Author: Joe-W

Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. It’s  – Read More  –...

The North Korea-linked threat actor known as ScarCruft is said to have been behind a never-before-seen Android surveillance tool named KoSpy targeting Korean and English-speaking users. Lookout, which shared details of the malware campaign, said the earliest versions date back to March 2022. The most recent samples were flagged in March 2024. It’s not clear how successful these efforts were....

OBSCURE#BAT malware campaign exploits social engineering & fake software downloads to evade detection, steal data and persist on…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The Medusa ransomware gang continues to present a major threat to the critical infrastructure sector, according to a newly-released – with at least one organisation hit with a “triple-extortion” threat. Read more in my article on the Tripwire State of Security blog.  – Read More  – Graham Cluley 

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows  – Read More  – The Hacker News 

Cary, North Carolina, 13th March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become  – Read More  –...

The Hague, the Netherlands, 13th March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate. “On March 14, 2025, a root certificate used to verify signed content and add-ons for various Mozilla projects, including Firefox, will expire,” Mozilla said. “Without updating to Firefox  –...

Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font  –...

Dragos reveals Volt Typhoon hackers infiltrated a US electric utility for 300 days, collecting sensitive data. Learn how this cyberattack threatens infrastructure.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps? Find out about this, and more, in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.  – Read More  – Graham Cluley 

Lazarus Group has burrowed deeper into the npm registry and planted six new malicious packages designed to deceive software developers and disrupt their workflows, researchers at cybersecurity firm Socket said in a Monday blog post. The North Korea-linked threat group embedded BeaverTail malware into the npm packages to install backdoors and steal credentials and data in cryptocurrency wallets, according to...

Two members of the Senate Judiciary Committee are preparing to introduce  a bipartisan bill that would mandate tech companies to more swiftly report and remove child sexual abuse material hosted on their platforms, but critics warn it could result in the weakening or elimination of encrypted messaging services that many Americans rely on. The Stop CSAM Act, first introduced in...

Sonatype researchers uncover critical vulnerabilities in picklescan. Learn how these flaws impact AI model security, Hugging Face, and…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Davis Lu had planted malicious Java code onto his employer’s network that would cause “infinite loops” that would ultimate result in the server crashing or hanging. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. “The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that  – Read More  –...

San Jose, United States / California, 12th March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News