23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐ Phorpiex Botnet Delivers LockBit Ransomware with Automated Tactics ๐A new ransomware campaign is automating LockBit deployment via the Phorpiex botnet, according to Cybereason.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ข What is polymorphic malware? ๐ขPolymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behaviorbased defenses.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ New Gremlin Infostealer Distributed on Telegram ๐Administrators of a Telegram channel named CoderSharp have been advertising Gremlin Stealer since March 2025.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ New WordPress Malware Masquerades as Plugin ๐New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ AI, Automation, and Dark Web Fuel Evolving Threat Landscape ๐ต๏ธโโ๏ธAttackers are leveraging the benefits of new technology and the availability of commodity tools, credentials, and other resources to develop sophisticated attacks more quickly than ever, putting defenders on their heels.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Forget the Stack; Focus on Control ๐ต๏ธโโ๏ธSecurity teams are under more pressure than ever and cybersecurity debt is adding fuel to the fire. While it can't be eliminated overnight, it can be managed.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ Half of Mobile Devices Run Outdated Operating Systems ๐50 of mobile devices run outdated operating systems, increasing vulnerability to cyberattacks, according to the latest report from Zimperium.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ข Blackouts in Spain and Portugal could be a cyber attack ๐ขBoth countries are "paralyzed" by nationwide power outages.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ Researchers Note 16.7% Increase in Automated Scanning Activity ๐According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ DoJ Data Security Program Highlights Data Sharing Challenges ๐ต๏ธโโ๏ธThe Department of Justice announced compliance rules for the Data Security Program that will require organizations to reexamine how they do business and with whom.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ How Breaches Start: Breaking Down 5 Real Vulns ๐๏ธNot every security vulnerability is high risk on its own but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities, uncovered by Intruders bughunting team, reveal how attackers turn overlooked flaws into serious security incidents. 1. Stealing AWS Credentials with a Redirect ServerSide Request Forgery SSRF is a.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies ๐An ISACA survey found that just 5 of organizations have a defined strategy to defend against quantumenabled threats.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised ๐๏ธThreat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zeroday attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities CVE202458136 CVSS score 9.0 An improper protection of alternate path flaw in the Yii PHP.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors ๐๏ธCybersecurity researchers are warning about a largescale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor instead. WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to breach sites running.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Government Set to Ban SIM Farms in European First ๐The UK government says it will ban the possession or supply of SIM farms, in a fraud crackdown.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Infostealers Harvest Over 30,000 Australian Banking Credentials ๐Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ New WordPress Malware Masquerades as Plugin ๐New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Phorpiex Botnet Delivers LockBit Ransomware with Automated Tactics ๐A new ransomware campaign is automating LockBit deployment via the Phorpiex botnet, according to Cybereason.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ New WordPress Malware Masquerades as Plugin ๐New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Uyghur Diaspora Group Targeted with Remote Surveillance Malware ๐Members of the World Uyghur Congress living in exile were targeted with a spear phishing campaign deploying surveillance malware, according to the Citizen Lab.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Step-by-Step Guide to Switching Cyber Security Providers ๐When your provider stops delivering, its time for a change. This stepbystep guide shows you how to switch MSSP, MDR, MXDR... The post StepbyStep Guide to Switching Cyber Security Providers appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More ๐๏ธWhat happens when cybercriminals no longer need deep skills to breach your defenses? Todays attackers are armed with powerful tools that do the heavy lifting from AIpowered phishing kits to large botnets ready to strike. And theyre not just after big corporations. Anyone can be a target when fake identities, hijacked infrastructure, and insider tricks are used to slip past security.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ C++ Developer ๐The post C Developer appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ Tech Lead โ SDK (C++) ๐The post Tech Lead SDK C appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ข Cisco takes aim at AI security at RSAC with ServiceNow partnership ๐ขThe companies claim Cisco AI Defense and ServiceNow SecOps will help address new challenges raised by AI.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ 4 Different Types of VPNs & When to Use Them ๐ฆฟLearn about the different types of VPNs and when to use them. Find out which type of VPN suits your needs with this comprehensive guide.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools ๐๏ธGovernment and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat APT group called Earth Kurma since June 2024. The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised ๐๏ธThreat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zeroday attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities CVE202458136 CVSS score 9.0 An improper protection of alternate path flaw in the Yii PHP.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised ๐๏ธThreat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zeroday attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities CVE202458136 CVSS score 9.0 An improper protection of alternate path flaw in the Yii PHP.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised ๐๏ธThreat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zeroday attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities CVE202458136 CVSS score 9.0 An improper protection of alternate path flaw in the Yii PHP.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity