90Articles
9Categories
2025-09-25Date
🚨 CISA KEV 1[−]
25 Sep KEVCISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco DevicesToday, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-30333 and CVE-2025-20362 to the…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 16[−]
25 SepChinese spies had year-long access to US tech and legal firmsChinese threat actors deployed a custom Linux backdoor on compromised network edge devices to maintain persistent access into the networks of US legal services firms, software-as-a-service (SaaS) providers, business process outsourcers and technology companies. On average, these …CSOONLINE.COM
25 Sep KEVCisco IOS 0-Day RCE Vulnerability Actively TargetedCisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denia…GBHACKERS.COM
25 SepNVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessA critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team, the flaw stems from unsafe deserialization in the model checkp…GBHACKERS.COM
25 SepLinux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeA critical vulnerability in the Linux Kernel’s ksmbd file sharing component allows remote attackers to execute code with kernel privileges. Tracked as CVE-2025-38561, this flaw affects Linux distributions that include the ksmbd SMB server implementation. Authentication is require…GBHACKERS.COM
25 Sep KEVCisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS SoftwareCisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances. The company said the vulnerability, CVE-2025-20352 (CVSS…THEHACKERNEWS.COM
25 SepZendTo Flaw Lets Attackers Bypass Security Controls to Access Sensitive DataA critical vulnerability in the popular file-sharing tool ZendTo allows authenticated users to traverse system paths and access or modify sensitive files belonging to other users. The flaw, tracked as CVE-2025-34508, affects ZendTo versions 6.15-7 and earlier. An attacker can exp…GBHACKERS.COM
25 SepCisco IOS/XE Vulnerability Allows Unauthorized Access to Confidential DataCisco released an advisory describing a high-severity vulnerability (CVE-2025-20160) in its IOS and IOS XE platforms. The flaw stems from improper validation of the TACACS+ shared secret configuration. When TACACS+ is enabled but no secret is set, remote attackers or machine-in-t…GBHACKERS.COM
25 SepVulnerability in Salesforce AI could be tricked into leaking CRM dataA newly disclosed critical vulnerability in Salesforce’s Agentforce platform could trick the AI agent into leaking sensitive CRM data through indirect prompt injection. Researchers at Noma Security, who identified the bug dubbed “ForcedLeak,” said in a blog post shared with CSO a…CSOONLINE.COM
25 Sep KEVUrgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation DirectiveCisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild. The zero-day vulnerabilit…THEHACKERNEWS.COM
25 SepCisco admins urged to patch IOS, IOS XE devicesNetwork admins should quickly patch a vulnerability in Cisco Systems IOS and IOS XE software to remove a stack overflow condition in the software’s Simple Network Management Protocol (SNMP) subsystem or risk nasty attacks, say experts. “I wouldn’t delay patching,” says David Ship…NETWORKWORLD.COM
25 SepPatch now: Attacker finds another zero day in Cisco firewall softwareA critical zero-day vulnerability in certain Cisco Systems firewalls has to be patched immediately, US and UK cyber authorities warned Thursday. They said exploits of the hole are part of ongoing attacks on these and other network perimeter devices. The UK’s National Cyber Securi…CSOONLINE.COM
25 SepChromium: CVE-2025-10890 Side-channel information leakage in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.MSRC.MICROSOFT.COM
25 SepChromium: CVE-2025-10891 Integer overflow in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.MSRC.MICROSOFT.COM
25 SepChromium: CVE-2025-10892 Integer overflow in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
25 SepDie besten Cyber-Recovery-LösungenNicht greifende Recovery-Prozesse sind für Unternehmen ein Albtraumszenario, das dank ausgefeilter Angriffe immer öfter zur Realität wird. Arjuna Kodisinghe | shutterstock.com Im Rahmen traditioneller Incident-Response – und Recovery-Prozesse wird eine Kompromittierung identifizi…CSOONLINE.COM
25 SepHackers Exploit Hikvision Camera Flaw to Steal Sensitive DataSecurity researchers have observed renewed exploit campaigns targeting an eight-year-old backdoor in Hikvision cameras to harvest configuration files, user lists, and snapshots. Attackers automate scans across IP ranges, appending a base64-encoded “auth” parameter to management U…GBHACKERS.COM
25 SepAI coding assistants amplify deeper cybersecurity risksThe productivity improvements that arise from increasing use of AI coding tools are coming at the cost of greater security risks. While use of AI coding assistants decrease the number of shallow syntax errors, this is more than offset by an increase in more costly structural flaw…CSOONLINE.COM
