π New Infostealer Campaign Uses Discord Videogame Lure π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors are tricking victims into downloading malware with the promise of testing a new videogame.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Infostealer Campaign Uses Discord Videogame Lure
Threat actors are luring victims into downloading malware with the promise of trying a new videogame
π’ Fake CAPTCHA attacks surged in late 2024 β hereβs what to look out for π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
CAPTCHA pages that trick users into executing malicious commands almost doubled in two months at the end of 2024.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Fake CAPTCHA attacks surged in late 2024 β hereβs what to look out for
CAPTCHA pages that trick users into executing malicious commands almost doubled in two months at the end of 2024
π’ US sanctions Chinese tech firm that targets critical infrastructure π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Integrity Technology Group has been linked to Flax Typhoon, a hacking group that has targeted US critical infrastructure and other organizations.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
US sanctions Chinese tech firm that targets critical infrastructure
Integrity Technology Group has been linked to Flax Typhoon, a hacking group that has targeted US critical infrastructure and other organizations
π¦Ώ The 5 Fastest VPNs for 2025 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Looking for a VPN that delivers speed and security? Weve rounded up the best of the best take a look and see which ones perfect for you!.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
The 5 Fastest VPNs for 2025
Explore the fastest VPNs for secure, high-speed browsing. Discover VPN services that protect your data and ensure smooth streaming and safe internet access.
β€2
ποΈ β‘ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan] ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doorssome we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner. This week, we dive into the hidden risks, surprising loopholes, and the clever tricks.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second just in Entra IDa 75 increase from last yearand phishing attempts up by 58, causing 3.5 billion in losses source Microsoft Digital Defense Report 2024. SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake 'Telegram Premium' app, it is distributed through a GitHub.iohosted phishing site that impersonates RuStore a popular app store in the Russian Federation,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New PhishWP Plugin Enables Sophisticated Payment Page Scams π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The PhishWP plugin enables scammers to create fake payment pages, stealing sensitive data via Telegram.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New PhishWP Plugin Enables Sophisticated Payment Page Scams
The PhishWP plugin enables scammers to create fake payment pages, stealing sensitive data via Telegram
π Chinese Hackers Double Cyber-Attacks on Taiwan π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Taiwans security service said government networks faced 2.4 million attacks in 2024, most of which are attributed to Chinese state actors.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese Hackers Double Cyber-Attacks on Taiwan
Taiwanβs security service said government networks faced 2.4 million attacks in 2024, most of which are attributed to Chinese state actors
π¦
Weekly Vulnerability Insights Report: Critical Vulnerabilities Highlighted from December 25-31, 2024 π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview This weeks vulnerability report sheds light on a broad range of critical vulnerabilities identified from December 25 to December 31, 2024. The report emphasizes several highseverity flaws that pose online threats to cybersecurity, including new additions to the CISA's Known Exploited Vulnerability KEV catalog. Among the most pressing vulnerabilities, one concerning Palo Alto Networks PANOS stands out. This vulnerability has been actively exploited by cybercriminals to compromise firewalls, forcing them to reboot and disrupting network security. The Cybersecurity and Infrastructure Security Agency CISA added this vulnerability to their KEV catalog, signifying its exploitation in the wild. Beyond this, CRIL also analyzed multiple highprofile vulnerabilities impacting DL...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π¦
Weekly Vulnerability Roundup: Highlights from SingCERTβs Security Bulletin π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The Singapore Computer Emergency Response Team SingCERT has released its latest Security Bulletin, summarizing vulnerabilities reported in the past week from the National Institute of Standards and Technology NISTs National Vulnerability Database NVD. This bulletin provides essential insights for businesses and security professionals to mitigate risks associated with these vulnerabilities. The vulnerabilities have been categorized based on the Common Vulnerability Scoring System v3 CVSSv3 base scores, which assess their severity levels Critical CVSS score of 9.0 to 10.0 High CVSS score of 7.0 to 8.9 Medium CVSS score of 4.0 to 6.9 Low CVSS score of 0.1 to 3.9 None CVSS score of 0.0 Lets take a closer look at the critical vulnerabilities reported this wee...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
SingCERT Highlights Critical CVEs In Latest Security Bulletin
SingCERTβs latest security bulletin covers key vulnerabilities from the National Vulnerability Database. Protect your systems now.
π΅οΈββοΈ IoT's Regulatory Reckoning Is Overdue π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
New security regulations are more than compliance hurdles they're opportunities to build better products, restore trust, and lead the next chapter of innovation.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
IoT's Regulatory Reckoning Is Overdue
New security regulations are more than compliance hurdles β they're opportunities to build better products, restore trust, and lead the next chapter of innovation.
ποΈ India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Indian government has published a draft version of the Digital Personal Data Protection DPDP Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau PIB said in a statement released Sunday. "Citizens are empowered with rights to demand data erasure,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Supply Chain Attack Targets Key Ethereum Development Tools π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Supply Chain Attack Targets Key Ethereum Development Tools
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data
π΅οΈββοΈ EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware, operated by Chinabacked cyberattackers, has been significantly fortified with new evasive and postinfection capabilities.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
EagerBee Backdoor Takes Flight Against Mideast Targets
The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.
π΅οΈββοΈ In Appreciation: Amit Yoran, Tenable CEO, Passes Away π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Cybersecurity industry visionary and renowned executive Amit Yoran has passed away after an almost oneyear battle with cancer.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
In Appreciation: Amit Yoran, Tenable CEO, Passes Away
Cybersecurity industry visionary and renowned executive Amit Yoran has passed away after an almost one-year battle with cancer.
π΅οΈββοΈ China's Salt Typhoon Adds Charter, Windstream to Telecom Victim List π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
These latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
China's Salt Typhoon Adds to Telecom Cyber Victim List
These latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies.
π΅οΈββοΈ FireScam Android Spyware Campaign Poses 'Significant Threat Worldwide' π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A fake Telegram Premium app delivers informationstealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Android Spyware Campaign Poses 'Significant Threat'
A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.
ποΈ Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Taiwanbased Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution. The list of vulnerabilities is as follows CVE20249138 CVSS 4.0 score 8.6 A hardcoded credentials vulnerability that could allow an authenticated user to escalate privileges and gain.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISA Claims Treasury Breach Did Not Impact Other Agencies π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US Cybersecurity and Infrastructure Security Agency claims a recent Chinalinked breach was confined to the Treasury.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA Claims Treasury Breach Did Not Impact Other Agencies
The US Cybersecurity and Infrastructure Security Agency claims a recent China-linked breach was confined to the Treasury
ποΈ New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Internet service providers ISPs and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE aka Thumtais comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. "The key.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity