Category: Cyber Security

May 20, 2025Ravie LakshmananMalware / Cloud Security A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records. The hijacked domains are then used to host URLs that direct users to […]

May 20, 2025Ravie LakshmananCredential Theft / Browser Security An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. “The actor creates websites that masquerade as legitimate services, productivity tools, […]

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. “These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full […]

May 20, 2025The Hacker NewsPenetration Testing / Risk Management In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks […]

May 20, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, […]

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below – checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300 […]

May 20, 2025Ravie LakshmananLinux / Cryptojacking Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs. “RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on […]

May 19, 2025Ravie LakshmananRansomware / Malware Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. “Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early […]

May 19, 2025Ravie LakshmananMalware / Supply Chain Attack The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. “Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience,” the company said in a statement posted on its website. […]

Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk. At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive […]

May 19, 2025Ravie LakshmananBrowser Security / Vulnerability Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below – CVE-2025-4918 – An […]

May 19, 2025Ravie LakshmananThreat Intelligence / Cybersecurity Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing problems isn’t enough anymore—resilience needs to be built into […]

May 16, 2025Ravie LakshmananUnited States Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. “Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks,” […]

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework? In this article, we’ll explore data protection best […]

May 16, 2025Ravie LakshmananHardware Security / Vulnerability Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to […]

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. “Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain […]

May 16, 2025The Hacker NewsDevSecOps / Threat Detection Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don’t wait. They exploit […]

May 15, 2025Ravie LakshmananAI Training / Data Protection Austrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users’ data for training its artificial intelligence (AI) models without an explicit opt-in. The move […]

May 15, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. “Criminals targeted our customer support agents overseas,” the company said in a statement. “They used cash offers to convince a small group of insiders […]

May 15, 2025The Hacker NewsCompliance / Penetration Testing Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gaining access to customer data weeks before […]

May 15, 2025Ravie LakshmananBrowser Security / Web Security Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement […]

May 14, 2025Ravie LakshmananCybercrime / Cryptocurrency A Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee. According to a report published by blockchain analytics firm Elliptic, merchants on the marketplace have been found to […]

May 14, 2025Ravie LakshmananVulnerability / Malware Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw. “Improper limitation of a pathname to a restricted directory vulnerability […]

May 14, 2025Ravie LakshmananRansomware / Vulnerability At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from […]

May 14, 2025The Hacker NewsPhishing / Malware A new global phishing threat called “Meta Mirage” has been uncovered, targeting businesses using Meta’s Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CTM360 revealed that attackers behind Meta Mirage impersonate official Meta communications, tricking […]

A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors. Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service […]

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%. As attacks rise in volume and impact, many organizations […]

May 14, 2025Ravie LakshmananWindows Security / Threat Intelligence Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is “using crafted emails that impersonate invoices or financial documents to trick victims into […]

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in […]

May 14, 2025Ravie LakshmananVulnerability / Network Security Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0. “A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and […]