ποΈ Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response EDR software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An advanced persistent threat APT group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Whether its CRMs, project management tools, payment processors, or lead management tools your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks Why.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Top 3 MS Office Exploits Hackers Use in 2025 β Stay Alert! ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zeroclick exploits, malicious Office files are still one of the easiest ways into a victims system. Here are the top three Microsoft Officebased exploits still making the rounds this year and what you need to know to avoid them. 1.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chineselanguage gambling platforms has ballooned to compromise approximately 150,000 sites to date. "The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a fullscreen overlay in the visitor's browser," cside security analyst Himanshu.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added two sixyearold security flaws impacting Sitecore CMS and Experience Platform XP to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities are listed below CVE20199874 CVSS score 9.8 A deserialization vulnerability in the Sitecore.Security.AntiCSRF.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprisefocused software that's used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources. The vulnerability, tracked as.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CoffeeLoader Malware Loader Linked to SmokeLoader Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CoffeeLoader Malware Loader Linked to SmokeLoader Operations
Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security
π PJobRAT Malware Targets Users in Taiwan via Fake Apps π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PJobRAT Malware Targets Users in Taiwan via Fake Apps
PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms
π No MFA? Expect Hefty Fines, UKβs ICO Warns π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The ICOs Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
No MFA? Expect Hefty Fines, UKβs ICO Warns
The ICOβs Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties
π Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US
Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras
π NCA Warns of Sadistic Online βComβ Networks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UKs National Crime Agency is warning of a growing cyber and physical threat from homegrown teens.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NCA Warns of Sadistic Online βComβ Networks
The UKβs National Crime Agency is warning of a growing cyber and physical threat from homegrown teens
π NCSC Urges Domain Registrars to Improve Security π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UKs National Cyber Security Centre has released new guidance to help domain registrars enhance security.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NCSC Urges Domain Registrars to Improve Security
The UKβs National Cyber Security Centre has released new guidance to help domain registrars enhance security
π SecurityScorecard Observes Surge in Third-Party Breaches π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
In its 2025 Global ThirdParty Breach Report, SecurityScorecard has found that 35.5 of all cyber breaches in 2024 were thirdparty related, up from 29 in 2023.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
SecurityScorecard Observes Surge in Third-Party Breaches
SecurityScorecard has found that 35.5% of all cyber breaches in 2024 were third-party related, up from 29% in 2023
π¦
Hacktivists Increasingly Target France for Its Diplomatic Efforts π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Hacktivists Increasingly Target France for Its Diplomatic Efforts " dataimagecaption"Cyble Hacktivists Increasingly Target France for Its Diplomatic Efforts " datamediumfile"httpscyble.comwpcontentuploads202503CybleBlogsHacktivistsFrance300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202503CybleBlogsHacktivistsFrance1024x512.jpg" title"Hacktivists Increasingly Target France for Its Diplomatic Efforts 1" According to a Cyble report sent to clients recently, France is increasingly becoming a target of hacktivists for its active role in international diplomacy and in ongoing conflicts in Ukraine and the Middle East. Frances role in those conflicts has drawn the ire of proRussian and proPalestinian hacktivist groups, Cyble said, as those hacktivists have found ideological ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Hacktivists Target France Over Diplomatic Moves
Pro-Russian and pro-Palestinian hacktivist groups share a common adversary in France, leading to coordinated cyberattacks against the country.
ποΈ Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable instant recovery to minimize downtime and data loss. This is.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Developers spend 17 hours a week on security β but don't consider it a top priority π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
More work on DevSecOps has been identified as a top priority for developer teams.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Developers spend 17 hours a week on security β but don't consider it a top priority
More work on DevSecOps has been identified as a top priority for developer teams
π1
π Morphing Meerkat PhaaS Platform Spoofs 100+ Brands π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Morphing Meerkat PhaaS Platform Spoofs 100+ Brands
A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel
π Trump CISA Cuts Threaten US Election Integrity, Experts Warn π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyberattacks on US election infrastructure.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Trump CISA Cuts Threaten US Election Integrity, Experts Warn
Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure
π’ Security researchers hack BlackLock ransomware gang in push back against rising threat actor π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
BlackLock's reputation may not recover as analysts publish extensive details of its victims and associated accounts.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Security researchers hack BlackLock ransomware gang in push back against rising threat actor
BlackLock's reputation may not recover as analysts publish extensive details of its victims and associated accounts
π¦
TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble TsarBot A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202503TsarBot300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202503TsarBot.jpg" title"TsarBot A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications 1" Key Takeaways A new Android Banking Trojan, TsarBot, targets over 750 applications globally, including banking, finance, cryptocurrency, and ecommerce apps. TsarBot spreads via phishing sites masquerading as legitimate financial platforms and is installed through a dropper disguised as Google Play Services. It uses overlay attacks to steal banking credentials, credit card details, and login credentials ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
TsarBot Trojan Hits 750+ Banking & Crypto Apps!
Beware of TsarBot! This Android banking Trojan spreads via phishing, steals credentials, and hijacks devices. Stay safe with our latest insights.