azMza - Security Updates

Security

Updates

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. "The scale of Prince

21-12-2025 09:52

U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware

The U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in connection with a multi-million dollar ATM jackpotting scheme. The large-scale conspiracy involved deploying malware named Ploutus to hack into automated teller

20-12-2025 19:18

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is

19-12-2025 23:24

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a new version of a modular and stealthy loader known as CountLoader. The campaign "uses CountLoader as the i

19-12-2025 21:04

Palo Alto Networks, Google Cloud Expand Partnership in Multibillion-Dollar Deal

Palo Alto Networks and Google Cloud expand their partnership in a multibillion-dollar deal to secure AI workloads as attacks on AI infrastructure surge. The post appeared first on .

19-12-2025 19:45

Thailand Conference Launches International Initiative to Fight Online Scams

Similar pledges to fight scam networks were made by members of the Association of Southeast Asian Nations in the months leading up to the Bangkok conference. The post appeared first on .

19-12-2025 19:14

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks. Tracked as CVE-2025-14733 (CVSS score: 9.3), the vulnerability has been described as a case of out-of-bounds write aff

19-12-2025 16:53

In Other News: Docker AI Attack, Google Sues Chinese Cybercriminals, Coupang Hacked by Employee

Other noteworthy stories that might have slipped under the radar: Trump could use private firms for cyber offensive, China threat to US power grid, RaccoonO365 suspect arrested in Nigeria. The post appeared first on .

19-12-2025 16:04

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Authorities in Nigeria have announced the arrest of three "high-profile internet fraud suspects" who are alleged to have been involved in phishing attacks targeting major corporations, including the main developer behind the RaccoonO365 phishing-as-a-ser

19-12-2025 15:56

Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal

The agreement strengthens technical and commercial ties as Palo Alto migrates workloads and adopts Google’s Vertex AI and Gemini models. The post appeared first on .

19-12-2025 15:51

AI Security Firm Ciphero Emerges From Stealth With $2.5 Million in Funding

The startup’s solution captures, verifies, and governs all AI interactions within an enterprise’s environment. The post appeared first on .

19-12-2025 15:33

Denmark Blames Russia for Cyberattacks Ahead of Elections and on Water Utility

Danish intelligence service said the attacks were part of Russia’s “hybrid war” against the West and an attempt to create instability. The post appeared first on .

19-12-2025 14:53

OWASP Drops First AI Agent Risk List

These aren't simple chatbots anymore—these AI agents access data and tools and carry out tasks, making them infinitely more capable and dangerous. The post appeared first on .

19-12-2025 14:47

Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments

The hacking group has been using Group Policy to deploy cyberespionage tools on governmental networks. The post appeared first on .

19-12-2025 14:35

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access (DMA) attacks across architectures that implement a Unified

19-12-2025 13:55

UK Foreign Office Cyber Breach Exposed Diplomatic Secrets

The government stopped short of directly attributing the attack to Chinese operatives or the Chinese state. The post appeared first on .

19-12-2025 13:46

Docker Makes 1,000 Hardened Images Free and Open Source

Millions of developers can now use the secure, production-ready images made by Docker. The post appeared first on .

19-12-2025 13:33

US Shuts Down Crypto Exchange E-Note, Charges Russian Administrator

The exchange has been allegedly involved in laundering money for ransomware groups and other transnational cybercriminal organizations. The post appeared first on .

19-12-2025 13:03

University of Sydney Data Breach Affects 27,000 Individuals

Downloaded from a code library, the information pertains to current and former staff and affiliates, and to alumni and students. The post appeared first on .

19-12-2025 11:59

‘Kimwolf’ Android Botnet Ensnares 1.8 Million Devices

Linked to the Aisuru IoT botnet, Kimwolf was seen launching over 1.7 billion DDoS attack commands and increasing its C&C domain’s popularity. The post appeared first on .

19-12-2025 11:48

Italian Ferry Malware Attack Sparks International Probe

French intelligence agencies uncovered what appears to be a coordinated foreign interference operation targeting the GNV Fantastic. The post appeared first on .

19-12-2025 08:08

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecu

18-12-2025 23:04

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, could result in remote code execution. The critical vulnerability, assigned the CVE identifier CVE-2025-37164, carries a C

18-12-2025 20:09

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the next big breach could come from. From shifting infras

18-12-2025 18:40

North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft

Threat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least $2.02 billion out of more than $3.4 billion stolen from J

18-12-2025 18:30

The Case for Dynamic AI-SaaS Security as Copilots Scale

Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like Zoom, Slack, Microsoft 365, Salesforce, and ServiceNow now come with built-in AI assistants or agent-like

18-12-2025 17:00

UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks

ASRock, Asus, Gigabyte, and MSI motherboards are vulnerable to early-boot DMA attacks. The post appeared first on .

