72Articles
8Categories
2025-09-22Date
🚨 CISA KEV 1[−]
22 Sep KEVCISA Shares Lessons Learned from an Incident Response EngagementAdvisory at a Glance Executive Summary CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and respon…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
22 SepMicrosoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across TenantsA critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS…THEHACKERNEWS.COM
22 SepAttackers Bypass Windows “Mark of the Web” Protections Using LNK-StompingA sophisticated attack technique called LNK Stomping is enabling cybercriminals to bypass Windows security protections designed to block malicious files downloaded from the internet. The technique exploits a vulnerability in Windows shortcuts that was patched in Septemb…GBHACKERS.COM
22 SepFortra Patches Critical GoAnywhere MFT VulnerabilityTracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepGod Mode Vulnerability Lets Attackers Access Any Resource in Microsoft Cloud TenantsA recently disclosed flaw, tracked as CVE-2025-55241, allowed any attacker in possession of a single “Actor token” from a test or lab tenant to assume full administrative control over every Microsoft Entra ID (Azure AD) customer globally. Security researcher Dirk-Jan Mo…GBHACKERS.COM
22 SepCode Analysis Published for Chrome Type Confusion 0-Day VulnerabilityGoogle Chrome’s V8 JavaScript engine has long balanced speed and security for billions of users worldwide. On September 16, 2025, Google’s Threat Analysis Group discovered a critical zero-day flaw in the TurboFan compiler component of V8. Now tracked as CVE-2025-10585, the vulner…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
22 SepAgentic AI – der neue Horror für Sicherheitsentscheider?srcset="https://b2b-contenthub.com/wp-content/uploads/2025/05/AI-product-or-feature-shutterstock_2626499403.jpg?quality=50&strip=all 3976w, https://b2b-contenthub.com/wp-content/uploads/2025/05/AI-product-or-feature-shutterstock_2626499403.jpg?resize=300%2C168&quality=50&…CSOONLINE.COM
22 SepHackers Deploy New EDR-Freeze Tool to Disable Security SoftwareA security researcher has released a new tool that can temporarily disable endpoint detection and response (EDR) systems and antivirus software without requiring vulnerable drivers, marking a significant evolution in attack techniques targeting security solutions. Advanced Evasio…GBHACKERS.COM
22 SepExtinction Level Cyber Vulnerability Now FixedCybersecurity Today: Major Vulnerabilities and Attacks Uncovered Join host David Shipley for today's cybersecurity updates on the last day of summer 2025. In this episode, we delve deep into Microsoft's critical Entra ID vulnerability, a cyber attack crippling major European airp…CYBERSECURITYTODAY.LIBSYN.COM
22 SepHackers Abuse GitHub Pages to Spread Stealer Malware to macOS UsersA sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to unsuspecting victims. The LastP…GBHACKERS.COM
22 SepCSO Awards winners highlight security innovation and transformationThe task of securing an organization’s data and systems has become increasingly complex. It has also become more critical, as organizations increasingly digitize their business operations. Security leaders have risen to the challenge, implementing innovative programs that strengt…CSOONLINE.COM
22 SepCybercriminals Exploit ICS Computers via Scripts and Phishing AttacksIndustrial control systems (ICS) continue to face increasing cybersecurity challenges as threat actors employ sophisticated malicious scripts and phishing campaigns to target critical infrastructure. According to new data from Q2 2025, while overall attack rates have shown a marg…GBHACKERS.COM
22 SepCanada Police Shuts Down TradeOgre After $56M Crypto TheftMontréal, Quebec, September 18, 2025 – In an unprecedented operation, the Royal Canadian Mounted Police (RCMP) Federal Policing – Eastern Region has executed the largest cryptocurrency seizure in Canadian history, recovering over 56 million dollars from the now-defunct TradeOgre …GBHACKERS.COM
22 SepDisruption is Coming for the Vulnerability Management Market - Tod Beardsley - ESW #425Interview with Tod Beardsley This interview is sponsored by runZero. Legacy vulnerability management (VM) hasn't innovated alongside of attackers, and it shows. Let's talk about the state of VM. Check out https://securityweekly.com/runzero to learn more! Topic Segment: NPM Incide…YOUTUBE.COM
22 SepSubtle Snail Impersonation Tactics: How HR Representatives Can Engage Employees to Steal Login CredentialsSubtle Snail, an Iran-linked espionage group also tracked as UNC1549 under the Unyielding Wasp (Tortoiseshell) umbrella of the Charming Kitten network, has shifted its focus to European telecom, aerospace, and defense firms since June 2022. In a recent wave of attacks, the group …GBHACKERS.COM
22 SepInboxfuscation Tool Bypasses Exchange Inbox Rules and Evades DetectionAdvanced persistent threat actors increasingly target Microsoft Exchange inbox rules to maintain persistence and siphon sensitive data without raising alarms. The newly released Inboxfuscation tool delivers a Unicode-based obfuscation framework capable of generating malicious inb…GBHACKERS.COM
22 SepEuropean airports continue to crawl after a cyberattack on Collins’ MUSE systemsA cyberattack that began late Friday on an airline service provider in Europe has caused widespread disruption at several of Europe’s busiest airports, triggering flight delays, cancellations, and the fallback to manual check-in and boarding operations. The outage hit Collins Aer…CSOONLINE.COM
22 Sep⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & MoreThe security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become th…THEHACKERNEWS.COM
22 SepAI-powered phishing scams now use fake captcha pages to evade detectionIn an attempt to evade security tools, cybercriminals are now leveraging AI to craft sophisticated phishing campaigns using fake captcha pages. The pages appear legitimate to users, effectively bypassing security filters and capturing sensitive information. Identified by Trend Mi…CSOONLINE.COM
22 SepResearchers Earn $150,000 for L1TF Exploit Leaking Data From Public CloudL1TF Reloaded is a vulnerability combining the old L1TF and half-Spectre hardware flaws to bypass deployed software mitigations. The post Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepThreat Actors Exploit Oracle Database Scheduler to Infiltrate Corporate NetworksThreat actors have begun exploiting the Oracle Database Scheduler’s External Jobs feature to execute arbitrary commands on corporate database servers, enabling stealthy initial footholds and rapid escalation of privileges. By abusing the extjobo.exe executable, attackers can run …GBHACKERS.COM
22 SepSecurity review of PHP documentationThe Open Source Technology Improvement Fund, Inc. , engaged with Quarkslab to perform a security audit of the code snippets in the English version of PHP documentation , focused on some specific pages.QUARKSLAB.COM
22 SepNew EDR-Freeze tool uses Windows WER to suspend security softwareA new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft's Windows Error Reporting (WER) system. [...]BLEEPINGCOMPUTER.COM
22 SepEx-lobbyist for Meta becomes Irish data protection commissionerThe Irish government has appointed Niamh Sweeney as a new member of the Data Protection Commission (DPC), the country’s data protection commission, which also has the main responsibility in the EU for monitoring that the big tech giants comply with European data protection laws. …CSOONLINE.COM
22 SepAutomaker giant Stellantis confirms data breach after Salesforce hackAutomotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers' data after gaining access to a third-party service provider's platform. [...]BLEEPINGCOMPUTER.COM
22 SepAmerican Archive of Public Broadcasting fixes bug exposing restricted media​A vulnerability in the American Archive of Public Broadcasting's website allowed downloading of protected and private media for years, with the flaw quietly patched this month. [...]BLEEPINGCOMPUTER.COM
22 SepSonicWall Releases Advisory for Customers after Security IncidentSonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web p…CISA.GOV
22 Sep KEVAnton’s Security Blog Quarterly Q3 2025Amazingly, Medium has fixed the stats so my blog / podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog , Google Cloud community blog , and our Cloud Security Podcast ( subscribe on Spotify). Gemini for docs based on…MEDIUM.COM
📢 SECURITY ADVISORIES 8[−]
22 SepMycroft Raises $3.5 Million for AI-Powered Security and Compliance PlatformThe Canada-based company has emerged from stealth with autonomous AI agents designed to manage and operate the security and IT stack. The post Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepTop 10 Best Cybersecurity Compliance Management Software in 2025Cybersecurity compliance has become a mission-critical part of modern business operations. With the rise of data privacy laws, global regulations, and increasing cyber threats, organizations need reliable compliance management software to stay secure and audit-ready. The best com…GBHACKERS.COM
🔥 INCIDENT REPORTING 10[−]
22 SepMalTerminal: New GPT-4-Powered Malware That Writes Its Own RansomwareA groundbreaking discovery in cybersecurity research has revealed the emergence of ‘MalTerminal’, potentially the earliest known example of Large Language Model (LLM)-enabled malware that leverages OpenAI’s GPT-4 API to dynamically generate ransomware code …GBHACKERS.COM
22 SepHackerangriff legt Flughäfen lahmDie Folgen des Cyberangriffs auf den Flughafen-Dienstleister Collins Aerospace sind am Berliner Flughafen noch immer zu spüren. Tony_Papageorge – shutterstock.com Wie die Tageschau berichtet, wurde der IT-Dienstleister Collins Aerospace am Freitagabend (19. September) von Cyberkr…CSOONLINE.COM
22 SepKawa4096 Ransomware Targets Multinational Corporations to Steal Sensitive DataIn June 2025, a previously unknown ransomware group dubbed Kawa4096 emerged, immediately drawing attention by targeting multinational organizations across diverse industries, including finance, education and services, in countries such as Japan and the United States. While no pub…GBHACKERS.COM
22 SepBlackLock Ransomware Targets Windows, Linux, and VMware ESXi SystemsBlackLock, a rebranded ransomware group formerly known as El Dorado, has emerged as a formidable threat to organizations worldwide. First identified in June 2024 when its Dedicated Leak Site (DLS) began exposing victim data, the gang is believed to have been active since March 20…GBHACKERS.COM
22 SepEuropean Airport Disruptions Caused by Ransomware AttackCollins Aerospace is reportedly having difficulties recovering from the ransomware attack. The post European Airport Disruptions Caused by Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepStellantis Confirms Data Breach Affecting Citroën, Fiat, Jeep, and MoreAutomotive giant Stellantis has confirmed a significant data breach affecting its North American customer service operations, potentially impacting customers across its portfolio of brands including Citroën, Fiat, Jeep, Chrysler, and other subsidiaries. The company detected unaut…GBHACKERS.COM
22 SepEU cyber agency confirms ransomware attack causing airport disruptionsA cyberattack targeting Collins Aerospace, a provider of airport check-in systems, sparked delays and disrupted flights across Europe over the weekend.TECHCRUNCH.COM
22 SepComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian CyberattacksOrganizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, rese…THEHACKERNEWS.COM
22 SepAutomaker giant Stellantis says customers’ personal data stolen during breachOne report says, citing the hackers who took credit for the breach, that 18 million customer records were stolen from Stellantis' customer database.TECHCRUNCH.COM
22 SepAirport disruptions in Europe caused by a ransomware attackThe disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 15[−]
22 SepISC Stormcast For Monday, September 22nd, 2025 https://isc.sans.edu/podcastdetail/9622, (Mon, Sep 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 SepThreat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUDCybersecurity researchers have identified a concerning development in the underground cybercrime marketplace: a sophisticated Remote Access Trojan (RAT) being marketed as a fully undetectable (FUD) alternative to the legitimate ScreenConnect remote access solution. This emerging …GBHACKERS.COM
22 SepPrivacy and Security Risks in the eSIM Ecosystem [pdf]submitted by floofloof to cybersecurity 1 points | 0 comments https://www.usenix.org/system/files/usenixsecurity25-motallebighomi.pdf cross-posted from: lemmy.bestiver.se/post/632089 CommentsINFOSEC.PUB
22 SepThreat Actors Fake FBI IC3 Portal to Steal Visitor InformationThe Federal Bureau of Investigation has issued a critical public service announcement warning citizens about cybercriminals creating sophisticated spoofed versions of the FBI’s Internet Crime Complaint Center (IC3) website to harvest sensitive personal information from unsu…GBHACKERS.COM
22 SepFBI Warns of Spoofed IC3 WebsiteThreat actors likely spoofed the official government website for personal information theft and monetary fraudulent activity. The post FBI Warns of Spoofed IC3 Website appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepMassive Lucid PhaaS Campaign: 17,500 Phishing Domains Mimic 316 Global BrandsCybersecurity researchers at Netcraft have uncovered two sophisticated phishing campaigns linked to the Lucid and Lighthouse Phishing-as-a-Service (PhaaS) platforms, revealing a massive operation that has deployed over 17,500 phishing domains targeting 316 brands across 74 countr…GBHACKERS.COM
22 SepWidespread Infostealer Campaign Targeting macOS UsersThreat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer. The post Widespread Infostealer Campaign Targeting macOS Users appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepDetails About Chinese Surveillance and Propaganda CompaniesDetails from leaked documents : While people often look at China’s Great Firewall as a single, all-powerful government system unique to China, the actual process of developing and maintaining it works the same way as surveillance technology in the West. Geedge collaborates with a…SCHNEIER.COM
22 SepHoundBytes Launches Automated Security AnalystThe Romania-based company has launched WorkHorse and is preparing for a funding round to accelerate growth. The post HoundBytes Launches Automated Security Analyst appeared first on SecurityWeek .SECURITYWEEK.COM
22 SepBlockBlasters Steam Game Disguises Malware as Patch for Computer DownloadBlockBlasters, a vibrant 2D platformer/shooter from Genesis Interactive, launched on July 31, 2025 to wide acclaim. However, on August 30, 2025, the developers released Build 19799326, ostensibly a routine patch. Security analysts at G DATA MXDR discovered that this update carrie…GBHACKERS.COM
22 SepUnit 221B raises $5 million to help track and disrupt today’s top hacking groupsThe seed funding raise will help Unit 221B expand its threat intelligence platform, which tracks the English-speaking youth hacking phenomenon.TECHCRUNCH.COM
22 SepFBI warns of cybercriminals using fake FBI crime reporting portalssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-fbi-crime-complaint-portals-used-for-cybercrime/SH.ITJUST.WORKS
22 Sep17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surgesubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/09/17500-phishing-domains-target-316.htmlSH.ITJUST.WORKS
22 SepSafe by Default: Building a Minimal Sandbox in Linuxsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://medium.com/@trevorwooll/safe-by-default-building-a-minimal-rootless-sandbox-on-linux-4fcc02d9bed0INFOSEC.PUB
22 SepMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 3[−]
22 SepLastPass: Fake password managers infect Mac users with malwareLastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. [...]BLEEPINGCOMPUTER.COM
22 SepWhy attackers are moving beyond email-based phishing attacksPhishing isn't just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel phishing where it happens — inside the browser. [...]BLEEPINGCOMPUTER.COM
22 SepWatch out for SVG files booby-trapped with malwareWhat you see is not always what you get as cybercriminals increasingly weaponize SVG files as delivery vectors for stealthy malwareWELIVESECURITY.COM
📡 INFOSEC NEWS 8[−]
22 SepVerified Steam game steals streamer's cancer treatment donationsA gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named Block Blasters that drained his cryptocurrency wallet. [...]BLEEPINGCOMPUTER.COM
22 SepWhat happens when a cybersecurity company gets phished?A Sophos employee was phished, but we countered the threat with an end-to-end defense processSOPHOS.COM
22 SepHow to Gain Control of AI Agents and Non-Human IdentitiesWe hear this a lot: “We’ve got hundreds of service accounts and AI agents running in the background. We didn’t create most of them. We don’t know who owns them. How are we supposed to secure them?” Every enterprise today runs on more than users. Behind the scenes, thousands of no…THEHACKERNEWS.COM
22 SepMicrosoft says recent updates cause DRM video playback issuesMicrosoft has confirmed a known issue that prevents some apps from playing Digital Rights Management (DRM) protected video content or displaying and recording live TV. [...]BLEEPINGCOMPUTER.COM
22 SepMozilla now lets Firefox add-on devs roll back bad updatesMozilla has announced a new feature that enables Firefox extension developers to roll back to previously approved versions, allowing them to quickly address critical bugs and issues. [...]BLEEPINGCOMPUTER.COM
22 SepVMScape attack | Kaspersky official blogCan a Spectre-based VMScape side-channel attack be used in practical hypervisor attacks?KASPERSKY.COM
22 SepMicrosoft lifts Windows 11 update block after face detection fixMicrosoft has removed a compatibility hold that prevented devices with integrated cameras from installing Windows 11 24H2 due to a face detection bug causing app freezes. [...]BLEEPINGCOMPUTER.COM