π΅οΈββοΈ Despite Arrests, Scattered Spider Continues High-Profile Hacking π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Despite Arrests, Scattered Spider Continues Hacking
While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.
ποΈ Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An Iranian statesponsored threat group has been attributed to a longterm cyber intrusion aimed at a critical national infrastructure CNI in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning a tactic often used to maintain persistent access for future.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Thursday announced charges against a 36yearold Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami Khaled Ahmed of Sana'a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch nextstage payloads that can irrevocably overwrite a Linux system's primary disk and render it unbootable. The names of the packages are listed below github.comtruthfulpharmprototransform github.comblankloggiagomcp github.comsteelpoortlsproxy "Despite appearing legitimate,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π TikTok Fined β¬530m Over Transfers of European User Data to China π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Irelands data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users data to China.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
TikTok Fined β¬530m Over Transfers of European User Data to China
Irelandβs data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European usersβ data to China
π1
π Ransomware Attacks Fall in April Amid RansomHub Outage π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang going dark.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attacks Fall in April Amid RansomHub Outage
Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang βgoing darkβ
π’ DDoS attackers are pouncing on unpatched vulnerabilities π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Who needs a new attack vector when you can exploit old, public, and welldocumented vulnerabilities?.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
DDoS attackers are pouncing on unpatched vulnerabilities
Who needs a new attack vector when you can exploit old, public, and well-documented vulnerabilities?
π΅οΈββοΈ How to Prevent AI Agents From Becoming the Bad Guys π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
When designed with strong governance principles, AI can drive innovation while maintaining the people's trust and security.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
How to Prevent AI Agents From Becoming the Bad Guys
When designed with strong governance principles, AI can drive innovation while maintaining the people's trust and security.
π€1
ποΈ β‘ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
What if attackers aren't breaking inthey're already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for longterm access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under new names. The real danger isnt just the breachits not knowing whos still lurking in your.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Lets be honest if you're one of the first or the first security hires at a small or midsize business, chances are you're also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. Youre not running a security department. You are THE security department. You're getting pinged about RFPs in one area, and reviewing phishing alerts in another, all while sifting.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to finetune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information," Recorded Future Insikt Group said. "TerraLogger, by contrast.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π SOC-as-a-Service Pricing Guide π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
When your provider stops delivering, its time for a change. This stepbystep guide shows you how to switch MSSP, MDR, MXDR... The post SOCasaService Pricing Guide appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
SOC-as-a-Service Pricing Guide
2025 SOC-as-a-Service Pricing Guide β Know What Youβre Paying For
π¦
Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences " dataimagecaption"Cyble Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences " datamediumfile"httpscyble.comwpcontentuploads202505CybleBlogsNCSC300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202505CybleBlogsNCSC1024x512.jpg" title"Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences 1" Multiple cyberattacks have recently struck some of the UKs most iconic retailers, prompting concern from industry leaders and cybersecurity authorities. Among the affected organizations are Harrods, Marks Spencer, and the Coop, all of which have confirmed incidents targeting their digital infrastructure in late April and early May 2025. The UKs National Cyber Security Centre NCSC is c...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ποΈ Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a series of nowpatched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo. "These vulnerabilities can be chained by.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a maximumseverity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities KEV catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE202534028 CVSS score 10.0, a path traversal bug that affects 11.38 Innovation Release, from versions.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Phony Hacktivist Pleads Guilty to Disney Data Leak π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
After stealing sensitive data from Disney, Ryan Mitchell Kramer claimed to be part of a Russian hacktivist group protecting artists' rights and ensuring they receive fair compensation for their work.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Phony Hacktivist Pleads Guilty to Disney Data Leak
After stealing sensitive data from Disney, Ryan Mitchell Kramer claimed to be part of a Russian hacktivist group protecting artists' rights and ensuring they receive fair compensation for their work.
π¦Ώ Windows 11 Version 24H2 Enters Final Deployment Phase, Microsoft Lists Known Issues π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Some devices will be placed under a compatibility hold as Microsoft works out ongoing issues.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Windows 11 Version 24H2 Enters Final Deployment Phase, Microsoft Lists Known Issues
Some devices will be placed under a compatibility hold as Microsoft works out ongoing issues.
β€1
π΅οΈββοΈ AI Domination: RSAC 2025 Social Media Roundup π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Documented in a series of social media posts, cybersecurity experts shared with Dark Reading their insights on RSAC 2025 throughout the week.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
AI Domination: RSAC 2025 Social Media Roundup
Documented in a series of social media posts, cybersecurity experts shared with Dark Reading their insights on RSAC 2025 throughout the week.
π΅οΈββοΈ 'Venom Spider' Targets Hiring Managers in Phishing Scheme π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Researchers from Arctic Wolf Labs detailed a new spearphishing campaign that targets hiring managers and recruiters by posing as a job seeker.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Venom Spider' Targets Hiring Managers in Phishing Scheme
Researchers from Arctic Wolf Labs detailed a new spear-phishing campaign that targets hiring managers and recruiters by posing as a job seeker.
ποΈ Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently disclosed critical security flaw impacting the opensource Langflow platform has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA, citing evidence of active exploitation. The vulnerability, tracked as CVE20253248, carries a CVSS score of 9.8 out of a maximum of 10.0. "Langflow contains a missing.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
πͺ Small Businesses Create Big Impact: NIST Celebrates 2025 National Small Business Week πͺ
π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
This week were celebrating National Small Business Weekwhich recognizes and celebrates the small and mediumsized business SMB communitys significant contributions to the nation. SMBs are a substantial and critical part of the U.S. and global economic and cybersecurity infrastructure. According to the U.S. Small Business Administrations Office of Advocacy, 1 there are 34.8 million SMBs in the United States making up 99 of all U.S. businesses. Of those, 81.7 are nonemployer firms with no paid employees other than the owners of the business. These businesses, though small in size.π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
NIST
Small Businesses Create Big Impact: NIST Celebrates 2025 National Small Business Week
This week weβre celebrating National Small Business Weekβwhich recognizes and celebrates the small and medium-sized business (SMB) communityβs significant contributions to the nation. SMBs are a substantial and critical part of the U.S. and global economicβ¦