Cybersecurity News from Across the Internet
Researchers say a Russian group sanctioned by the European Union and wanted by the U.S. government is behind an influence operation targeting upcoming elections in Moldova. In a report released Tuesday, researchers at the Atlantic Council’s Digital Forensic Research Lab said that REST Media — an online news outlet launched in June whose posts have … Read More “Researchers say media outlet targeting Moldova is a Russian cutout – CyberScoop” »
Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are – Read More – The … Read More “Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security – The Hacker News” »
Terminating their employment is the easy part. The rest is complicated. When enterprises discover they have inadvertently hired North Korean information technology workers, they face a cascade of urgent decisions involving sanctions law, cybersecurity protocols, and law enforcement cooperation that can expose them to significant legal and financial risks. Incident response experts and cybersecurity lawyers … Read More “What to do if your company discovers a North Korean worker in its ranks – CyberScoop” »
Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in … Read More “Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries – The Hacker News” »
New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Pittsburg, United States, 23rd September 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security. “This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 … Read More “U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN – The Hacker News” »
Nimbus Manticore intensified European cyber-espionage, targeting aerospace, telecom, defense sectors – Read More –
In episode 69 of The AI Fix, our hosts discover brain rot, a shark wears trainers on its fins, an AI writes a terrible J-Pop song, Graham learns that ants don’t care about AI, Mark predicts the precise date of Graham’s demise, Norway trusts $1.9 trillion to an AI investor, and Florida thins out its … Read More “The AI Fix #69: How we really use ChatGPT, and will AI agents crash the economy? – Graham Cluley” »
The Secret Service said Tuesday that it disrupted a network of electronic devices in the New York City area that posed imminent telecommunications-based threats to U.S. government officials and potentially the United Nations General Assembly meeting currently underway. The range of threats included enabling encrypted communications between threat groups and criminals, or disabling cell towers … Read More “Secret Service says it dismantled extensive telecom threat in NYC area – CyberScoop” »
Gartner research found that 62% of organizations have experienced a deepfake attack in the past 12 months – Read More –
Austin, Texas, USA, 23rd September 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of untrusted data that could result in code … Read More “SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw – The Hacker News” »
Rising hardware, API, and network flaws expose organizations to new risks in an AI-driven landscape – Read More –
Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web Services (AWS) cloud servers to deploy a Go-based malware that turns infected systems into attack nodes – … Read More “ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service – The Hacker News” »
Big companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over five years, Bank of America has shed 88,000 employees since 2010, and Verizon’s CEO recently boasted that headcount is “going down all the time.” What was once a sign of corporate distress has … Read More “Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation – The Hacker News” »
The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General’s office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & … Read More “Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »
Every SOC leader understands that faster threat detection is better. But the difference between knowing it and building… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
ReliaQuest report claims time from initial access to lateral movement has shrunk to just 18 minutes – Read More –
GitHub on Monday announced that it will be changing its authentication and publishing options “in the near future” in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack. This includes steps to address threats posed by token abuse and self-replicating malware by allowing local publishing with required … Read More “GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security – The Hacker News” »
Stellantis confirmed that customers’ personal information was potentially exposed – Read More –
Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker … Read More “BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells – The Hacker News” »
UK carmaker Jaguar Land Rover has said production will remain shuttered until October 1 – Read More –
In a world where information is the currency, its security has become the foundation of faith, development and creativity…. The post Why Tokenization is the Future of Data Security appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The Aadhaar system has always been the hallmark of secure citizen authentication in the realm of the digital identity… The post UIDAI 2025 Guidelines: Ensuring Aadhaar Data Compliance appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Posted by Burning River Cyber Con via Fulldisclosure on Sep 22 Burning River CyberCon is seeking submissions for our 2025 conference. We’re looking for presentations on all things infosec, from vulnerability research and exploit development to red teaming and security automation. Key Details: – CFP Link: https://burningrivercybercon.com/call-for-papers – CFP Closes: October 1, 2025 – … Read More “[CFP] Burning River Cyber Con ’25 – Cleveland, OH – Full Disclosure” »
Posted by Andrey Stoykov on Sep 22 # Exploit Title: Current Password not Required When Changing Password – flatpressv1.4.1 # Date: 09/2025 # Exploit Author: Andrey Stoykov # Version: 1.4.1 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/09/friday-fun-pentest-series-42-current.html Current Password not Required When Changing Password: Steps to Reproduce: – Login with admin user and … Read More “Current Password not Required When Changing Password – flatpressv1.4.1 – Full Disclosure” »
Posted by Andrey Stoykov on Sep 22 # Exploit Title: Stored HTML Injection – flatpressv1.4.1 # Date: 09/2025 # Exploit Author: Andrey Stoykov # Version: 1.4.1 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/09/friday-fun-pentest-series-41-stored.html Stored HTML Injection: Steps to Reproduce: – Login with admin user and visit “Main” > “New Entry” > “Write Entry” … Read More “Stored HTML Injection – flatpressv1.4.1 – Full Disclosure” »