25 SepLNK Malware Leverages Legit Windows Files to Slip Past DefensesIn a recently observed campaign emerging from Israel, threat actors have revived the use of Windows shortcut (.LNK) files to deliver a potent Remote Access Trojan (RAT). These seemingly innocuous shortcut files exploit Living-off-the-Land Binaries (LOLBins) such as odbcconf.exe t…GBHACKERS.COM
25 SepCisco Patches Zero-Day Flaw Affecting Routers and SwitchesThe security defect allows remote attackers with administrative privileges to execute arbitrary code as the root user. The post Cisco Patches Zero-Day Flaw Affecting Routers and Switches appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepMalware Deployment via Copyright Takedown Claims by Threat ActorsThreat actors from the Lone None group are exploiting copyright takedown notices to distribute sophisticated malware, including Pure Logs Stealer and a newly identified information stealer dubbed Lone None Stealer (also known as PXA Stealer). This analysis examines the campaign’s…GBHACKERS.COM
25 SepSetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsSecurity researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in Windows installers and updaters. The utility demonstrates how attackers can hijack privileged setup processes to run malicious paylo…GBHACKERS.COM
25 SepMalicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads ConfirmedCybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log and async_println, were published by the threat actor under the alias rus…THEHACKERNEWS.COM
25 SepHackers Use GitHub Notifications to Impersonate Y Combinator and Steal Wallet FundsA recent wave of sophisticated phishing attacks has targeted developers and startups by impersonating Y Combinator through GitHub notifications. Victims are being tricked into believing they’ve been selected for startup funding, only to face financial theft via fake verific…GBHACKERS.COM
25 SepChinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day IntelGoogle’s Threat Intelligence Group and Mandiant have shared findings on a recent BrickStorm campaign linked to UNC5221. The post Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepCTEM's Core: Prioritization and ValidationDespite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why?  It’s not because security teams can't see enough. Quite the contrary. Every security tool spits out thousands of findi…THEHACKERNEWS.COM
25 SepNew Malicious Rust Crates Impersonate fast_log to Steal Solana and Ethereum Wallet KeysA pair of malicious Rust crates masquerading as the popular fast_log library have been uncovered, harvesting private Solana and Ethereum keys from developers’ environments. The impostor crates include legitimate-looking logging functionality to evade detection, while a hidden rou…GBHACKERS.COM
25 SepRTX Confirms Airport Services Hit by RansomwareThe aerospace and defense giant has disclosed the cyberattack in a filing with the SEC. The post RTX Confirms Airport Services Hit by Ransomware appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepVolvo Group Reports Data Breach Following Ransomware Attack on HR VendorVolvo Group has disclosed that a recent ransomware attack on its human resources software provider, Miljödata, may have resulted in unauthorized access to personal information belonging to its North American workforce. The incident underscores growing concerns about thi…GBHACKERS.COM
25 SepChinese State-Sponsored Hackers Targeting Telecommunications Infrastructure to Steal Sensitive DataChinese state-sponsored cyber threat group Salt Typhoon has intensified long-term espionage operations against global telecommunications infrastructure, according to recent legal and intelligence reporting. Aligned with the Ministry of State Security (MSS) and active since at lea…GBHACKERS.COM
25 SepSalesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt InjectionCybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means…THEHACKERNEWS.COM
25 SepCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on September 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-268-01 Dingtian DT-R002 CISA encourages users and administrators to…CISA.GOV
25 SepSalesforce AI Hack Enabled CRM Data TheftPrompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak. The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepCisco warns of ASA firewall zero-days exploited in attacksCisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company's firewall software. [...]BLEEPINGCOMPUTER.COM
25 SepNew LockBit 5.0 Targets Windows, Linux, ESXiTrend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless cross-platform capabilities for Windows, Linux, and ESXi systems.TRENDMICRO.COM
