23174
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
🕵️♂️ 'PoisonSeed' Attacker Skates Around FIDO Keys 🕵️♂️Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication MFA, in order to get around FIDObased protections.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🖋️ UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns 🖋️Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 aka Unknown Group 0002 as part of a broader cyber espionage campaign. "This threat entity demonstrates a strong preference for using shortcut files LNK, VBScript, and postexploitation tools such as Cobalt Strike and Metasploit, while consistently deploying CVthemed.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📢 Special offer for ITPro readers 📢ITPro is pleased to offer readers a discount on Keeper Security's business offering.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📔 Retail Becomes New Target as Healthcare Ransomware Attacks Slow 📔Comparitech found that healthcare ransomware attacks rose 4 in H1 2025, a significantly lower rate than the crosssector average of 50.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 New “LameHug” Malware Deploys AI-Generated Commands 📔Ukraines CERTUA has identified a new AIpowered malware, dubbed LameHug, which executes commands on compromised Windows systems in cyberattacks, targeting the nations security and defense sector.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors 📔The US CISA has issued advisories for Industrial Control Systems vulnerabilities affecting multiple vendors including Johnson Controls, ABB, Hitachi Energy, and Schneider Electric.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware 🖋️With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this shift is the growing threat of ransomware, which continues to evolve in both frequency and complexity. RansomwareasaService RaaS platforms have made it possible for even inexperienced threat actors with.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign 🖋️The Computer Emergency Response Team of Ukraine CERTUA has disclosed details of a phishing campaign that's designed to deliver a malware codenamed LAMEHUG. "An obvious feature of LAMEHUG is the use of LLM large language model, used to generate commands based on their textual representation description," CERTUA said in a Thursday advisory. The activity has been attributed with medium.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 NVIDIA Issues Advisory After Demo of First Rowhammer Attack on GPUs 🦿Researchers recently demoed GPUHammer, the first Rowhammerstyle exploit targeting GPU memory, posing major threats to AI reliability and data integrity.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Firmware Vulnerabilities Continue to Plague Supply Chain 🕵️♂️Four flaws in the basic software for Gigabyte motherboards could allow persistent implants, underscoring problems in the ways firmware is developed and updated.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’ 📢The expanded partnership aims to help shore up identity security as attackers increasingly target user credentials.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
♟️ Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai ♟️Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password "123456" for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 companies. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell a more nuanced story.
📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
🦿 Scattered Spider Cyber Gang Now Targeting Airlines With Ransomware, Microsoft Warns 🦿Microsoft reveals how the cybercrime group, also known as Octo Tempest, is reversing its previous cloudfirst strategy.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now 🕵️♂️Cisco just disclosed a critical severity flaw in its ISE and ISEPIC products, joining two similar bugs disclosed last month.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🖋️ Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters 🖋️Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS malwareasaservice operators used fake GitHub accounts to host payloads, tools, and Amadey plugins, likely as an attempt to bypass web filtering and for ease of use," Cisco Talos researchers Chris Neal and Craig Jackson.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks 🖋️Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure ICS appliances. According to a report published by JPCERTCC today, the threat actors behind the exploitation of CVE20250282 and CVE202522457 in intrusions observed between December 2024 and July.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ China's Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones 🖋️Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement authorities in China to gather information from seized mobile devices. The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd., which was formerly known as Meiya Pico. It specializes in the.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦅 CSA Issues Alert on Critical VMware Vulnerabilities: Patch Now, Experts Warn 🦅Cyble CSA Issues Alert on Critical VMware Vulnerabilities Patch Now, Experts Warn " dataimagecaption"Cyble CSA Issues Alert on Critical VMware Vulnerabilities Patch Now, Experts Warn " datamediumfile"httpscyble.comwpcontentuploads202507CybleBlogsVMwareCSA300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202507CybleBlogsVMwareCSA.jpg" title"CSA Issues Alert on Critical VMware Vulnerabilities Patch Now, Experts Warn 1" The Cyber Security Agency of Singapore has issued an alert for multiple VMware vulnerabilities. The alert came just after Broadcom released a critical security advisory detailing multiple vulnerabilities. These vulnerabilities, CVE202541236, CVE202541237, CVE202541238, and CVE202541239, impact VMware ESXi, Workstation, Fusion, Tools, and related infrastructure so...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
📔 AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet 📔A cryptomining botnet active since 2019 has incorporated likely AIgenerated Lcryx ransomware into its operations.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Russia Linked to New Malware Targeting Email Accounts for Espionage 📔Russian military intelligencelinked hackers are using a new malware called Authentic Antics to secretly access Microsoft cloud email accounts, the UK's NCSC reports.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🚨 UK calls out Russian military intelligence for use of espionage tool 🚨Cyber threat group APT 28 has been responsible for deploying a sophisticated malware against user email accounts as part of its operations.
📖 Read more.
🔗 Via "UK NCSC"
----------
👁️ Seen on @cibsecurity
🖋️ Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices 🖋️Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure. "The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android's opensource software Android Open Source Project, which lacks Google's security protections,".
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services 🖋️Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE202523266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Googleowned cloud security company Wiz. "NVIDIA Container Toolkit for all platforms contains a.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 OpenAI’s ChatGPT Agent Can Create Your Spreadsheets and Presentations 🦿ChatGPT agent is available for Pro users now, with Plus and Team users following in the next few days. Enterprise and Edu tiers will get it in a matter of weeks.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ 3 Ways Security Teams Can Minimize Agentic AI Chaos 🕵️♂️Security often lags behind innovation. The path forward requires striking a balance.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 We need to talk about operational technology 📢Groups like Volt Typhoon are abusing poor hygiene in critical infrastructure to preposition for attacks.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🕵️♂️ 4 Chinese APTs Attack Taiwan's Semiconductor Industry 🕵️♂️Chinese threat actors have turned to cyberattacks as a way to undermine and destabilize Taiwan's most important industrial sector.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🦿 Google Reveals How a Hacker Exploits SonicWall Hardware Using OVERSTEP Backdoor 🦿A hacker has been using a backdoor to exploit certain SonicWall SMA appliances since October 2024. Googles Threat Intelligence Group provides tips on mitigating this security threat.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Printer Security Gaps: A Broad, Leafy Avenue to Compromise 🕵️♂️Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited despite more and more cyberattackers targeting printers as a matter of course.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Armenian Extradited to US Over Ryuk Ransomware 🕵️♂️The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity