Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t mince words: “Healthcare […]
Category: Cyber Security News
Weaponized PyPI Package Executes Supply Chain Attack to Steal Solana Private Keys
A chilling discovery by Socket’s Threat Research Team has exposed a meticulously crafted supply chain attack on the Python Package Index (PyPI), orchestrated by a […]
Novel Malware Evades Detection by Skipping PE Header in Windows
Researchers have identified a sophisticated new strain of malware that bypasses traditional detection mechanisms by entirely omitting the Portable Executable (PE) header in Windows environments. […]
Novel PumaBot slips into IoT surveillance with stealthy SSH break-ins
Security researchers are warning about a novel Linux botnet, dubbed PumaBot, targeting Internet of Things (IOT) surveillance devices. According to a DarkTrace observation, the botnet […]
Hackers Use AI-Generated Videos on TikTok to Spread Info-Stealing Malware
TrendMicro has uncovered a sophisticated campaign where threat actors are exploiting TikTok to distribute information-stealing malware. By leveraging AI-generated videos posing as tutorials for unlocking […]
U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator […]
Void Blizzard nimmt NATO-Organisationen ins Visier
Russische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich. PX Media – Shutterstock.com Seit über einem Jahr […]
Safari Flaw Exploited by BitM Attack to Steal User Login Data
A new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth. Unlike traditional […]
Next.js Dev Server Vulnerability Leads to Developer Data Exposure
A recently disclosed vulnerability, CVE-2025-48068, has raised concerns among developers using the popular Next.js framework. This flaw, affecting versions 13.0.0 through 15.2.1 when the App […]
Passwortlose Authentifizierung wird für CISOs immer wichtiger
Selbst MFA ist vor raffinierten, KI-gesteuerten Phishing-Angriffen nicht sicher. Biometrische Verfahren gelten als vielversprechende Alternative. CC7 – shutterstock.com Die rasante Entwicklung von KI-Agenten eröffnet Cyberkriminellen […]