25 SepCloud Security Alliance launches framework to improve SaaS securityIndependent security experts have welcomed what’s billed as the first standardized set of SaaS (software as a service) security controls. The SaaS Security Capability Framework (SSCF) , launched this week and backed by the Cloud Security Alliance, is designed to close long-standi…CSOONLINE.COM
25 SepIntroducing Microsoft Marketplace — Thousands of solutions. Millions of customers. One Marketplace.To empower customers in becoming Frontier, we’re excited to announce the launch of the reimagined Microsoft Marketplace, your trusted source for cloud solutions, AI apps and agents. The post Introducing Microsoft Marketplace — Thousands of solutions. Millions of customers. One Ma…BLOGS.MICROSOFT.COM
25 SepCISA orders agencies to patch Cisco flaws exploited in zero-day attacksCISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. [...]BLEEPINGCOMPUTER.COM
25 SepAttackers Use AI Development Tools to Craft Phony CAPTCHA PagesAttackers are abusing AI-powered development platforms like Lovable, Netlify and Vercel to create and host captcha challenge websites as part of phishing campaigns, according to researchers at Trend Micro. KNOWBE4.COM
25 SepA Vulnerability in Nx (build system) Package Could Allow for Sensitive Data ExfiltrationA vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and extensible build system designed for managing monorepos efficiently by providing features like dependency graph analysis, computation cach…CISECURITY.ORG
25 SepMultiple Vulnerabilities in Cisco Products Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco is a leading technology company best known for its networking hardware and software, such as routers and switches, that form the backbone of the …CISECURITY.ORG
📋 SECURITY BULLETINS 2[−]
25 SepMicrosoft will offer free Windows 10 security updates in EuropeMicrosoft will offer free extended security updates for Windows 10 users in the European Economic Area (EEA), which includes Iceland, Liechtenstein, Norway, and all 27 European Union member states. [...]BLEEPINGCOMPUTER.COM
25 SepBesides them trying to upsell me a new router, what does this mean?submitted by StarvingMartist to cybersecurity 1 points | 0 comments Is my network actually at any risk? Should I take any steps now that I’m not receiving security updates? This was a really expensive router and I’m going back to school so I’m definitely not going to be in the ma…SH.ITJUST.WORKS
📢 SECURITY ADVISORIES 4[−]
25 SepHackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessAttackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even after other malware is discovered and removed. Their deceptive appearances belied their dangerous functions: one im…GBHACKERS.COM
25 SepEvolved PXA Stealer wraps PureRAT in multi-layer obfuscationSecurity researchers have uncovered a Vietnamese threat group evolving from their custom PXA Stealer campaign into a multi-layered delivery chain dropping PureRAT, a feature-rich remote access trojan. According to a Huntress analysis, the group operates ten separate payload stage…CSOONLINE.COM
25 Sep KEVMit ShadowV2 wird DDoS zu einem Cloud-nativen Abo-DienstDDos-Attacken sind mittlerweile als Auftragsmodell verfügbar, wie eine aktuelle Analyse zeigt. Andrea Danti – Shutterstock.com Laut einer Darktrace-Analyse nutzt eine ShadowV2-Bot-Kampagne falsch konfigurierte Docker-Container auf AWS und rüstet sie für DDoS-as-a-Service-Angriffe…CSOONLINE.COM
🔥 INCIDENT REPORTING 10[−]
25 SepCultura - 1,462,025 breached accountsIn September 2024, French retailer Cultura was the victim of a cyber attack they attributed to an external IT service provider . The resultant data breach included almost 1.5M unique email addresses along with names, phone numbers, physical addresses and orders. Cultura advised t…HAVEIBEENPWNED.COM
25 SepSteam Confirms Malware Found in BlockBlasters GameSteam has officially confirmed that malware was discovered in the popular indie game BlockBlasters. The announcement follows widespread player reports and security scans that flagged unusual activity in the game’s files. This incident raises concerns about game security and digit…GBHACKERS.COM
25 SepVolvo Group Employee Data Stolen in Ransomware AttackThe Miljödata data breach has impacted numerous organizations, education institutions, and Swedish municipalities. The post Volvo Group Employee Data Stolen in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepThreatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More/* ===== Container ===== */ .td-wrap {} /* ===== Section ===== */ .td-section { } .td-title { margin: 16px 0 4px; font-size: 32px; line-height: 1.2; font-weight: 800; } .td-subtitle { margin: 0 0 24px; color: #64748b; font-size: 16px; } /* ===== Timeline ===== */ .td-timeline { p…THEHACKERNEWS.COM
