Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Category: Security
Breaking News, Chrome, Exploits, Global Security News, Google, hacking, Security
CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025
Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild. Google released fixes for six Chrome flaws, including one actively exploited in the wild tracked as CVE-2025-6558 (CVSS score of 8.8). CVE-2025-6558 stems from improper validation of untrusted input in Chrome’s ANGLE and GPU components. Clément…
Exploits, Global Security News, Google, Security
Google fixes actively exploited sandbox escape zero day in Chrome
Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser’s sandbox protection. […]
Asia Pacific, Botnet, Breaking News, DDoS, Global Security News, Reports, Security
DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault
Cloudflare blocked 7.3M DDoS attacks in Q2 2025, down from 20.5M in Q1, while hyper-volumetric attacks surged with 6,500+ blocked, averaging 71 daily. Cloudflare mitigated 7.3M DDoS attacks in Q2 2025, down from 20.5M in Q1, 13.5M of which stemmed from an 18-day Q1 campaign. Hyper-volumetric attacks surged, with over 6,500 blocked, averaging 71 per…
Breaking News, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Wing FTP Server flaw, tracked as CVE-2025-47812, to its Known Exploited Vulnerabilities (KEV) catalog. Wing FTP Server is a secure and flexible file transfer solution that supports multiple protocols, including FTP,…
Android, fraud, Global Security News, malware, Scams and Fraud, Security
Fake Telegram Apps Spread via 607 Domains in New Android Malware Attack
Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users.
Global Security News, News and Trends, Security
SentinelOne & OPSWAT’s New OEM Partnership Drives Security
SentinelOne, an AI-powered cybersecurity platform, recently announced an original equipment manufacturer (OEM) partnership with OPSWAT, a provider of critical infrastructure protection, to integrate their capabilities into OPSWAT’s Metascan Multiscanning technology. Added security capabilities meet demand for on-prem and cloud environments Through this collaboration, enterprises will be enabled to combat modern cyber threats with improved precision…
Global Security News, Security
Abacus dark web drug market goes offline in suspected exit scam
Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has shut down its public infrastructure in a move suspected to be an exit scam. […]
Global Security News, Security
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. […]
Cybersecurity, Global Security News, Ontinue, phishing, Phishing Scam, Security
Attackers Hide JavaScript in SVG Images to Lure Users to Malicious Sites
Beware! SVG images are now being used with obfuscated JavaScript for stealthy redirect attacks via spoofed emails. Get insights from Ontinue’s latest research on detection and defence.
Global Security News, Security
Police disrupt “Diskstation” ransomware gang attacking NAS devices
An international law enforcement action dismantled a Romanian ransomware gang known as ‘Diskstation,’ which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. […]
Global Security News, Mobile, Security
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. […]
Cybersecurity, fraud, Global Security News, privacy, Scams and Fraud, Security
UK Pet Owners Targeted by Fake Microchip Renewal Scams
Microchip renewal scam targets UK pet owners using leaked data from insecure registries. Emails appear legit but aim to steal money and personal info.
Cisco Duo, Cisco Secure Access, Global Security News, Identity and Access Management (IAM), Security
Universal ZTNA from Cisco Earns Coveted SE Labs AAA Rating
Combining the power of Duo’s Identity Management and Cisco’s Secure Access and Identity Intelligence protects against stolen credentials and phishing attacks.
Global Security News, Security
UK launches vulnerability research program for external experts
UK’s National Cyber Security Centre (NCSC) has announced a new Vulnerability Research Initiative (VRI) that aims to strengthen relations with external cybersecurity experts. […]
AI, Artificial Intelligence, Cybersecurity, Elon Musk, Global Security News, Security
Researchers Jailbreak Elon Musk’s Grok-4 AI Within 48 Hours of Launch
Elon Musk’s Grok-4 AI was compromised within 48 hours. Discover how NeuralTrust researchers combined “Echo Chamber” and “Crescendo”…
Global Security News, Security
Interlock ransomware adopts FileFix method to deliver malware
Hackers have adopted the new technique called ‘FileFix’ in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems. […]
cyber attack, cyber attacks, Cybersecurity, Global Security News, Louis Vuitton, Security
Louis Vuitton UK Hit by Cyberattack, Third LVMH Breach in 3 Months
Louis Vuitton UK suffers cyberattack exposing customer data, marking the third LVMH breach in 3 months as retail sector faces ongoing security threats.
Global Security News, IP Address, privacy, Proxy, Security, Technology
Dedicated Proxies: A Key Tool for Online Privacy, Security and Speed
Online privacy, security, and performance today are more important than ever. For professionals and businesses working online, it’s…
Global Security News, Hardware, Security
Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot
Dozens of Gigabyte motherboard models run on UEFI firmware vulnerable to security issues that allow planting bootkit malware that is invisible to the operating system and can survive reinstalls. […]
Breaking News, cyber crime, data breach, Global Security News, hacking, Security
Global Louis Vuitton data breach impacts UK, South Korea, and Turkey
Louis Vuitton data breach affects customers in the UK, South Korea, Turkey, and possibly more countries, with notifications underway. Customers of French luxury retailer Louis Vuitton are being notified of a data breach affecting multiple countries, including the UK, South Korea, and Turkey. The security breach was discovered on July 2nd, 2025, and exposed customer…
Global Security News, Security
Malicious VSCode extension in Cursor IDE led to $500K crypto theft
A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one case, led to the theft of $500,000 in cryptocurrency from a Russian crypto developer. […]
Breaking News, eSIM, eUICC, Exploits, Global Security News, hacking, Security
Experts uncover critical flaws in Kigen eSIM technology affecting billions
Experts devised a new hack targeting Kigen eSIM tech, used in over 2B devices, exposing smartphones and IoT users to serious security risks. Researchers at Security Explorations uncovered a new hacking method exploiting flaws in Kigen’s eSIM tech, affecting billions of IoT devices. An eSIM (embedded SIM) is a digital version of a traditional SIM…
Global Security News, Security
Cyberschutz-Verpflichtung für Firmen ab 2026
srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?quality=50&strip=all 7063w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2507986833.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Ab 2026 sind deutsche Unternehmen zu mehr Cybersicherheit verpflichtet. SuPatMaN – shutterstock.com Die Bundesregierung will eine EU-Richtlinie für den verpflichtenden Schutz wichtiger Anlagen und Unternehmen vor Cyberangriffen in…
Breaking News, china, Europe, Global Security News, intelligence, Security
Spain awarded €12.3 million in contracts to Huawei
Spain gives Huawei wiretap contracts, sparking concerns over potential Chinese government access due to Huawei’s links to Beijing. The Spanish Ministry of the Interior has awarded €12.3 million ($14.3 million) contracts to manage and store judicially authorized wiretaps used by law enforcement and intelligence agencies, raising concerns about potential Chinese government access due to the…
Breaking News, Exploits, Fortinet FortiWeb, Global Security News, hacking, Security
Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb
PoC exploits released for critical Fortinet FortiWeb flaw allowing pre-auth RCE. Fortinet urges users to patch. Proof-of-concept (PoC) exploits for CVE-2025-25257 in Fortinet FortiWeb (CVSS 9.8) enable pre-auth RCE on vulnerable servers. The flaw is a SQL injection vulnerability in FortiWeb (CWE-89) that allows unauthenticated attackers to execute unauthorized SQL commands via crafted HTTP/HTTPS requests.…
Cybersecurity, Fortinet, FortiWeb, Global Security News, Security, SQL
Critical Vulnerability Exposes Fortinet FortiWeb to Full Takeover (CVE-2025-25257)
WatchTowr Labs reveals CVE-2025-25257, a critical FortiWeb SQL injection allowing unauthenticated remote code execution. Patch your FortiWeb 7.0,…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Wing FTP Server flaw actively exploited shortly after technical details were made public
Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30. Threat actors are exploiting a critical flaw, tracked as CVE-2025-47812 (CVSS score of 10), in Wing FTP Server that allows remote code execution with root/system privileges. Wing FTP Server is a secure and flexible file…
Artificial Intelligence, Exploits, Global Security News, Google, Security
Google Gemini flaw hijacks email summaries for phishing
Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. […]
Breaking News, Global Security News, hacking, hacking news, information security news, Security
McDonald’s job app exposes data of 64 Million applicants
Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs. Security researchers Ian Carroll and Sam Curry discovered multiple vulnerabilities in the McDonald’s chatbot recruitment platform McHire that exposed the personal information of over 64 million job applicants. The security duo found that McDonald’s hiring bot, built by…
Exploits, Global Security News, Security
Hackers are exploiting critical RCE flaw in Wing FTP Server
Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. […]
APT, cyber attack, cyber attacks, Europe, Global Security News, Security
DoNot APT Hits European Ministry with New LoptikMod Malware
Trellix reveals how the India-linked DoNot APT group launched a sophisticated spear-phishing attack on a European foreign affairs…
cyber attack, cyber attacks, cyber crime, Global Security News, Security
Leaked Shellter Elite Tool Now Fueling Infostealer Attacks Worldwide
A new report details how the advanced hacking tool Shellter Elite was leaked and is now being used…
Global Security News, North America, Security
‘123456’ password exposed chats for 64 million McDonald’s job chatbot applications
Cybersecurity researchers discovered a vulnerability in McHire, McDonald’s chatbot job application platform, that exposed the chats of more than 64 million job applications across the United States. […]
Global Security News, North America, Security
‘123456’ password exposed info for 64 million McDonald’s job applicants
Cybersecurity researchers discovered a vulnerability in McHire, McDonald’s chatbot job application platform, that exposed the personal information of more than 64 million job applicants across the United States. […]
Global Security News, North America, Security
‘123456’ password exposed chats for 64 million McDonald’s job applicants
Cybersecurity researchers discovered a vulnerability in McHire, McDonald’s chatbot job application platform, that exposed the chats of more than 64 million job applicants across the United States. […]
Exploits, Global Security News, Security
Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. […]
Global Security News, Security
WordPress Gravity Forms developer hacked to push backdoored plugins
The popular WordPress plugin Gravity Forms has been compromised in what seems a supply-chain attack where manual installers from the official website were infected with a backdoor. […]
Cybersecurity, data, Global Security News, privacy, Security
New Study Shows Google Tracking Persists Even With Privacy Tools
A new SafetyDetectives study reveals the surprising extent of Google tracking across the web in the US, UK, Switzerland, and Sweden. Discover how Google Analytics, AdSense, and YouTube embeds collect your data, even when using DuckDuckGo.
Global Security News, Hardware, Security
NVIDIA issues guidance to defend GDDR6 GPUs against Rowhammer attacks
NVIDIA is warning users to activate the System Level Error-Correcting Code mitigation to protect against Rowhammer attacks on graphical processors with GDDR6 memory. […]
Global Security News, Security
The zero-day that could’ve compromised every Cursor and Windsurf user
Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could’ve let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat’s been patched—but the wake-up call is clear: extensions are a new, massive supply chain risk. […]
Exploits, Global Security News, Security
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. […]
Global Security News, Security
MetTel & Check Point Partner On Managed Mobile Threat Defense
MetTel has announced a new strategic partnership with Check Point Software Technologies to deliver a fully managed mobile threat defense solution for enterprises. The offering integrates Check Point’s Harmony Mobile platform into MetTel’s managed mobility suite, targeting a wide range of mobile-based cyber threats, including phishing links, infected applications, unpatched OS vulnerabilities, and insecure Wi-Fi…
Global Security News, Security
Aqua Security Launches New Partner Program
Aqua Security, a provider of cloud-native security, announced the launch of the Trivy Partner Connect Program, a new partner program designed to expand the commercial ecosystem around Trivy, an open-source vulnerability and misconfiguration scanner. Program enables commercial vendors to leverage open-source development Trivy Partner Connect offers a structured framework for commercial vendors to build, integrate,…
Global IT News, Global Security News, Security
Microsoft & Huntress Partner to Extend Security for All
Recently, Microsoft announced a collaboration with Huntress, an enterprise-grade cybersecurity solution, to improve cybersecurity for businesses of all sizes and combat modern threats. Huntress’ purpose-built cybersecurity solutions will seamlessly integrate into Microsoft environments to unlock protection for endpoints, identities, and employees. Unlocking potential use cases within the Microsoft security ecosystem According to Huntress, more than…
Breaking News, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway, tracked as CVE-2025-5777, to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2025-5777 flaw, dubbed ‘CitrixBleed 2‘ (CVSS v4.0 Base Score…
AI, Cybersecurity, Global Security News, leaks, privacy, Security
McDonald’s McHire Vulnerability Leaked Data of 64 Million Job Seekers
Major security flaw in McDonald’s McHire platform exposed 64M job applications. Discover how an IDOR vulnerability and weak…
AI, Cybersecurity, Global Security News, leaks, privacy, Security
McDonald’s AI Hiring Tool McHire Leaked Data of 64 Million Job Seekers
Major security flaw in McDonald’s McHire platform exposed 64M job applications. Discover how an IDOR vulnerability and weak…
Global Security News, Microsoft, Security
Windows 11 now uses JScript9Legacy engine for improved security
Microsoft announced that it has replaced the default scripting engine JScript with the newer and more secure JScript9Legacy on Windows 11 version 24H2 and later. […]
Global Security News, North America, Security
Russian pro basketball player arrested for alleged role in ransomware attacks
Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States for allegedly acting as a negotiator for a ransomware gang. […]
Exploits, Global Security News, Security
PerfektBlue BlueTooth flaws impact Mercedes, Volkswagen, Skoda cars
Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements in vehicles from multiple vendors, including Mercedes-Benz AG, Volkswagen, and Skoda. […]
Global Security News, Security
FBI’s CJIS demystified: Best practices for passwords, MFA & access control
FBI’s Criminal Justice Information Services (CJIS) compliance isn’t optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory. […]
Global Security News, Legal, Security
Four arrested in UK over M&S, Co-op, Harrod cyberattacks
The UK’s National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods. […]
edge security, firewall, Global Security News, network firewall, Network Security, Security
Cisco Catalyst 8300 Excels in NetSecOPEN NGFW SD-WAN Security Tests
Cisco Catalyst 8300 earns NetSecOPEN certification for exceptional real-world NGFW and SD-WAN performance under modern enterprise conditions.
Global Security News, Microsoft, Security
Microsoft Authenticator on iOS moves backups fully to iCloud
Microsoft is rolling out a new backup system in September for its Authenticator app on iOS, removing the requirement to use a Microsoft personal account to back up TOTP secrets and account names. […]
Global Security News, Security
Qantas confirms data breach impacts 5.7 million customers
Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers’ data. […]
Global Security News, Google, Mobile, Security
Google reveals details on Android’s Advanced Protection for Chrome
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements. […]
CryptoCurrency, Global Security News, Security
Bitcoin Depot breach exposes data of nearly 27,000 crypto users
Bitcoin Depot, an operator of Bitcoin ATMs, is notifying customers of a data breach incident that has exposed their sensitive information. […]
Exploits, Global Security News, Security
Ruckus Networks leaves severe flaws unpatched in management devices
Multiple vulnerabilities that remain unpatched in Ruckus Wireless management products could be exploited to fully compromise the network environment they serve. […]
Global Security News, Security
Ingram Micro starts restoring systems after ransomware attack
Ingram Micro has begun restoring systems and business services after suffering a massive SafePay ransomware attack right before the July 4th holiday. […]
Global Security News, Security
The MFA You Trust Is Lying to You – and Here’s How Attackers Exploit It
MFA Authenticator apps aren’t cutting it anymore. Attackers are bypassing legacy MFA with fake sites and real-time phishing. Token Ring and BioStick stop them cold—with fingerprint-bound hardware. Learn more from Token. […]
Global Security News, North America, Security
LevelBlue: Third-Party Management Leading to Security Risks
LevelBlue, a managed security services, strategic consulting, and threat intelligence provider, recently released the Data Accelerator: Software Supply Chain and Cybersecurity report. The research digs into how vulnerable organizations are to the rise in software supply chain attacks. To learn more about the findings and how businesses should respond, we spoke with Theresa Lanowitz, chief…
Global Security News, Security
New ServiceNow flaw lets attackers enumerate restricted data
A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. […]
Cybersecurity, data breach, Global Security News, leaks, privacy, Security
Server with Rockerbox Tax Firm Data Exposed 286GB of Records
Cybersecurity researcher Jeremiah Fowler uncovered a massive 286GB data exposure at Texas-based Rockerbox, a tax credit consultancy. Exposed data includes SSNs, DD214s, and financial details, raising serious identity theft and fraud concerns.
Breaking News, Cybercrime, Exploits, Global Security News, hacking, malware, Security
Hackers weaponize Shellter red teaming tool to spread infostealers
Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was originally built for legitimate red team operations, however, threat actors have now adopted it to bypass security measures…
Breaking News, Exploits, Global Security News, hacking, hacking news, IT Information Security, Security
Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day
Microsoft released Patch Tuesday security updates for July 2025, which addressed 130 flaws, including one a Microsoft SQL Server zero-day. Microsoft Patch Tuesday security updates for July 2025 addressed 130 vulnerabilities in Windows and Windows Components, Office and Office Components, .NET and Visual Studio, Azure, Teams, Hyper-V, Windows BitLocker, Microsoft Edge (Chromium-based), and the Windows…
Global Security News, Mobile, Security
Samsung announces major security enhancements coming to One UI 8
Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. […]
Global Security News, Security
M&S confirms social engineering led to massive ransomware attack
M&S confirmed today that the retail outlet’s network was initially breached in a “sophisticated impersonation attack” that ultimately led to a DragonForce ransomware attack. […]
Exploits, Global Security News, Mobile, Security
New Android TapTrap attack fools users with invisible UI trick
A novel tapjacking technique can exploit user interface animations to bypass Android’s permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device. […]
Global Security News, Microsoft, Security
Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws
Today is Microsoft’s July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server. […]
Asia Pacific, Breaking News, Global Security News, intelligence, Security
Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested at Malpensa Airport on July 3rd after arriving on a flight from China. Authorities accused…
Global Security News, Mobile, Security
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. […]
Global Security News, Security
Overcoming Technical Barriers in Desktop and Application Virtualization
Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access—no open firewall ports required. Learn more and get a free trial. […]
Global Security News, Security
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google’s Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. […]
Global Security News, Security
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google’s Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. […]
cyber attack, Cybersecurity, Global Security News, malware, Phishing Scam, Security
Infostealers-as-a-Service Push Identity Hacks to Record Highs
Identity-based cyberattacks soar 156%, driven by cheap Phishing-as-a-Service & infostealer malware. Learn how criminals bypass MFA to steal credentials, access bank accounts, and compromise business emails.
AI Security, Artificial Intelligence (AI), Foundation AI, Global Security News, Security
Securing an Exponentially Growing (AI) Supply Chain
Foundation AI’s Cerberus is a 24/7 guard for the AI supply chain, analyzing models as they enter HuggingFace and sharing results to Cisco Security products.
cyber attack, cyber attacks, Cybersecurity, Global Security News, Security
Pakistan’s Transparent Tribe Hits Indian Defence with Linux Malware
Pakistan’s APT36 Transparent Tribe uses phishing and Linux malware to target Indian defence systems running BOSS Linux says Cyfirma.
Breaking News, cyber crime, Cybercrime, Global Security News, Security
IT Worker arrested for selling access in $100M PIX cyber heist
Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for allegedly aiding a cyberattack that stole over 540 million reais (~$100 million) via the PIX banking system. The company C&M links smaller banks to…
Global Security News, Security
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage
A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies. […]
Exploits, Global Security News, Security
Public exploits released for CitrixBleed 2 NetScaler flaw, patch now
Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. […]
cyber attack, cyber attacks, Cybersecurity, Global Security News, ICC, Security
ICC Contained Cyberattack Amid Espionage Threats and Pressure
International Criminal Court faces new “sophisticated” cyberattack in The Hague. Occurring near the NATO summit, this incident impacts the ICC as it handles major global cases.
AT&T, cyber attack, Cybersecurity, Global Security News, Laws & Legalities, Security
AT&T Reaches $177M Deal Over 2019 and 2024 Data Breaches
AT&T’s $177M data breach settlement. Check eligibility for payouts from 2019 and 2024 incidents. Get claim details here.
CryptoCurrency, Global Security News, Security
Employee gets $920 for credentials used in $140 million bank heist
Hackers stole nearly $140 million from six banks in Brazil by using an employee’s credentials from C&M, a company that offers financial connectivity solutions. […]
Global Security News, Security
Atomic macOS infostealer adds backdoor for persistent attacks
Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as ‘AMOS’) that comes with a backdoor, to attackers persistent access to compromised systems. […]
Global Security News, Security
Qantas is being extorted in recent data-theft cyberattack
Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers. […]
Global Security News, Security
‘Batavia’ Windows spyware campaign targets dozens of Russian orgs
A previously undocumented spyware called ‘Batavia’ has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures. […]
Global Security News, Security
Hackers abuse leaked Shellter red team tool to deploy infostealers
Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software. […]
Asia Pacific, Breaking News, Global Security News, intelligence, Laws and regulations, Security
Taiwan flags security risks in popular Chinese apps after official probe
Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. Taiwan National Security Bureau (NSB) warns that Chinese apps like TikTok, WeChat, Weibo, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China, following an official inspection with…
AI Cybersecurity, Global Security News, Security, Security for AI
Cisco Contributes to Cyber Hard Problems Report
Cisco contributes to the latest edition of the Cyber Hard Problems report, highlighting 10 foundational security challenges facing the modern world.
Android, Banking, Global Security News, malware, Security
Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats
Dr.Web reports Android malware surge in Q2 with adware, banking trojans and crypto theft hidden in fake apps, firmware and spyware targeting users.
Breaking News, Chrome, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Chromium V8 vulnerability, tracked as CVE-2025-6554, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Google released security patches to address the Chrome vulnerability CVE-2025-6554 for which an exploit is…
Breaking News, Cybercrime, data breach, Emerging Tech, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 10 Things I Hate About Attribution: RomCom vs. TransferLoader macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group) Dissecting Kimsuky’s…
APT, Global Security News, hacking, intelligence, malware, Security
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates
North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram.…
Global Security News, Security
Ingram Micro outage caused by SafePay ransomware attack
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. […]
cyber attack, Cybersecurity, Data Security, Global Security News, Security
How Digital Executive Protection Shields Top Leaders from Modern Threats
Cybersecurity threats have emerged so quickly that most companies struggle to keep up and executives are often the…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Critical Sudo bugs expose major Linux distros to local Root exploits
Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems. Sudo (short for “superuser do”) is a…
Global Security News, Security
Ingram Micro suffers global outage as internal systems inaccessible
IT giant Ingram Micro is experiencing a global outage that is impacting its websites and internal systems, with customers concerned that it may be a cyberattack after the company remains silent on the cause of the issues. […]
Global Security News, Security
Hacker leaks Telefónica data allegedly stolen in a new breach
A hacker is threatening to leak 106GB of data allegedly stolen from Spanish telecommunications company Telefónica in a breach that the company did not acknowledge. […]
cisco, Cybersecurity, Global Security News, Security, vulnerability
Cisco Issues Emergency Fix for Critical Root Credential Flaw in Unified CM
Cisco fixes critical root credential vulnerability in Unified CM rated CVSS 10 urging users to patch now to stop remote admin takeovers.