18-12-2025 15:30

HPE Patches Critical Flaw in IT Infrastructure Management Software

Tracked as CVE-2025-37164, the critical flaw could allow unauthenticated, remote attackers to execute arbitrary code. The post appeared first on .

18-12-2025 15:07

CISA Warns of Exploited Flaw in Asus Update Tool

Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack. The post appeared first on .

18-12-2025 13:27

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea E

18-12-2025 13:13

Microsoft December Update Breaks Critical IIS Servers

The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post appeared first on .

18-12-2025 11:19

113,000 Impacted by Data Breach at Virginia Mental Health Authority

Threat actors stole names, Social Security numbers, and financial and health information, and deployed ransomware on RBHA’s systems. The post appeared first on .

18-12-2025 11:05

IoT Security Firm Exein Raises €100 Million

The Italian company has raised nearly $200 million in 2025 for its widely used embedded cybersecurity platform. The post appeared first on .

18-12-2025 10:34

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE

18-12-2025 10:31

France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry

France’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry The post appeared first on .

18-12-2025 10:05

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions

18-12-2025 10:00

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Se

18-12-2025 09:40

Chinese Hackers Target Cisco’s Email Security Systems

The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post appeared first on .

18-12-2025 09:28

Chinese Hackers Breach Cisco’s Email Security Systems

The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post appeared first on .

18-12-2025 09:28

SonicWall Patches Exploited SMA 1000 Zero-Day

The medium-severity flaw has been exploited in combination with a critical bug for remote code execution. The post appeared first on .

18-12-2025 09:10

SoundCloud Cyberattack Leaves 28M Users Exposed

The breach has already triggered widespread chaos across the platform, with users worldwide reporting connection failures and cryptic error messages. The post appeared first on .

18-12-2025 07:49

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post appeared first on .

18-12-2025 07:12

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 (CVSS score: 6.6), concerns a case of local p

17-12-2025 23:47

Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks

A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISUR

17-12-2025 23:39

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine. The activity, observed by

17-12-2025 21:00

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky. The Russian cybersecurity vendor said it detected the new activity in October 2025. The or

17-12-2025 20:24

Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time

Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business. Breaking out of reactive defense is no long

17-12-2025 17:00

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research is tracking the cluster under the

17-12-2025 16:42

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and commit click and ad fraud. The extensions have b

17-12-2025 13:44

NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft

The trucking industry group has released its 2026 Transportation Industry Cybersecurity Trends Report. The post appeared first on .

17-12-2025 13:39

Hacker Conversations: Alex Hall, One-time Fraudster

A first-person journey from undetected fraud to defending trust—how life events, neurodiversity, and hard-won insight shaped a former fraudster into a fraud fighter. The post appeared first on .

17-12-2025 13:00

New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps

The malware provides full device control and real-time surveillance capabilities like those of advanced spyware. The post appeared first on .

17-12-2025 12:44

Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking

The perimeter is gone. Credentials are no longer sufficient. And security can no longer rely on static controls in a dynamic threat environment. The post appeared first on .

17-12-2025 12:00

Adaptive Security Raises $81 Million in Series B Funding

Led by Bain Capital Ventures, the investment round brings the total raised by the company to $146.5 million. The post appeared first on .

17-12-2025 11:18

GhostPoster Firefox Extensions Hide Malware in Icons

The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA. The post appeared first on .

17-12-2025 10:40

Auto Parts Giant LKQ Confirms Oracle EBS Breach

LKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack. The post appeared first on .

17-12-2025 09:11

Dux Emerges From Stealth Mode With $9 Million in Funding

The startup takes an agentic approach to preventing vulnerability exploitation by uncovering exposure across assets. The post appeared first on .

17-12-2025 07:17

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon's GuardDuty managed threat dete

16-12-2025 22:05

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer. The malicious package, named "Tracer.Fody.NLog," remaine

16-12-2025 21:09

From Open Source to OpenAI: The Evolution of Third-Party Risk

From open source libraries to AI-powered coding assistants, speed-driven development is introducing new third-party risks that threat actors are increasingly exploiting. The post appeared first on .

16-12-2025 18:00

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. Targets of the campaign included energy sector organizations across Western na

16-12-2025 17:57

Why Data Security and Privacy Need to Start in Code

AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid growth in both the number of applications and the pace of change within those applications. Security and privac

16-12-2025 17:00

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on (SSO)

16-12-2025 16:28

4.3B LinkedIn-Style Records Found in One of the Largest Data Exposures Ever

An unsecured database exposed 4.3 billion LinkedIn-derived records, enabling large-scale phishing and identity-based attacks. The post appeared first on .

16-12-2025 15:35

CISO Communities – Cybersecurity’s Secret Weapon

Closed CISO communities act as an information exchange, advice center, pressure valve, and safe haven from critical oversight. The post appeared first on .

16-12-2025 15:00

700,000 Records Compromised in Askul Ransomware Attack

The e-commerce and logistics company was targeted by the RansomHouse ransomware group in October. The post appeared first on .

16-12-2025 14:26

Echo Raises $35 Million in Series A Funding

The fresh investment comes less than six months after the startup’s seed funding announcement. The post appeared first on .

16-12-2025 14:01

Verisoul Raises $8.8 Million for Fraud Prevention

The company plans to accelerate product development, scale go-to-market efforts, and hire new talent. The post appeared first on .

16-12-2025 14:00

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT Security. "KSwapDoor is a professionally engineered r

16-12-2025 13:51

Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks

After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices. The post appeared first on .

16-12-2025 13:22

Master IT Fundamentals with This CompTIA Certification Prep Bundle

Prepare for a successful IT career with lifetime access to expert-led courses covering CompTIA A+, Network+, Security+, and Cloud+ certification prep. The post appeared first on .

16-12-2025 13:00

JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover

The issue allows attackers to write arbitrary data to any file, or delete arbitrary files to obtain System privileges. The post appeared first on .

16-12-2025 11:39

Google to Shut Down Dark Web Monitoring Tool in February 2026

Google has announced that it's discontinuing its dark web report tool in February 2026, less than two years after it was launched as a way for users to monitor if their personal information is found on the dark web. To that end, scans for new dark web br

16-12-2025 11:32

Google to Kill Popular Dark Web Report Tool

This marks another abrupt end to a Google service that users had come to rely on. The post appeared first on .

16-12-2025 10:53

User Data Compromised in SoundCloud Hack

SoundCloud said the information of 20% of users was accessed by hackers who breached its systems. The post appeared first on .

16-12-2025 10:47

ESET Threat Report H2 2025

A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

16-12-2025 09:50

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

Threat actors are exploiting the two critical authentication bypass vulnerabilities against FortiGate appliances. The post appeared first on .

16-12-2025 09:27

Coupang CEO Quits After Breach Hits 33.7M South Koreans

The e-commerce firm's data breach exposed nearly two-thirds of the entire country's population after hackers operated undetected for five months. The post appeared first on .

16-12-2025 08:43

Fake ‘Leonardo DiCaprio’ Torrent Spreads Agent Tesla Malware

A fake Leonardo DiCaprio movie torrent is spreading Agent Tesla malware through trusted Windows tools The post appeared first on .

16-12-2025 08:03

Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats

A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSe

15-12-2025 23:16

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by

15-12-2025 20:02

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was

15-12-2025 17:54

Militant Groups Are Experimenting With AI, and the Risks Are Expected to Grow

AI can be used by extremist groups to pump out propaganda or deepfakes at scale, widening their reach and expanding their influence. The post appeared first on .

15-12-2025 17:28

A Browser Extension Risk Guide After the ShadyPanda Campaign

In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale. A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or ac

15-12-2025 17:25

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation

15-12-2025 14:54

Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery

Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors. The post appeared first on .

15-12-2025 13:48

Apple Releases macOS Sequoia 15.7.3 Security Update

Apple has released macOS Sequoia 15.7.3 with important security fixes. Here’s what to know before installing the update. The post appeared first on .

15-12-2025 11:53

Soverli Raises $2.6 Million for Secure Smartphone OS

The sovereign smartphone OS runs along Android or iOS, allowing users to switch between secure, isolated environments. The post appeared first on .

15-12-2025 11:50

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without pa

15-12-2025 11:03

Are Your AI Assistants Under Attack?

Many users utilize an AI assistant to handle their inbox, leaving them vulnerable to attack. The post appeared first on .

15-12-2025 11:02

Atlassian Patches Critical Apache Tika Flaw

Atlassian has released software updates for Bamboo, Bitbucket, Confluence, Crowd, Fisheye/Crucible, and Jira. The post appeared first on .

15-12-2025 11:00

Third DraftKings Hacker Pleads Guilty

Nathan Austad admitted in court to launching a credential stuffing attack against a fantasy sports and betting website. The post appeared first on .

15-12-2025 10:31

700Credit Data Breach Impacts 5.8 Million Individuals

Hackers stole names, addresses, dates of birth, and Social Security numbers from the credit report and identity verification services provider. The post appeared first on .

15-12-2025 09:21

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack. The post appeared first on .

15-12-2025 08:47

ServiceNow Mulls $7B Armis Cybersecurity Acquisition

The deal could be announced within days, according to Bloomberg. The post appeared first on .

15-12-2025 08:39

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wi

13-12-2025 18:03

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in

13-12-2025 11:02

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed

13-12-2025 00:20

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale. BlackForce, first detected in August 2025, is designed to steal creden

12-12-2025 19:34

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the power of GenAI to draft emails, summarize documen

12-12-2025 15:48

source : hackernews, securityweek, techrepublicsecurity, welivesecurity