ποΈ ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fearbased lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a report shared with The.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese statebacked threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.
π΅οΈββοΈ Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A threat actor posted about the zeroday exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution
A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.
π1
π΅οΈββοΈ AI Code Tools Widely Hallucinate Packages π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The hallucination problem is not just pervasive, it is persistent as well, according to new research.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
AI Code Tools Widely Hallucinate Packages
The hallucination problem is not just pervasive, it is persistent as well, according to new research.
π΅οΈββοΈ Threat Intel Firm Offers Crypto in Exchange for Dark Web Accounts π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Threat Intel Firm Offers Crypto for Dark Web Accounts
Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.
βοΈ Trump Revenge Tour Targets Cyber Leaders, Elections βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency CISA who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs's employer SentinelOne, comes as CISA is facing huge funding and staffing cuts.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Trump Revenge Tour Targets Cyber Leaders, Elections
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White Houseβ¦
π1π€¬1
ποΈ Gladinetβs Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE202530406 CVSS score 9.0, the vulnerability refers to the use of a hardcoded cryptographic key that could expose internetaccessible servers to remote code execution attacks.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta has announced that it will begin to train its artificial intelligence AI models using public data shared by adults across its platforms in the European Union, nearly a year after it paused its efforts due to data protection concerns from Irish regulators. "This training will better support millions of people and businesses in Europe, by teaching our generative AI models to better.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ CISA issues warning in wake of Oracle cloud credentials leak π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The security agency has published guidance for enterprises at risk.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISA issues warning in wake of Oracle cloud credentials leak
The security agency has published guidance for enterprises at risk
π NTLM Hash Exploit Targets Poland and Romania Days After Patch π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild
ποΈ CVE-2025-24054 Under Active AttackβSteals NTLM Credentials on File Download ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a mediumseverity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE202524054 CVSS score 6.5, is a Windows New Technology LAN Manager NTLM hash disclosure.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π NTLM Hash Exploit Targets Poland and Romania Days After Patch π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild
π΅οΈββοΈ Android Phones Pre-Downloaded With Malware Target User Crypto Wallets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The threat actors lace predownloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Phones Pre-Downloaded With Malware Target Crypto Wallets
The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.
π΅οΈββοΈ Android Phones Pre-Downloaded With Malware Target User Crypto Wallets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The threat actors lace predownloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Phones Pre-Downloaded With Malware Target Crypto Wallets
The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.
π’ CISA issues warning in wake of Oracle cloud credentials leak π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The security agency has published guidance for enterprises at risk.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISA issues warning in wake of Oracle cloud credentials leak
The security agency has published guidance for enterprises at risk
π’ Darktrace unveils tailored AI models with a twist for its cybersecurity agent π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Darktrace has announced new AI models for its agentic AI security tool, but it's taken a novel approach to tackle hallucinations.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Darktrace unveils tailored AI models with a twist for its cybersecurity agent
The Cambridge-based firm equipped its autonomous cyber assistant with custom AI models to avoid the issue of hallucinations
π NTLM Hash Exploit Targets Poland and Romania Days After Patch π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild
π Senators Urge Cyber-Threat Sharing Law Extension Before Deadline π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Senators Urge Cyber-Threat Sharing Law Extension Before Deadline
Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years
π΅οΈββοΈ Android Phones Pre-Downloaded With Malware Target User Crypto Wallets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The threat actors lace predownloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Phones Pre-Downloaded With Malware Target Crypto Wallets
The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.
π΅οΈββοΈ Dogged by Trump, Chris Krebs Resigns From SentinelOne π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The president revoked the former CISA director's security clearance, half a decade after Krebs challenged rightwing election disinformation, prompting his eventual resignation.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Dogged by Trump, Chris Krebs Resigns From SentinelOne
The president revoked the former CISA director's security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation.
ποΈ Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Chinalinked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a new lateral movement.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity