94Articles
9Categories
2025-09-24Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
24 SepState-Sponsored Hackers Exploiting Libraesva Email Security Gateway VulnerabilityLibraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity…THEHACKERNEWS.COM
24 Sep KEVCISA Issues Alert on Actively Exploited Google Chrome 0-Day VulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding an actively exploited zero-day vulnerability in Google Chrome.  The vulnerability, designated as CVE-2025-10585, affects the V8 JavaScript and WebAssembly engine within …GBHACKERS.COM
24 SepLibraesva Email Security Gateway Vulnerability Exploited by Nation-State HackersTracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments. The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
24 SepHackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM CredentialsCloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-5…THEHACKERNEWS.COM
24 SepSalesforce CLI Installer Flaw Lets Attackers Run Code and Gain SYSTEM-Level AccessA serious security flaw in the Salesforce CLI installer (sf-x64.exe) has been assigned CVE-2025-9844. This weakness allows attackers to execute arbitrary code with SYSTEM-level privileges on Windows machines. Users who installed Salesforce CLI from untrusted sources may be at ris…GBHACKERS.COM
24 SepOnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User PermissionA newly disclosed flaw in OnePlus OxygenOS lets any app on a device read SMS and MMS messages without asking the user. Tracked as CVE-2025-10184, the issue stems from a permission bypass in the Telephony content provider (com.android.providers.telephony). Normally, apps must hold…GBHACKERS.COM
24 SepAttackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationIn January 2025, Supermicro released patches addressing critical vulnerabilities in its Baseboard Management Controller (BMC) firmware validation logic. Despite these updates, subsequent research has uncovered bypass techniques that undermine signature verification and even compr…GBHACKERS.COM
24 SepTwo Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI ModelsCybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered…THEHACKERNEWS.COM
24 SepOnePlus leaves researchers on read over Android bug that exposes texts: Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick upsubmitted by Pro to cybersecurity 1 points | 0 comments https://www.rapid7.com/blog/post/cve-2025-10184-oneplus-oxygenos-telephony-provider-permission-bypass-not-fixed/ cross-posted from: programming.dev/post/37954980 The Register Forums .SH.ITJUST.WORKS
24 SepCVE-2025-55322 OmniParser Remote Code Execution VulnerabilityBinding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
24 SepApplication Security Posture Management – ein Kaufratgebersrcset="https://b2b-contenthub.com/wp-content/uploads/2025/09/Gorodenkoff_shutterstock_2288178559_16z9.jpg?quality=50&strip=all 7200w, https://b2b-contenthub.com/wp-content/uploads/2025/09/Gorodenkoff_shutterstock_2288178559_16z9.jpg?resize=300%2C168&quality=50&strip=…CSOONLINE.COM
24 Sep5 questions CISOs should ask vendorsPhone, emails, and LinkedIn messages — CISOs are flooded with vendors pitching their security products. Outreach attempts can be up to 30 a week. Whether it’s a video call or in-office presentation, when CISOs do engage with a new vendor, a shortlist of key questions will help th…CSOONLINE.COM
24 SepRearchitecting Systems for Privacy as AI Agents Force You to Rethink Security - Guilla... - BSW #414As AI and cloud-based services power our connected world, individuals are facing an unprecedented privacy crisis. With more than 2.3 billion people entrusting their data to the cloud and centralized servers, cyberattacks, data breaches, surveillance, identity theft, and privacy t…YOUTUBE.COM
24 SepCritical DNN Platform Vulnerability Let Attackers Execute Malicious ScriptsA severe Stored Cross-Site Scripting (XSS) vulnerability in the Prompt module of the DNN Platform enables low-privilege attackers to inject and execute arbitrary scripts in the context of privileged users. Published as GHSA-2qxc-mf4x-wr29 by Daniel Valadas yesterday, this vulnera…GBHACKERS.COM
24 SepCISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE FlawFederal cybersecurity agency CISA has disclosed that attackers exploited a remote code execution vulnerability in GeoServer to breach a U.S. federal civilian executive branch agency. The incident response began after endpoint detection alerts sounded at the agency. Over three wee…GBHACKERS.COM
24 SepMacs go phishing as GitHub impostors drop Atomic stealerIn an active, large-scale campaign, attackers are posing as legitimate brands on GitHub Pages to target macOS users with the data-skimming “Atomic” stealer. According to recent findings from LastPass, which itself was targeted in the campaign, attackers are using SEO tricks to pu…CSOONLINE.COM
24 SepWhat I learned extending zero trust to the storage layerWhen I first started thinking seriously about applying zero trust principles to the storage layer, it wasn’t because of some white paper or vendor presentation. It was because of what I saw happen during a ransomware incident that still keeps me up at night. The attackers didn’t …CSOONLINE.COM
24 SepChromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsA new study has uncovered a method for silently installing custom extensions on Chromium-based browsers running in Windows domain environments. By exploiting how Chrome and its relatives store extension settings and security checks in preference files, attackers can inject arbitr…GBHACKERS.COM
24 SepGeoServer Flaw Exploited in US Federal Agency HackThe hackers remained undetected for three weeks, deploying China Chopper, remote access scripts, and reconnaissance tools. The post GeoServer Flaw Exploited in US Federal Agency Hack appeared first on SecurityWeek .SECURITYWEEK.COM
24 SepNew YiBackdoor Malware Shares Major Code Overlaps with IcedID and LatrodectusCybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share "significant" source code overlaps with IcedID and Latrodectus. "The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Lat…THEHACKERNEWS.COM
24 Sep KEViframe Security Exposed: The Blind Spot Fueling Payment Skimmer AttacksThink payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe secu…THEHACKERNEWS.COM
24 SepCISA says hackers breached federal agency using GeoServer exploitsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/cisa-says-hackers-breached-federal-agency-using-geoserver-exploit/SH.ITJUST.WORKS
24 SepAttackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update ServersAttackers have discovered a way to exploit Google’s core services, Google Meet, YouTube, Chrome update servers and more using a technique called domain fronting. By making their malicious traffic appear as legitimate connections to high-trust domains, adversaries can tunnel data …GBHACKERS.COM
24 SepMultiple Apps on Google’s Firebase Platform Exposing Sensitive DataA comprehensive security analysis has revealed a widespread vulnerability affecting Firebase-powered mobile applications, with over 150 popular apps inadvertently exposing sensitive user data through misconfigured Google Firebase services. The scope of this security crisis dwarfs…GBHACKERS.COM
24 SepUNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology SectorsCompanies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs), and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity…THEHACKERNEWS.COM
24 SepPolice seizes $439 million stolen by cybercrime rings worldwideIn a five-month joint operation led by Interpol, law enforcement agencies have seized more than $439 million in cash and cryptocurrency linked to cyber-enabled financial crimes that impacted thousands of victims worldwide. [...]BLEEPINGCOMPUTER.COM
24 SepExploit Attempts Against Older Hikvision Camera Vulnerability, (Wed, Sep 24th)I notice a new URL showing up in our web honeypot logs, which looked a bit interesting: ISC.SANS.EDU
24 SepUnpatched flaw in OnePlus phones lets rogue apps text messagesA vulnerability in multiple OnePlus OxygenOS versions allows any installed app to access SMS data and metadata without requiring permission or user interaction. [...]BLEEPINGCOMPUTER.COM
24 SepCisco warns of IOS zero-day vulnerability exploited in attacksCisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks. [...]BLEEPINGCOMPUTER.COM
24 SepRetail at risk: How one alert uncovered a persistent cyberthreat​​In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations. With 60% of retail companies reporting operational disruptions from cyberattacks and 43% experiencing breaches in the past year, the stakes have never been higher. This …MICROSOFT.COM
24 SepDecoupled SIEM: Where I Think We Are Now?This is an ILLUSTRATION by Gemini, NOT a technical diagram :-) In the world of security operations, there is a growing fascination with the concept of a “decoupled SIEM,” where detection, reporting, workflows, data storage, parsing (sometimes) and collection are separated into di…MEDIUM.COM
24 SepSmashing Security podcast #436: The €600,000 gold heist, powered by ransomwareRansomware doesn’t just freeze computers - it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” ha…GRAHAMCLULEY.COM
📋 SECURITY BULLETINS 3[−]
24 SepChrome High-severity Flaws Expose Sensitive Data, Trigger System CrashesGoogle has released an urgent security update for its Chrome browser, addressing three high-severity vulnerabilities that could allow attackers to leak sensitive information and cause system instability. The latest Chrome version 140.0.7339.207/.208 for Windows and Mac, and 140.0…GBHACKERS.COM
24 SepSonicWall Issues Emergency Patch to Remove ‘OVERSTEP’ Rootkit Malware on SMA DevicesSonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This backdoor malware was discovered in older SMA firmware versions and can give attackers persistent access to affected de…GBHACKERS.COM
24 SepSonicWall Updates SMA 100 Appliances to Remove Overstep MalwareThe software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign. The post SonicWall Updates SMA 100 Appliances to Remove Overstep Malware appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 4[−]
🔥 INCIDENT REPORTING 20[−]
24 SepGitHub's NPM Lockdown, Deep Fake Threats, and Yellowknife's Cyber Incident: Cybersecurity TodayCybersecurity Today: GitHub's NPM Lockdown, Deep Fake Threats, and Yellowknife's Cyber Incident In this episode of 'Cybersecurity Today', host Jim Love discusses GitHub's response to widespread supply chain attacks in the NPM ecosystem, the alarming rise of deep fake attacks as h…CYBERSECURITYTODAY.LIBSYN.COM
24 SepJaguar Land Rover Factory Reopening Delayed After Cyber AttackJaguar Land Rover (JLR) has announced a further delay to the reopening of its production lines following a sophisticated cyber attack. The pause in manufacturing has been extended until Wednesday, 1 October 2025, to allow the investigation to progress and to ensure a secure retur…GBHACKERS.COM
24 SepIranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industriessubmitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://hackread.com/iranian-hackers-fake-job-breach-europe-industries/ cross-posted from: lemmy.sdf.org/post/42855947 Archived Here is the technical report: Nimbus Manticore Deploys New Malware Targeting Europe A gr…INFOSEC.PUB
24 SepIranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industriessubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://hackread.com/iranian-hackers-fake-job-breach-europe-industries/ cross-posted from: lemmy.sdf.org/post/42855947 Archived Here is the technical report: Nimbus Manticore Deploys New Malware Targeting Europe A gr…SH.ITJUST.WORKS
24 SepBouygues Telecom - 5,685,771 breached accountsIn August 2025, the French telecommunications company Bouygues Telecom detected a cyber attack against their services . The incident resulted in a data breach that exposed almost 6.4M customer records, including 5.7M unique email addresses. The breach also exposed names, physical…HAVEIBEENPWNED.COM
24 SepAllianz: Cyberabwehr hilft – Hacker suchen leichtere Beutesrcset="https://b2b-contenthub.com/wp-content/uploads/2025/09/shutterstock_2655961529.jpg?quality=50&strip=all 9504w, https://b2b-contenthub.com/wp-content/uploads/2025/09/shutterstock_2655961529.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
24 SepNach Cyberangriff: IT-Störung in Hoppegarten dauert anDer Cyberangriff auf die Gemeinde Hoppegarten im August sorgt aktuell noch immer für IT-Probleme. Vectors Bang – shutterstock.com Am 10. August funktionierte in der Gemeinde Hoppegarten (Brandenburg) fast nichts mehr. Aufgrund einer Hackerattacke musste die Verwaltung damals ihre…CSOONLINE.COM
24 SepThe Ransomware Speed CrisisThere is a ransomware speed crisis. Attacks have accelerated 100x faster since 2021. Discover why traditional security fails and build AI-powered defenses. The post The Ransomware Speed Crisis appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
24 SepEV Charging Provider Confirm Data Breach - Customers Personal Data Exposedsubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/ev-charging-provider-data-breach/SH.ITJUST.WORKS
24 SepEuropean Airport Cyberattack Linked to Obscure Ransomware, Suspect ArrestedCybersecurity researchers believe the attack on Collins Aerospace involved a piece of ransomware known as HardBit. The post European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested appeared first on SecurityWeek .SECURITYWEEK.COM
24 SepUK police arrest man linked to ransomware attack that caused airport disruptions in EuropeThe U.K.s National Crime Agency said the investigation into the ransomware attack against Collins Aerospace is “in its early stages and remains ongoing.”TECHCRUNCH.COM
24 SepNew YiBackdoor Allows Attackers to Execute Arbitrary Commands and Exfiltrate Sensitive Data from Hacked Systemssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/new-yibackdoor-allows-attackers-to-execute-arbitrary-commands/SH.ITJUST.WORKS
24 SepUK Police Arrest Suspect Tied to Ransomware Attack on European AirportsA person in his forties has been arrested in connection with a cyber-attack that caused days of disruption at several major European airports, including London Heathrow. The National Crime Agency (NCA) confirmed that officers detained the man on Tuesday evening in West Sussex on …GBHACKERS.COM
24 SepUK arrests suspect for RTX ransomware attack causing airport disruptionsThe UK's National Crime Agency has arrested a suspect linked to a ransomware attack that is causing widespread disruptions across European airports. [...]BLEEPINGCOMPUTER.COM
24 SepAttackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious DownloadsSecurity researchers have discovered a wave of attacks that use in-memory PE loaders to slip past endpoint detection and response (EDR) systems. In these incidents, threat actors deliver a small downloader to victims via malicious links or attachments. Once executed, th…GBHACKERS.COM
24 SepHackers Target Casino Operator Boyd GamingBoyd Gaming has informed the SEC about a data breach affecting the information of employees and other individuals. The post Hackers Target Casino Operator Boyd Gaming appeared first on SecurityWeek .SECURITYWEEK.COM
24 SepObscura, an obscure new ransomware variantHuntress analysts discovered a previously unseen ransomware variant, Obscura, spreading from a victim company's domain controller. Learn how Obscura works—and what it means for defenders—in this week's Tradecraft Tuesday. [...]BLEEPINGCOMPUTER.COM
24 SepINC ransomware: what you need to knowINC is the name of a ransomware-as-a-service (RaaS) operation that first appeared in late summer 2023. Learn more about what it has been up to, and how to protect against its attacks, in my article on the Fortra blog.FORTRA.COM
24 SepThis Is How Your LLM Gets CompromisedPoisoned data. Malicious LoRAs. Trojan model files. AI attacks are stealthier than ever—often invisible until it’s too late. Here’s how to catch them before they catch you.TRENDMICRO.COM
24 SepDomino Effect: How One Vendor's AI App Breach Toppled GiantsA single AI chatbot breach at Salesloft-Drift exposed data from 700+ companies, including security leaders. The attack shows how AI integrations expand risk, and why controls like IP allow-listing, token security, and monitoring are critical.TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 23[−]
24 SepISC Stormcast For Wednesday, September 24th, 2025 https://isc.sans.edu/podcastdetail/9626, (Wed, Sep 24th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
24 SepNew “YiBackdoor” Malware Lets Hackers Run Commands and Steal DataCybersecurity researchers at Zscaler ThreatLabz have identified a sophisticated new malware strain dubbed YiBackdoor, first detected in June 2025. This emerging threat represents a significant evolution in backdoor technology, sharing substantial code similarities with establishe…GBHACKERS.COM
24 SepShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS CampaignDarktrace’s latest investigation uncovered a novel campaign that blends traditional malware with modern DevOps technology. At the center of this operation lies a Python-based command-and-control (C2) framework hosted on GitHub CodeSpaces. The threat actors leverage a multi-stage …GBHACKERS.COM
24 SepKali Linux 2025.3 Launches With Fresh Features and 10 New Pentesting ToolsKali Linux 2025.3 has arrived, bringing a wave of improvements, updated firmware support, and a suite of ten new security tools. This release builds on the June 2025.2 update by refining core workflows, extending wireless capabilities, and preparing the distribution for emerging …GBHACKERS.COM
24 SepNorth Korean IT Worker Gains Access to Organization’s Network Through Innocent Job ApplicationIn today’s complex threat landscape, adversaries increasingly favor “malware-less” intrusion methods that slip past traditional defenses. One particularly insidious scheme involves North Korean operatives posing as legitimate remote IT professionals to infiltrate corporate networ…GBHACKERS.COM
24 SepRainyDay, Turian and Naikon Malwares Abuse DLL Search Order to Execute Malicious LoadersCisco Talos has uncovered a sophisticated, long-running campaign active since 2022 that leverages DLL search order hijacking to deliver a novel PlugX variant with overlapping characteristics of the RainyDay and Turian backdoors. This operation, targeting telecommunications and ma…GBHACKERS.COM
24 SepRecord-Breaking DDoS Attack Peaks at 22 Tbps and 10 BppsThe attack was aimed at a European network infrastructure company and it has been linked to the Aisuru botnet. The post Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps appeared first on SecurityWeek .SECURITYWEEK.COM
24 SepGitHub Boosting Security in Response to NPM Supply Chain AttacksGitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing. The post GitHub Boosting Security in Response to NPM Supply Chain Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
24 SepBanking Trojans Targeting Android Users Disguise as Government and Trusted Payment AppsSince August 2024, a financially motivated threat group has been targeting Android users in Indonesia and Vietnam with banking trojans disguised as official government identity and payment applications. By employing elaborate download mechanisms, reusing infrastructure, and lever…GBHACKERS.COM
24 SepUS Disrupts Massive Cell Phone Array in New YorkThis is a weird story : The US Secret Service disrupted a network of telecommunications devices that could have shut down cellular systems as leaders gather for the United Nations General Assembly in New York City. The agency said on Tuesday that last month it found more than 300…SCHNEIER.COM
24 SepHow One Bad Password Ended a 158-Year-Old BusinessMost businesses don't make it past their fifth birthday - studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of Old) celebrated more than a century and a half of operations, it had mastered t…THEHACKERNEWS.COM
24 SepRussian Disinformation Campaign Targets Moldova’s Upcoming ElectionsA sophisticated effort by Russian-linked actors is seeking to sway public opinion ahead of Moldova’s September 28, 2025, vote, raising concerns over foreign interference in the nation’s democratic process. Analysis of these sites revealed a technical fingerprint linking them to a…GBHACKERS.COM
24 SepNPM package caught using QR Code to fetch cookie-stealing malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/npm-package-caught-using-qr-code-to-fetch-cookie-stealing-malware/SH.ITJUST.WORKS
24 SepAI vs. AI: Detecting an AI-obfuscated phishing campaignMicrosoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a broader trend of attackers leveraging AI to increase the effectiveness of their o…MICROSOFT.COM
24 SepWeaponized Malware: GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreA large-scale campaign targeting Mac users is leveraging fake GitHub pages to distribute information-stealing malware disguised as popular legitimate applications. Among the impersonated software are Malwarebytes for Mac, LastPass, Citibank, SentinelOne, and scores of other well-…GBHACKERS.COM
24 SepShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS Campaignsubmitted by kid to cybersecurity 2 points | 0 comments https://gbhackers.com/shadowv2-botnet/SH.ITJUST.WORKS
24 SepGoogle: Brickstone malware used to steal U.S. orgs' data for over a yearSuspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors. [...]BLEEPINGCOMPUTER.COM
24 SepWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
24 SepAnother BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectorssubmitted by Pro to cybersecurity 1 points | 0 comments https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign cross-posted from: programming.dev/post/38003443INFOSEC.PUB
24 SepAnother BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectorssubmitted by Pro to cybersecurity 1 points | 0 comments https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign cross-posted from: programming.dev/post/38003443SH.ITJUST.WORKS
24 SepChinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt StrikeA suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, wh…THEHACKERNEWS.COM
24 SepGoogle: Brickstorm malware used to steal U.S. orgs' data for over a yearSuspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors. [...]BLEEPINGCOMPUTER.COM
24 SepAccelerating adoption of AI for cybersecurity at DEF CON 33Posted by Elie Bursztein and Marianna Tishchenko, Google Privacy, Safety and Security Team Empowering cyber defenders with AI is critical to tilting the cybersecurity balance back in their favor as they battle cybercriminals and keep users safe. To help accelerate adoption o…SECURITY.GOOGLEBLOG.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
24 SepQR codes become the vehicle for malware in new techniqueQR codes are ubiquitous these days, as they are an easy way to deliver marketing content or direct users to websites and apps. They have also become a hiding place for malicious code. A threat research team at cybersecurity company Socket has discovered what it called “a sophisti…INFOWORLD.COM
24 SepNew Supermicro BMC flaws can create persistent backdoorsTwo vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
24 SepRisky Business #808 -- Insane megabug in Entra left all tenants exposedOn this week’s show Patrick Gray and special guest Rob Joyce discuss the week’s cybersecurity news, including: Secret Service raids a SIM farm in New York MI6 launches a dark web portal Are the 2023 Scattered Spider kids finally getting their comeuppance? Production halt continue…RISKY.BIZ
📡 INFOSEC NEWS 9[−]
24 SepFeds Tie ‘Scattered Spider’ Duo to $115M in RansomsU.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges ca…KREBSONSECURITY.COM
24 SepGitHub notifications abused to impersonate Y Combinator for crypto theftA massive phishing campaign targeted GitHub users with cryptocurrency drainers, delivered via fake invitations to the Y Combinator (YC) W2026 program. [...]BLEEPINGCOMPUTER.COM
24 SepPyPI urges users to reset credentials after new phishing attacksThe Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. [...]BLEEPINGCOMPUTER.COM
24 SepLovense ignored app vulnerabilities for eight years | Kaspersky official blogFor years, Lovense failed to fix vulnerabilities in its intimate-toy apps that exposed user emails and enabled account takeovers.KASPERSKY.COM
24 SepStep into the future: The full AI Stage at TechCrunch Disrupt 2025The AI Stage at TechCrunch Disrupt 2025, happening October 27–29 in San Francisco, is officially locked and loaded, featuring the powerhouses shaping the future of artificial intelligence. Explore the full agenda and grab your pass with savings of up to $668.TECHCRUNCH.COM
24 SepKali Linux 2025.3 released with 10 new tools, wifi enhancementsKali Linux has released version 2025.3, the third version of 2025, featuring ten new tools, Nexmon support, and NetHunter improvements. [...]BLEEPINGCOMPUTER.COM
24 SepNeon, the No. 2 social app on the Apple App Store, pays users to record their phone calls and sells data to AI firmsA new call recording app is gaining traction for offering to pay users for voice data from calls, which is sold to AI companies.TECHCRUNCH.COM
24 SepOpenAI is testing a new GPT-5-based AI agent "GPT-Alpha"OpenAI is internally testing a new version of its AI agent, which uses a special version of GPT-5 dubbed "GPT-Alpha." [...]BLEEPINGCOMPUTER.COM