Vulnerabilities are proliferating in SonicWall devices and software this year, putting the vendor’s customers at risk of intrusion via secure access gateways and firewalls. The year started off on a sour note for the California-based company when it released security advisories for nine vulnerabilities on Jan. 7. The total number of vulnerabilities publicly disclosed by the company so far in...
A bipartisan Senate bill would formally ban the use of DeepSeek by federal contractors, part of a larger effort to keep the Chinese-made large language model out of government systems and networks, where lawmakers fear it could pose cybersecurity and national security concerns. The bill, introduced by Sens. Bill Cassidy, R-La., and Jacky Rosen, D-Nev., would bar federal contractors from...
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have “actively and continuously” updated the malware, introducing versions v3 and v4 in – Read More ...
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich – Read More –...
Cofense Intelligence reveals a novel phishing technique using blob URIs to create local fake login pages, bypassing email… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Helps vendors measure how well they meet the Software Security Code of Practice, and suggests remedial actions should they fall short. – Read More – NCSC Feed
A flaw in Microsoft Entra ID’s legacy login allowed attackers to bypass MFA, targeting admin accounts across finance,… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Oh dear, what a shame, never mind. Read more in my article on the Tripwire State of Security blog. – Read More – Graham Cluley
The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome – Read More –
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. “Disguised as developer tools offering ‘the cheapest Cursor API,’ these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor’s – Read More – The Hacker News
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask: Are they secure? AI agents work with sensitive data and make real-time...
Cybersecurity researchers are warning of a new campaign that’s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. “The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox,” Cisco Talos – Read More –...
The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter – Read More –
GlobalX Airlines, a charter airline being used by the US government for deportation flights, has been attacked by hacktivists who have made off with what they claim are detailed flight records and passenger manifests. Read more in my article for the Hot for Security blog. – Read More – Graham Cluley
The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct – Read More – The Hacker News
The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services – Read More –
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted – Read More –
Google on Thursday announced it’s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. “The on-device approach provides instant insight on risky websites and allows us to offer –...
Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action – Read More –
A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver flaw – Read More –...
Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
PowerSchool paid ransom after a major data breach; now hackers are targeting teachers and schools with direct extortion… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Another top appropriations Democrat criticized budget cuts affecting the Cybersecurity and Infrastructure Security Agency, saying the Trump administration has “illegally gutted funding for cybersecurity.” Connecticut Sen. Chris Murphy, the ranking member on the Senate Appropriations Subcommittee on Homeland Security, made his remarks Thursday to Department of Homeland Security Secretary Kristi Noem at a hearing on the administration’s fiscal 2026 budget....
LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity researchers have exposed what they say is an “industrial-scale, global cryptocurrency phishing operation” engineered to steal digital assets from cryptocurrency wallets for several years. The campaign has been codenamed FreeDrain by threat intelligence firms SentinelOne and Validin. “FreeDrain uses SEO manipulation, free-tier web services (like gitbook.io, webflow.io, and github.io – Read More – The Hacker News
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY Vulnerability: Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful...
CISA released five Industrial Control Systems (ICS) advisories on May 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-128-01 Horner Automation Cscape ICSA-25-128-02 Hitachi Energy RTU500 series ICSA-25-128-03 Mitsubishi Electric CC-Link IE TSN ICSA-25-093-01 Hitachi Energy RTU500 Series (Update A) ICSMA-25-128-01 Pixmeo OsiriX MD CISA encourages users and administrators to review newly...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Pixmeo Equipment: OsiriX MD Vulnerabilities: Use After Free, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption, resulting in a denial-of-service condition or to steal credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’), Improper Validation of Specified Index, Position, or Offset in Input 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute cross-site scripting or trigger a denial-of-service...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Horner Automation Cscape, a control system application programming software, are affected:...
Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below – CVE-2025-32819 (CVSS score: 8.8) – A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path traversal checks and delete an ...
New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks – Read More –
Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024. “NETXLOADER is a new .NET-based loader that plays a critical role in cyber attacks,” Trend Micro researchers Jacob Santos, Raymart Yambot, John Rainier Navato, Sarah Pearl ...
Scammers are using fake AI tools and Facebook ads to spread Noodlophile Stealer malware, targeting users with a… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions – Read More –
DigiCert survey finds only 5% of global businesses are using post-quantum cryptography – Read More –
The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, involved the use of spear-phishing lures to deliver an updated version of a backdoor called ANEL. “The ANEL file...
61% of security leaders reported suffering a breach due to failed or misconfigured controls over the past 12 months. This is despite having an average of 43 cybersecurity tools in place. This massive rate of security failure is clearly not a security investment problem. It is a configuration problem. Organizations are beginning to understand that a security control installed or...
Guidance for enterprise administrators who want to reduce the likelihood of being held to ransom by WannaCry (or other types of ransomware). – Read More – NCSC Feed
The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year – Read More –
The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK – Read More –
Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch – Read More –
Organizations can start defending against deepfakes now, before efficient detectors are available – Read More –
Security researchers at Aon have discovered a threat actor who bypassed SentinelOne EDR protection to deploy Babuk ransomware – Read More –
The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. “LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker,” the Google Threat – Read More – The...
Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. “This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT)...
Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge with a little help with Wingdings. Plus Graham challenges Carole to a game of “Malware or metal?”, and we wonder just happens when you have sex on top of a piano? All this and more is discussed in...
A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking help with trademarks, book writing, mobile app development and logo designs, a new investigation reveals. In an indictment...
Five months after education software vendor PowerSchool paid an unnamed threat actor a ransom in exchange for the deletion of sensitive stolen data, some of the company’s customers are now receiving extortion demands. A threat actor, who may or not be the same criminal group behind the attack, has contacted four school district customers of PowerSchool in the past few...