25 SepTeen suspected of Vegas casino cyberattacks released to parentsA 17-year-old hacker who surrendered to face charges over cyberattacks targeting Vegas casinos in 2023 has been released into the custody of his parents, a family court judge ruled. [...]BLEEPINGCOMPUTER.COM
25 SepChinese Cyberspies Hacked US Defense ContractorsRedNovember has been targeting government, defense and aerospace, and legal services organizations worldwide. The post Chinese Cyberspies Hacked US Defense Contractors appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepHow secure are passkeys, really? Here's what you need to knowPasswords are weak links—88% of breaches involve stolen creds. Learn more from Specops Software about how passkeys deliver phishing resistance, simpler logins & lower support costs (with some hurdles to adoption). [...]BLEEPINGCOMPUTER.COM
25 SepBQTLOCK Ransomware Attacking Windows Users Via Telegram to Encrypt Files and Delete BackupSecurity researchers have uncovered a new Ransomware-as-a-Service (RaaS) strain named BQTLOCK that is actively targeting Windows users through Telegram channels and dark web forums. Since mid-July, affiliates of the service have been distributing a ZIP archive containing a malici…GBHACKERS.COM
25 SepCo-op says it lost $107 million after Scattered Spider attackThe Co-operative Group in the U.K. released its interim financial results report for the first half of 2025 with a massive loss in operating profit of £80 million ($107 million) due to the cyberattack it suffered last April. [...]BLEEPINGCOMPUTER.COM
25 SepUnofficial Postmark MCP npm silently stole users' emailsA npm package copying the official 'postmark-mcp' project on GitHub turned bad with the latest update that added a single line of code to exfiltrate all its users' email communication. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
25 SepISC Stormcast For Thursday, September 25th, 2025 https://isc.sans.edu/podcastdetail/9628, (Thu, Sep 25th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
25 SepCOLDRIVER APT Group Uses ClickFix to Deliver New PowerShell-Based Backdoor BAITSWITCHRussia-linked threat actors continue targeting civil society with sophisticated social engineering campaigns and lightweight malware tools in September 2025. The campaign delivers two previously undocumented malware families: a downloader dubbed BAITSWITCH and a PowerShell-based …GBHACKERS.COM
25 SepBRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignPersistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked by Google Threat Intelligence Group (GTIG) and investigated by Mandiant Consulting, BRICKSTORM campaigns have maintained undet…GBHACKERS.COM
25 SepGcore Radar Report Reveals 41% Surge in DDoS Attack VolumesGcore, the global edge AI, cloud, network, and security solutions provider, today announced the findings of its Q1-Q2 2025 Radar report into DDoS attack trends. DDoS attacks have reached unprecedented scale and disruption in 2025, and businesses need to act fast to protect themse…GBHACKERS.COM
25 SepNew Phishing Scam Aims at PyPI Maintainers to Steal Login InformationA fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI maintainers. As malicious actors continually swap out domain names, PyPI users must remain vigilant and adopt stronger safeguards to protect their acco…GBHACKERS.COM
25 SepHackers Use AI-Generated Code to Obfuscate Payloads and Bypass Traditional DefensesA recent credential phishing campaign detected by Microsoft Threat Intelligence used AI-generated code within an SVG file to disguise malicious behavior. While the novel obfuscation techniques showcased attacker ingenuity, AI-powered defenses successfully blocked the attack—under…GBHACKERS.COM
25 SepCSA Unveils SaaS Security Controls Framework to Ease ComplexityNew framework from the Cloud Security Alliance helps SaaS customers navigate the shared responsibility model with confidence. The post CSA Unveils SaaS Security Controls Framework to Ease Complexity appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepMalicious-Looking URL Creation ServiceThis site turns your URL into something sketchy-looking. For example, www.schneier.com becomes https://cheap-bitcoin.online/firewall-snatcher/cipher-injector/phishing_sniffer_tool.html?form=inject&host=spoof&id=bb1bc121&parameter=inject&payload=%28function%28%29%7…SCHNEIER.COM
25 SepRedNovember Hackers Targeting Government and Tech Organizations to Install BackdoorIn July 2024, Recorded Future’s Insikt Group publicly exposed TAG-100, a cyber-espionage campaign leveraging the Go-based backdoor Pantegana against high-profile government, intergovernmental and private organizations worldwide. New evidence now attributes TAG-100 to a Chinese st…GBHACKERS.COM
