vom 23. Mai bis 9. Juni 2025 sporteln Deutschlands IT-Verantwortliche im Rahmen den CIO Charity Run&Bike gemeinsam für d…CSOONLINE.COM
23 MayCISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud MisconfigsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's (Meta…THEHACKERNEWS.COM
23 MayGitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden PromptsCybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to ma…THEHACKERNEWS.COM
23 MayCybersecurity Threats and Breaches: Critical Updates and InsightsIn this episode of Cybersecurity today, host Jim Love reports on various critical cyber threats and data breaches. A newly discovered flaw in Windows Server 2025 allows attackers to seize full domain control, referred to by researchers as the 'bad successor' exploit. Government m…CYBERSECURITYTODAY.LIBSYN.COM
23 MayPolice takes down 300 servers in ransomware supply-chain crackdownIn the latest phase of Operation Endgame, an international law enforcement operation, national authorities from seven countries seized 300 servers and 650 domains used to launch ransomware attacks. [...]BLEEPINGCOMPUTER.COM
23 MayChinese Spies Exploit Ivanti Vulnerabilities Against Critical SectorsA Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors. The post Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors appeared first on SecurityWeek .SECURITYWEEK.COM
23 MayDanaBot Botnet Disrupted, 16 Suspects ChargedThe DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted. The post DanaBot Botnet Disrupted, 16 Suspects Charged appeared first on SecurityWeek .SECURITYWEEK.COM
23 MayCityworks Zero-Day Exploited by Chinese Hackers in US Local Government AttacksA Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US. The post Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
23 MayMysterious hacking group Careto was run by the Spanish government, sources sayThe elusive hacking group Careto was never publicly linked to a specific government, but TechCrunch has learned researchers concluded privately that the Spanish government was behind the group.TECHCRUNCH.COM
23 MayVulnerability in the Rubetek Home smart-home app | Kaspersky official blogKaspersky’s GReAT experts have discovered a vulnerability in the Rubetek Home smart-home control app. Read on to learn how attackers may have exploited it.KASPERSKY.COM
23 MaySafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot ProtectionFrom zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16.4K sta…THEHACKERNEWS.COM
23 May3AM ransomware attack poses as a call from IT support to compromise networksCybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Find out how they do it in my article on the Tripwire State of Security blog.TRIPWIRE.COM
23 MayCompanies Warned of Commvault Vulnerability ExploitationCISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments. The post Companies Warned of Commvault Vulnerability Exploitation appeared first on SecurityWeek .SECURITYWEEK.COM
23 May300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks WorldwideAs part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets. Operation Endgame, first launched in May 2024, is an ongoing law enfor…THEHACKERNEWS.COM
23 MayResearchers Uncover Infrastructure and TTPs Behind ALCATRAZ MalwareElastic Security Labs has recently exposed a sophisticated new malware family dubbed DOUBLELOADER, observed in conjunction with the RHADAMANTHYS infostealer. This discovery sheds light on the evolving tactics, techniques, and procedures (TTPs) of cybercriminals who leverage advan…GBHACKERS.COM
23 MayImpersonating Meta, Powered by AppSheet: A Rising Phishing Campaign Exploits Trusted Platforms to Evade DetectionSince March 2025, the KnowBe4 Threat Labs team has observed a surge in phishing attacks that exploit Google’s AppSheet platform to launch a highly targeted, sophisticated campaign impersonating social media platform giant Meta.KNOWBE4.COM
23 MayGitLab Duo Vulnerability Exploited to Inject Malicious Links and Steal Source CodeA security vulnerability was recently discovered in GitLab Duo, the AI-powered coding assistant integrated into GitLab and based on Anthropic’s Claude models. Security researchers from Legit Security revealed that attackers could exploit an indirect prompt injection flaw to exfil…GBHACKERS.COM
