ποΈ YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russianspeaking users. "What's intriguing about this malware is how much it collects," Kaspersky said in an analysis. "It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π FishMonger APT Group Linked to I-SOON in Espionage Campaigns π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The FishMonger APT Group has been linked with ISOON, targeting governments, NGOs and think tanks in cyberespionage campaigns.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FishMonger APT Group Linked to I-SOON in Espionage Campaigns
The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns
π΅οΈββοΈ Ukraine Defense Sector Under Attack Via Dark Crystal RAT π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The UNC200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Ukraine Defense Sector Under Attack via Dark Crystal RAT
The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an info-stealing remote access Trojan.
ποΈ Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The supply chain attack involving the GitHub Action "tjactionschangedfiles" started as a highlytargeted attack against one of Coinbase's opensource projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CICD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The supply chain attack involving the GitHub Action "tjactionschangedfiles" started as a highlytargeted attack against one of Coinbase's opensource projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CICD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Is the Middle East's Race to Digitize a Threat to Infrastructure? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As the region continues with its ambitious road map, cybersecurity must be woven into every step of the process.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Is the Middle East's Race to Digitize a Threat?
As the region continues with its ambitious road map, cybersecurity must be woven into every step of the process.
π Google Account Hijackers Target Victims Via Semrush Ads π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors are looking to compromise Google accounts to further malvertising and data theft.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Account Hijackers Target Victims Via Semrush Ads
Threat actors are looking to compromise Google accounts to further malvertising and data theft
π Teen Boys at Risk of Sextortion as 74% Lack Basic Awareness π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UKs National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Teen Boys at Risk of Sextortion as 74% Lack Basic Awareness
The National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys
ποΈ Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked as CVE202529927, carries a CVSS score of 9.1 out of 10.0. "Next.js uses an internal header xmiddlewaresubrequest to prevent recursive requests from triggering infinite loops," Next.js said in an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π₯1
π’ Security experts warn of βcontradictory confidenceβ over critical infrastructure threats π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Almost all critical national infrastructure CNI organizations in the UK 95 experienced a data breach in the last year, according to new research.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Security experts warn of βcontradictory confidenceβ over critical infrastructure threats
Cloud services are the most targeted attack vector, followed by web browsing and internet access
π¦
FizzBuzz to FogDoor: Targeted Malware Campaign Exploits Job-Seeking Developers π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble FogDoor FizzBuzz " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202503FizzbuzzFogDoor300x150.png" datalargefile"httpscyble.comwpcontentuploads202503FizzbuzzFogDoor1024x512.png" title"FizzBuzz to FogDoor Targeted Malware Campaign Exploits JobSeeking Developers 1" Key Takeaways A GitHub repository masqueraded as a coding challenge to deceive developers, particularly targeting Polishspeaking job seekers Opening the provided ISO file triggers a PowerShell script that installs a backdoor named FogDoor and steals sensitive data. The backdoor retrieves commands from a social media profile and exfiltrates stolen data using temporary webhook services, making detection more difficult. The malware extracts browser cookies, saved credentials, installed application...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Fake Coding Challenges Steal Sensitive Data Via FogDoor.
Cyble analyzes a new malware campaign targeting Polish job-seeking developers with fake coding challenges via a stealthy backdoor - FogDoor.
ποΈ β‘ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A quiet tweak in a popular opensource tool opened the door to a supply chain breachwhat started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasnt the only stealth move. A new allinone malware is silently stealing passwords, crypto, and controlwhile hiding in plain sight. And over 300 Android apps joined the chaos, running ad.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code VSCode Marketplace that are designed to deploy ransomware that's under development to its users. The extensions, named "ahban.shiba" and "ahban.cychelloworld," have since been taken down by the marketplace maintainers. Both the extensions, per ReversingLabs, incorporate code that's designed to invoke a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ How to Balance Password Security Against User Experience ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
If given the choice, most users are likely to favor a seamless experience over complex security measures, as they dont prioritize strong password security. However, balancing security and usability doesnt have to be a zerosum game. By implementing the right best practices and tools, you can strike a balance between robust password security and a frictionless user experience UX. This article.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π California AG Reminds 23andMe Customers of Data Deletion Rights Amid Bankruptcy Filing π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Two years after a data breach that compromised almost seven million customers, 23andMe's CEO has resigned as the company files for bankruptcy.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
California AG Reminds 23andMe Customers of Data Deletion Rights Amid Bankruptcy Filing
Two years after a data breach that compromised almost seven million customers, 23andMe's CEO has resigned as the company files for bankruptcy
π’ Building ransomware resilience to avoid paying out π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Amid an impending ransom payment ban, businesses should work to improve their incident response strategies and knowledge of prominent threat groups.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Building ransomware resilience to avoid paying out
Amid an impending ransom payment ban, businesses should work to improve their incident response strategies and knowledge of prominent threat groups
π¦
Stopping Deepfakes in Financial Services Will Require New Processes: Cyble π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Stopping Deepfakes in Financial Services Will Require New Processes Cyble " dataimagecaption"Stopping Deepfakes in Financial Services Will Require New Processes Cyble " datamediumfile"httpscyble.comwpcontentuploads202503CybleBlogsDeepfake300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202503CybleBlogsDeepfake.jpg" title"Stopping Deepfakes in Financial Services Will Require New Processes Cyble 1" The rise of AIgenerated deepfakes has placed the financial services industry and its customers at the epicenter of this growing cyber threat. Whether deepfake fraud is hitting consumers, commercial accounts, or financial institutions themselves, organizations in the banking and financial services sector will need new processes and cybersecurity controls to address this new generat...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Stopping Deepfakes In Finance Needs New Processes: Cyble
Deepfakes threats are evolving quickly β and targeting financial services. A new Cyble report looks at the measures needed to stop these threats.
π΅οΈββοΈ Chinese Hacker Group Tracked Back to iSoon APT Operation π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The group, called FishMonger or Aquatic Panda, is working under contract for the Chinese government to steal data from governmental organizations, Catholic charities, NGOs, think tanks, and more.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Chinese Hacker Group Tracked Back to iSoon APT Operation
The group, called FishMonger or Aquatic Panda, is working under contract for the Chinese government to steal data from governmental organizations, Catholic charities, NGOs, think tanks, and more.
π΅οΈββοΈ FBI Warns of Document Converter Tools Due to Uptick in Scams π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The FBI's Denver field office says the tools will convert documents while also dropping malware and scraping users' systems for sensitive data.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
FBI: Beware of Document Converter Tools
The FBI's Denver field office says the tools will convert documents while also dropping malware and scraping users' systems for sensitive data.
π΅οΈββοΈ Critical 'IngressNightmare' Vulns Imperil Kubernetes Environments π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
More than 40 of all Internetfacing container orchestration clusters are at risk.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
'IngressNightmare' Vulns Imperil Kubernetes Environments
More than 40% of all Internet-facing container orchestration clusters are at risk.
π΅οΈββοΈ China-Nexus APT 'Weaver Ant' Caught in Yearslong Web Shell Attack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The persistent threat actor was caught using sophisticated Web shell techniques against an unnamed telecommunications company in Asia.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
China-Nexus APT Caught in Yearslong Web Shell Attack
A China-nexus persistent threat actor known as "Weaver Ant" was caught using sophisticated Web shell techniques against an unnamed telecommunications company in Asia.