ποΈ Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Multiple suspected Russialinked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025. The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π±1
ποΈ Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys. The malicious activity has been found to affect five different versions of the package 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Tuesday revealed that it will no longer offer a standalone prompt for thirdparty cookies in its Chrome browser as part of its Privacy Sandbox initiative. "We've made the decision to maintain our current approach to offering users thirdparty cookie choice in Chrome, and will not be rolling out a new standalone prompt for thirdparty cookies," Anthony Chavez, vice president of Privacy.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π€1
π Verizon's DBIR Reveals 34% Jump in Vulnerability Exploitation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
After a 180 rise in last years report, the exploitation of vulnerabilities continues to grow, now accounting for 20 of all breaches.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Verizon's DBIR Reveals 34% Jump in Vulnerability Exploitation
After a 180% rise in last yearβs report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches
π FBI Reveals βStaggeringβ $16.6bn Lost to Cybercrime in 2024 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The FBI found that cybercrime losses climbed by 33 compared to 2023, driven by tactics like investment fraud and BEC.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FBI Reveals βStaggeringβ $16.6bn Lost to Cybercrime in 2024
The FBI found that cybercrime losses climbed by 33% compared to 2023, driven by tactics like investment fraud and BEC
π Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Mandiants MTrends report found that credential theft rose significantly in 2024, driven by the growing use of infostealers.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors
Mandiantβs M-Trends report found that credential theft rose significantly in 2024, driven by the growing use of infostealers
π US Data Breach Victim Count Surges 26% Annually π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The latest ITRC data finds breach volumes remained flat in Q1 but victim numbers increased 26 annually.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Data Breach Victim Count Surges 26% Annually
The latest ITRC data finds breach volumes remained flat in Q1 but victim numbers increased 26% annually
π M&S Grapples with Cyber Incident Affecting In-Store Services π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Marks and Spencer has confirmed that it has been managing a cyber incident for the past few days which affected its contactless payments and click and collect services.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
M&S Grapples with Cyber Incident Affecting In-Store Services
Marks and Spencer has confirmed that it has been managing a cyber incident for the past few days which affected its contactless payments and click and collect services
π Dutch Warn of βWhole of Societyβ Russian Cyber-Threat π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Dutch intelligence report warns of growing Russian aggression with hybrid warfare.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Dutch Warn of βWhole of Societyβ Russian Cyber-Threat
Dutch intelligence report warns of growing Russian aggression with hybrid warfare
π UK Romance Scams Spike 20% as Online Dating Grows π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Barclays found that romance scam victims lost 8000 on average in 2024, a significant increase from the previous year.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Romance Scams Spike 20% as Online Dating Grows
Barclays found that romance scam victims lost Β£8000 on average in 2024, a significant increase from the previous year
π΅οΈββοΈ 'Industrial-Scale' Asian Scam Centers Expand Globally π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The convergence of cybercrime, financial fraud, and organized crime poses a significant threat, especially where these syndicates excel at operating under the radar.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Industrial-Scale' Asian Scam Centers Expand Globally
The convergence of cybercrime, financial fraud, and organized crime poses a significant threat, especially where these syndicates excel at operating under the radar.
β€2
ποΈ WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users to block participants from sharing the contents of a conversation in traditional chats and groups. "This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp said in a statement. The optional feature.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2π€1
π’ Hackers are using Zoomβs remote control feature to infect devices with malware π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Security experts have issued an alert over a new social engineering campaign using Zooms remote control features to take over victim devices.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Hackers are using Zoomβs remote control feature to infect devices with malware
The Zoom feature could let threat actors install malware or exfiltrate data
π1
π¦Ώ Google Chrome Keeps Third-Party Cookies Settings, Lets Users βMake an Informed Choiceβ π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Privacy Sandbox, originally pitched as an alternative to crosssite ad tracking, will not show a standalone prompt. Instead, Chrome is readying a different informed choice.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Google Chrome Keeps Third-Party Cookies Settings, Lets Users βMake an Informed Choiceβ
Privacy Sandbox, originally pitched as an alternative to cross-site ad tracking, will not show a standalone prompt. Instead, Chrome is readying a different βinformed choice.β
π€1
ποΈ Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology OT environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2
ποΈ Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE202534028, carries a CVSS score of 9.0 out of a maximum of 10.0. "A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks
While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline
π1
π Ransomware Attacks Fall Sharply in March π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
NCC Group found that ransomware attacks fell by 32 in March compared to February, but described this finding as a red herring.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attacks Fall Sharply in March
NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a βred herringβ
π1
π ETSI Unveils New Baseline Requirements for Securing AI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ETSIs says new technical specification for securing AI models and systems sets international benchmark.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
ETSI Unveils New Baseline Requirements for Securing AI
ETSIβs says new technical specification for securing AI models and systems sets international benchmark
π1
π Ofcom Lays Down the Law with Child Safety Rules for Tech Giants π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Ofcoms Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ofcom Lays Down the Law with Child Safety Rules for Tech Giants
Ofcomβs Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms
π1
ποΈ Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actors behind the Darcula phishingasaservice PhaaS platform have released new updates to their cybercrime suite with generative artificial intelligence GenAI capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less techsavvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News. ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π€1