23 MayTracking the Cost of Quantum FactoringPosted by Craig Gidney, Quantum Research Scientist, and Sophie Schmieg, Senior Staff Cryptography Engineer Google Quantum AI's mission is to build best in class quantum computing for otherwise unsolvable problems . For decades the quantum and security communities have also …SECURITY.GOOGLEBLOG.COM
23 MayNew Formjacking Malware Targets E-Commerce Sites to Steal Credit Card DataA disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently uncovered by the Wordfence Threat Intelligence team. Unlike conventional card skimmers that overlay fake forms on ch…GBHACKERS.COM
23 MayVenice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber ThreatsVenice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as an “uncensored” and “private” alternative to mainstream platforms like ChatGPT. Unlike conventional AI chatbots, Venice.ai operates using leading open-source models such as DeepSeek R1 …GBHACKERS.COM
23 MayOver 91% of companies sacrifice hybrid cloud security in the AI adoption rushA startling 91% of organizations admit to making risky security compromises in their hybrid cloud environments under a mounting strain from the growing influence of AI, according to Gigamon’s 2025 Hybrid Cloud Security Survey. As AI adoption surges and hybrid architectures expand…CSOONLINE.COM
23 MayA local server designed to load one or more pre-trained NLP models during startup and expose them through a clean, RESTful APIsubmitted by cm0002 to cybersecurity 2 points | 0 comments https://github.com/vulnerability-lookup/ML-Gateway This project implements a FastAPI-based local server designed to load one or more pre-trained NLP models during startup and expose them through a clean, RESTful API for i…INFOSEC.PUB
23 MayFrom Chillers to Cyber: The Talent Gap That's Breaking UsThe internet doesn’t just run on code—it runs on chillers, diesel generators, and the people who know how to fix them. But there's a massive skills gap nobody’s talking about. In this short, cybersecurity experts break down why a lack of infrastructure talent is putting our digit…YOUTUBE.COM
23 MayThreat Actor Sells Burger King Backup System RCE Vulnerability for $4,000A threat actor known as #LongNight has reportedly put up for sale remote code execution (RCE) access to Burger King Spain’s backup system, leveraging vulnerabilities in the AhsayCBS platform. Priced at $4,000, this exploit offers malicious actors a potential gateway to compromise…GBHACKERS.COM
23 MayOperation Endgame 2.0 - 15,436,844 breached accountsIn May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier , with the latest act…HAVEIBEENPWNED.COM
📢 SECURITY ADVISORIES 1[−]
🔥 INCIDENT REPORTING 9[−]
23 MayRussian Hacker Indicted Over $24 Million Qakbot Ransomware OperationThe U.S. Department of Justice has unsealed a federal indictment against Rustam Rafailevich Gallyamov, 48, of Moscow, Russia, alleging he led the development and deployment of the notorious Qakbot malware. This action, announced on May 22, 2025, marks a significant milestone in a…GBHACKERS.COM
23 MayInside LockBit: Data Leak Reveals Leading Affiliates and How They OperateA massive data leak from the LockBit ransomware group, published on its hijacked leak site, has provided an unprecedented glimpse into the inner workings of one of the most notorious Ransomware-as-a-Service (RaaS) operations. The leaked data, spanning from December 19, 2024, to A…GBHACKERS.COM
23 MayViciousTrap Hackers Breaches 5,500+ Edge Devices from 50+ Brands, Turns Them into HoneypotsA sophisticated cyber threat actor, dubbed ViciousTrap by Sekoia.io’s Threat Detection & Research (TDR) team, has compromised over 5,500 edge devices across more than 50 brands, transforming them into a massive honeypot-like network. This alarming operation, detailed in…GBHACKERS.COM
23 MayOperation Endgame Crushes DanaBot Malware, Shuts Down 150 C2 Servers and Halts 1,000 Daily AttacksOperation Endgame II has delivered a devastating strike against DanaBot, a notorious malware that has plagued systems since its emergence in 2018. Initially designed as a banking trojan targeting financial credentials, DanaBot evolved into a multi-purpose threat, facilitating inf…GBHACKERS.COM