25 SepPerspective: Why Politics in the Workplace is a Cybersecurity RiskBringing politics into professional spaces undermines decision-making, collaboration, and ultimately weakens security teams. The post Perspective: Why Politics in the Workplace is a Cybersecurity Risk appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepNorth Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto DevelopersThe North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor. Slovak cybersecurity firm ESET, which is tracking the activity under…THEHACKERNEWS.COM
25 SepBudgetprobleme bremsen Cybersicherheit ausDie meisten Unternehmen im DACH-Raum kämpfen mit Budgetproblemen, wenn es um das Thema Cybersicherheit geht. Gravica – shutterstock.com Bei einer Umfrage des Sicherheitsanbieters Sophos unter 300 C-Level-Managern, 200 davon aus Deutschland, hat ergeben, dass bei der Mehrheit der …CSOONLINE.COM
25 SepPyPI Warns Users of Fresh Phishing CampaignThreat actors impersonating PyPI ask users to verify their email for security purposes, directing them to fake websites. The post PyPI Warns Users of Fresh Phishing Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
25 SepXCSSET evolves again: Analyzing the latest updates to XCSSET’s inventoryMicrosoft Threat Intelligence has uncovered a new variant of the XCSSET malware, which is designed to infect Xcode projects, typically used by software developers building Apple or macOS-related applications. The post XCSSET evolves again: Analyzing the latest updates to XCSSET’s…MICROSOFT.COM
25 SepExploring GrapheneOS secure allocator: Hardened Mallocsubmitted by Andromxda to cybersecurity 1 points | 0 comments https://www.synacktiv.com/en/publications/exploring-grapheneos-secure-allocator-hardened-mallocSH.ITJUST.WORKS
25 SepLiving Security Unveils HRMCon 2025 Speakers as Report Finds Firms Detect Just 19% of Human RiskLiving Security, a global leader in Human Risk Management (HRM), today announced the full speaker lineup for the Human Risk Management Conference (HRMCon 2025), taking place October 20, 2025, at Austin’s Q2 Stadium and virtually worldwide. The announcement follows findings from t…GBHACKERS.COM
25 SepVane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud NetworkThe threat actor known as Vane Viper has been outed as a purveyor of malicious ad technology (adtech), while relying on a tangled web of shell companies and opaque ownership structures to deliberately evade responsibility. "Vane Viper has provided core infrastructure in widesprea…THEHACKERNEWS.COM
25 SepNew AI-Driven Phishing Platform Automates Attack CampaignsResearchers at Varonis warn of a new phishing automation platform called “SpamGPT” that “combines the power of generative AI with a full suite of email campaign tools.”KNOWBE4.COM
25 SepMicrosoft warns of new XCSSET macOS malware variant targeting Xcode devsMicrosoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. [...]BLEEPINGCOMPUTER.COM
25 SepDeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deceptionMalware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekersWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
25 SepIntroducing the CASI LeaderboardExplore the new AI security index for emerging trends in AI security.F5.COM
25 SepIntroducing the CASI LeaderboardsExplore the new AI security index for emerging trends in AI security.F5.COM
📡 INFOSEC NEWS 7[−]
25 SepTech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report FindsThe latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with lon…THEHACKERNEWS.COM
25 SepWebshells Hiding in .well-known Places, (Thu, Sep 25th)Ever so often, I see requests for files in .well-known recorded by our honeypots. As an example: ISC.SANS.EDU
25 SepMalicious Rust packages on Crates.io steal crypto wallet keysTwo malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal cryptocurrency private keys and other secrets. [...]BLEEPINGCOMPUTER.COM
25 SepEDR or XDR — which does your company need? | Kaspersky official blogIs your Endpoint Detection and Response solution enough — or is it time to switch to XDR?KASPERSKY.COM
25 SepAmazon pays $2.5 billion to settle Prime memberships lawsuitAmazon will pay $2.5 billion to settle claims by the U.S. Federal Trade Commission (FTC) that it used dark patterns to trick millions of users into enrolling in its Prime program and made it as difficult as possible to cancel the recurring subscriptions. [...]BLEEPINGCOMPUTER.COM
25 SepNew Supermicro BMC vulnerabilities open servers to malicious attacks on firmwareResearchers have published details of two new flaws in Supermicro baseband management controller (BMC) firmware that hint at deeper weaknesses in the way the company currently secures this type of low-level software. Supermicro is a leading maker of the server motherboards widely…NETWORKWORLD.COM
25 SepViral call-recording app Neon goes dark after exposing users’ phone numbers, call recordings, and transcriptsCall recording app Neon was one of the top-ranked iPhone apps, but was pulled offline after a security bug allowed any logged-in user to access the call recordings and transcripts of any other user.TECHCRUNCH.COM