Posted by Ron E on Sep 22 gmo2msg in libelf contains a stack-based buffer overflow in po/gmo2msg.c when constructing filenames from the first program argument (lang). The program uses a fixed-size local buffer (char buf[1024]) and writes into it using sprintf(buf, “%s.gmo”, lang) and sprintf(buf, “%s.msg”, lang) without validating the length of lang. Supplying … Read More “libelf 0.8.12 Stack-based buffer overflow in gmo2msg (libelf) via unbounded sprintf of lang argument – Full Disclosure” »
Posted by Stefan Kanthak via Fulldisclosure on Sep 22 Hi @ll, more than 2.5 years ago I posted “Defense in depth — the Microsoft way (part 82): INVALID/BOGUS AppLocker rules disable SAFER on Windows 11 22H2″ <https://seclists.org/fulldisclosure/2023/Feb/13> In “SRP on Windows 11” <https://seclists.org/fulldisclosure/2023/Mar/1> Andy Ful presented a persistent correction some days later. Since several … Read More “Defense in depth — the Microsoft way (part 93): SRP/SAFER whitelisting goes black on Windows 11 – Full Disclosure” »
Posted by Stefan Kanthak via Fulldisclosure on Sep 22 Hi @ll, since several years Microsoft installs the DLLs domain_actions.dll and well_known_domains.dll as part of their Edge browser as well as Windows’ WebView component into each and every user profile, UNPROTECTED against tampering. On Windows 11 24H2 their paths are currently “%LOCALAPPDATA%MicrosoftEdgeUser DataDomain Actions3.0.0.16domain_actions.dll” “%LOCALAPPDATA%MicrosoftEdgeUser … Read More “Defense in depth — the Microsoft way (part 94): BACKDOOR planted in AppLocker – Full Disclosure” »
Posted by Stefan Kanthak via Fulldisclosure on Sep 22 Hi @ll, since several years Microsoft installs the DLLs domain_actions.dll and well_known_domains.dll as part of their Edge browser as well as Windows’ WebView component into each and every user profile, UNPROTECTED against tampering. On Windows 11 24H2 their paths are currently “%LOCALAPPDATA%MicrosoftEdgeUser DataDomain Actions3.0.0.16domain_actions.dll” “%LOCALAPPDATA%MicrosoftEdgeUser … Read More “Defense in depth — the Microsoft way (part 94): BACKDOOR planted in AppLocker – Full Disclosure” »
Stellantis, parent of Jeep, Chrysler, Dodge and FIAT, confirms data breach through third-party vendor. Contact info exposed, financial data not affected. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Hackers are increasingly adopting the techniques of the Chinese group that successfully infiltrated major telecommunications providers in attacks that made headlines last year by looking for unconventional weak spots, an AT&T executive said Monday. AT&T was one of the major providers to fall victim to the sweeping campaign from the group, known as Salt Typhoon, … Read More “Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques – CyberScoop” »
A teenage boy suspected of participating in cyberattacks on multiple Las Vegas casinos in late 2023 was arrested last week. The Las Vegas Metropolitan Police Department said the minor turned himself in Wednesday at the Clark County Juvenile Detention Center, where he was booked on multiple charges. The suspect, who is unnamed because he’s a … Read More “Las Vegas police arrest minor accused of high-profile 2023 casino attacks – CyberScoop” »
A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Not long ago, the mere idea that cryptocurrencies could ever be integrated into mainstream finance would have seemed… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade sectors, cybersecurity company F6 said in an analysis published last week. The attack chain involves … Read More “ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks – The Hacker News” »
Experts at a Gartner event highlighted areas of focus in identity, processes and third-party risk management to tackle the novel tactics employed by Scattered Spider – Read More –
MITRE said it understands why Microsoft, SentinelOne and Palo Alto pulled out of its 2025 of ATT&CK Evaluations test – and promises to do better next year – Read More –
The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow’s breach. This week’s recap explores the trends driving that … Read More “⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More – The Hacker News” »
Radware researchers revealed a service-side flaw in OpenAI’s ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Europol and 18 countries used AI forensics to identify 51 child victims and 60 suspects in a global online abuse investigation. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
We hear this a lot: “We’ve got hundreds of service accounts and AI agents running in the background. We didn’t create most of them. We don’t know who owns them. How are we supposed to secure them?” Every enterprise today runs on more than users. Behind the scenes, thousands of non-human identities, from service accounts … Read More “How to Gain Control of AI Agents and Non-Human Identities – The Hacker News” »
Pessimism is mounting about the chances that Congress will reauthorize a cyber threat information-sharing law before it’s set to expire at the end of this month — with no clear path for either a temporary or long-term extension. Industry groups and the Trump administration have put a lot of muscle into renewing the 2015 Cybersecurity … Read More “Cyber threat information law hurtles toward expiration, with poor prospects for renewal – CyberScoop” »
The FBI has warned that adversaries have published fake versions of its cybercrime reporting portal IC3 – Read More –
In August 2024, the National Institute of Standards and Technology published its first set of post-quantum cryptography (PQC) standards, the culmination of over seven years of cryptographic scrutiny, review and competition. As the standards were announced, the implications for cybersecurity leaders were clear: The U.S. government must re-secure its entire digital infrastructure — from battlefield … Read More “Why federal IT leaders must act now to deliver NIST’s post-quantum cryptography transition – CyberScoop” »
Heathrow, Brussels, Dublin and Berlin airports are among those disrupted by a cyber-attack on Collins Aerospace – Read More –
The UK’s spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Global Finance The field of Artificial Intelligence (AI) is transforming the world of finance and informing credit underwriting, fraud… The post Why ethics must drive AI adoption in finance appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
![[CFP] Burning River Cyber Con ’25 – Cleveland, OH – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/09/fulldisclosure-img-LfNHIh.webp)