23 MayCyberattacke auf Dienstgeräte des Landratsamt BodenseekreisAufgrund einer Cyberattacke sind aktuell alle Diensthandys und Tablets des Landratsamt Bodenseekreis außer Betrieb. 512r – shutterstock.com Nach Angaben des Landratsamt Bodenseekreis haben Hacker kürzlich Diensthandys und weitere Mobilgeräte der Verwaltung angegriffen. Demnach si…CSOONLINE.COM
23 MayHackers Expose 184 Million User Passwords via Open DirectoryA major cybersecurity incident has come to light after researcher Jeremiah Fowler discovered a publicly accessible database containing 184,162,718 unique logins and passwords—totaling 47.42 GB of raw credential data. The exposed records included sensitive information such as emai…GBHACKERS.COM
23 MayIn Other News: Volkswagen App Hacked, DR32 Sentenced, New OT Security SolutionNoteworthy stories that might have slipped under the radar: serious vulnerabilities found in a Volkswagen app, Australian hacker DR32 sentenced in the US, and Immersive launches OT security training solution. The post In Other News: Volkswagen App Hacked, DR32 Sentenced, New OT S…SECURITYWEEK.COM
23 MayEU Targets Stark Industries in Cyberattack Sanctions CrackdownThe European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing new restrictive measures against 21 individuals and 6 entities. This latest move, part of the EU’s 17th sanctions package, reflects a significant broadening of both the scope …GBHACKERS.COM
23 MayThis App Is Legal… But Should It Be?When cybersecurity expert Aaran talks about Deep Seek, it’s not just another app discussion—it’s a warning. In this short, he reveals why Deep Seek, while technically legal, raises serious red flags when it comes to national security. If a tool is free and fast, but potentially v…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 24[−]
23 MayISC Stormcast For Friday, May 23rd, 2025 https://isc.sans.edu/podcastdetail/9464, (Fri, May 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 MayDenmark finds ‘suspicious’ components in key infrastructure imports, raising concerns about espionage and energy securitysubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments cross-posted from: lemmy.sdf.org/post/35125971 Archived Danish firms have found “suspicious” components added to east Asian circuit boards that were supposed to be built into the country’s green energy infrastructure…INFOSEC.PUB
23 MayDenmark finds ‘suspicious’ components in key infrastructure imports, raising concerns about espionage and energy securitysubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments cross-posted from: lemmy.sdf.org/post/35125971 Archived Danish firms have found “suspicious” components added to east Asian circuit boards that were supposed to be built into the country’s green energy infrastructure…SH.ITJUST.WORKS
23 MayGlobal Crackdown Nets 270 Dark Web Vendors in Major ArrestsA sweeping international crackdown, codenamed Operation RapTor, has dealt a significant blow to the criminal underworld operating on the dark web. Coordinated by Europol and involving agencies across four continents, the operation resulted in the arrest of 270 individuals involve…GBHACKERS.COM
23 MayBKA gelingt Schlag gegen CyberkriminelleIm Rahen der “Operation Endgame” wurden die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen. BKA Sicherheitsbehörden ist ein Schlag gegen die weltweite Cyberkriminalität gelungen. Im Laufe dieser Woche seien dank der “Operation Endgame” die derzeit einflussrei…CSOONLINE.COM
23 MayDanaBot malware disrupted, threat actors namedsubmitted by Pro to cybersecurity 2 points | 0 comments https://intel471.com/blog/danabot-malware-disrupted-threat-actors-namedINFOSEC.PUB
23 MayWinos 4.0 Malware Masquerades as VPN and QQBrowser to Target UsersA sophisticated malware campaign deploying Winos 4.0, a memory-resident stager, has been uncovered by Rapid7, targeting users through fake installers of popular software like LetsVPN and QQBrowser. Initially detected during a February 2025 Managed Detection and Response (MDR) inv…GBHACKERS.COM
23 MaySignal Blocks Windows RecallThis article gives a good rundown of the security risks of Windows Recall, and the repurposed copyright protection took that Signal used to block the AI feature from scraping Signal data.SCHNEIER.COM
23 MayRussian Qakbot Gang Leader Indicted in USRussian national Rustam Gallyamov was indicted in the US for his leading role in the development and distribution of Qakbot malware. The post Russian Qakbot Gang Leader Indicted in US appeared first on SecurityWeek .SECURITYWEEK.COM
23 MayTAG-110 Hackers Deploy Malicious Word Templates in Targeted AttacksThe Russia-aligned threat actor TAG-110, also linked to UAC-0063 and APT28 (BlueDelta) with medium confidence by CERT-UA, has shifted tactics to target government, educational, and research entities in Tajikistan. According to analysis by Insikt Group from Recorded Future Report,…GBHACKERS.COM
23 MayGenAI Assistant DIANNA Uncovers New Obfuscated MalwareDeep Instinct’s GenAI-powered assistant, DIANNA, has identified a sophisticated new malware strain dubbed BypassERWDirectSyscallShellcodeLoader. This malware, reportedly crafted with the assistance of large language models (LLMs) such as ChatGPT and DeepSeek, underscores a chilli…GBHACKERS.COM
23 MayGerman Cyber Agency Sounds Warning on Grid Vulnerabilities across Europesubmitted by Hotznplotzn to cybersecurity 2 points | 1 comments https://www.bankinfosecurity.com/german-cyber-agency-sounds-warning-on-grid-vulnerabilities-a-28461 cross-posted from: lemmy.sdf.org/post/35141215 Archived Here is the German Federal Office for Information Security’s…INFOSEC.PUB
23 MayGerman Cyber Agency Sounds Warning on Grid Vulnerabilities across Europesubmitted by Hotznplotzn to cybersecurity 2 points | 1 comments https://www.bankinfosecurity.com/german-cyber-agency-sounds-warning-on-grid-vulnerabilities-a-28461 cross-posted from: lemmy.sdf.org/post/35141215 Archived Here is the German Federal Office for Information Security’s…SH.ITJUST.WORKS
23 MaySignal Adds Screenshot-Blocker to Thwart ‘Windows Recall’Signal said the privacy feature is on by default for every Windows 11 user to block Microsoft from taking screenshots for Windows Recall. The post Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’ appeared first on SecurityWeek .SECURITYWEEK.COM
23 MayAI vs Cybersecurity: Who Gets Fired First?As AI continues to evolve, cybersecurity pros are starting to ask the tough questions. In this clip, Ayman Elsawah breaks down which roles in cybersecurity could be on the chopping block first—and why SOC analysts and GRC specialists might need to pay close attention. AI isn't ta…YOUTUBE.COM
23 May270 arrested in global dark web crackdown targeting online drug and criminal networks | Europolsubmitted by cm0002 to cybersecurity 3 points | 0 comments https://www.europol.europa.eu/media-press/newsroom/news/270-arrested-in-global-dark-web-crackdown-targeting-online-drug-and-criminal-networksINFOSEC.PUB
23 MayA 3X Leader in Gartner 2025 Magic Quadrant for SSEPalo Alto Networks has been named a Leader in the 2025 Gartner Magic Quadrant for Security Service Edge, for the third time. The post A 3X Leader in Gartner 2025 Magic Quadrant for SSE appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
23 MayHackers Target macOS Users with Fake Ledger Apps to Deploy MalwareHackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application for managing crypto assets via Ledger cold wallets. Since August 2024, Moonlock Lab has been tracking a malware campaign that initially focused on stealing passwords and w…GBHACKERS.COM
23 MayDozens of malicious packages on NPM collect host and network data60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. [...]BLEEPINGCOMPUTER.COM
23 MayYour Cyber Budget = CFO’s Risk Tolerance 😬 #cisoWhen cybersecurity professionals ask for more budget, they often focus on threats. But what really matters to the CFO? Risk tolerance. In this eye-opening short, cybersecurity expert Matthew Alderman recalls consulting for a massive oil company—where risks weren’t even “material”…YOUTUBE.COM
23 MayRefund My Tuition?! The AI Lecture War 🧑🎓💻When a student finds out their professor used AI to help prep class material, they lose it—and file a lawsuit demanding a tuition refund! 😱 But does using AI to support teaching really mean students are getting less? This short dives into the clash between tech, learning, and exp…YOUTUBE.COM
23 MayFriday Squid Blogging: US Naval Ship Attacked by Squid in 1978Interesting story : USS Stein was underway when her anti-submarine sonar gear suddenly stopped working. On returning to port and putting the ship in a drydock, engineers observed many deep scratches in the sonar dome’s rubber “NOFOUL” coating. In some areas, the…SCHNEIER.COM
23 MayThis $20 Router Could Be a Spy Tool 🕵️♂️Lawmakers in Washington just exposed a shocking cybersecurity threat hiding in plain sight. TP-Link, the top-selling router brand in the U.S., is under fire for allegedly selling ultra-cheap routers that could be giving Chinese state hackers access to American homes. This short b…YOUTUBE.COM
23 MayKeyboards, 3am, TikTok, LummaC2, Cityworks, Honeypots, Fancy Bear, Aaran Leyland... - SWN #479Keyboards, 3 am, TikTok, LummaC2, Cityworks, Honeypots, Fancy Bear, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-479YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
23 MayU.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime OperationThe U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said…THEHACKERNEWS.COM
23 MayTikTok videos now push infostealer malware in ClickFix attacksCybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. [...]BLEEPINGCOMPUTER.COM
23 MayHackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix TechniqueThe malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. "The ClickFix technique is particularly risky because it allows the malware to execute in memory rather than being written to d…THEHACKERNEWS.COM
23 MayDanabot under the microscopeESET Research has been tracking Danabot’s activity since 2018 as part of a global effort that resulted in a major disruption of the malware’s infrastructureWELIVESECURITY.COM
📡 INFOSEC NEWS 8[−]
23 MayWindows 11 Notepad gets AI-powered text writing capabilitiesMicrosoft is testing a new AI-powered text generation feature in Notepad that can let Windows Insiders create content based on custom prompts. [...]BLEEPINGCOMPUTER.COM
23 MayAt TechCrunch Sessions: AI, Artemis Seaford and Ion Stoica confront the ethical crisis — when AI crosses the lineAs generative AI becomes faster, cheaper, and more convincing, the ethical stakes are no longer theoretical. What happens when the tools to deceive become widely accessible? And how do we build systems that are powerful — but safe enough to trust? At TechCrunch Sessions: AI, taki…TECHCRUNCH.COM
23 MayFBI warns of Luna Moth extortion attacks targeting law firmsThe FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks. [...]BLEEPINGCOMPUTER.COM
23 MayWhy AI Development is More Dangerous Than You Realize!AI development is more dangerous than most people realize! 🚨 While everyone focuses on securing AI in production, the real risk starts much earlier—during the building and training phases. Sensitive data, vulnerable tools like Jupyter Notebooks, and high-risk pipelines make the l…YOUTUBE.COM
23 MayNo Training, No Deal — How Bad Training Can Kill Cybersecurity SalesWhy do CISOs care more about training than flashy product demos? 💻 In this short, Allie Mellen (@hackerxbella) breaks down how poor training can stop a cybersecurity tool from ever getting a second look. With data showing CISOs prioritize high-quality training when choosing secur…YOUTUBE.COM
23 MayHacker steals $223 million in Cetus Protocol cryptocurrency heistThe decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned. [...]BLEEPINGCOMPUTER.COM
23 MayApple CEO reportedly urged Texas’ governor to ditch online child safety billApple CEO Tim Cook reportedly called Texas Gov. Greg Abbott to make changes to or veto a newly passed law in the state that would require the company to verify the ages of device owners, according to The Wall Street Journal. Abbott has yet to sign the bill. But Apple, alongside G…TECHCRUNCH.COM
23 MayOpenAI confirms Operator Agent is now more accurate with o3OpenAI says Operator Agent now uses the o3 model, which means it's now significantly better at reasoning capabilities. [...]BLEEPINGCOMPUTER.COM