π’ The NCSC wants developers to get serious on software security π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The NCSC's new Software Security Code of Practice has been welcomed by cyber professionals as a positive step toward bolstering software supply chain security.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
The NCSC wants developers to get serious on software security
New voluntary rules outline software security best practices for vendors and developers
π΅οΈββοΈ How Security Has Changed the Hacker Marketplace π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Your ultimate goal shouldn't be security perfection it should be making exploitation of your organization unprofitable.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
How Security Has Changed the Hacker Marketplace
Your ultimate goal shouldn't be security perfection β it should be making exploitation of your organization unprofitable.
ποΈ Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are warning of a new campaign that's targeting Portuguesespeaking users in Brazil with trial versions of commercial remote monitoring and management RMM software since January 2025. "The spam message uses the Brazilian electronic invoice system, NFe, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask Are they secure? AI agents work with sensitive data and make realtime decisions. If theyre not.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Beyond Vulnerability Management β Can You CVE What I CVE? ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center VOC dataset analysis identified 1,337,797 unique findings security issues across 68,500 unique customer assets. 32,585 of them were distinct.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence AIpowered source code editor. "Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actorcontrolled infrastructure, overwrite Cursor's.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Thursday announced it's rolling out new artificial intelligence AIpowered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its ondevice large language model LLM, to improve Safe Browsing in Chrome 137 on desktops. "The ondevice approach provides instant insight on risky websites and allows us to offer.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π€1
π Google Deploys On-Device AI to Thwart Scams on Chrome and Android π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The tech giant plans to leverage its Gemini Nano LLM ondevice to enhance scam detection on Chrome.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Deploys On-Device AI to Thwart Scams on Chrome and Android
The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome
π€1
π UN Launches New Cyber-Attack Assessment Framework π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UNIDR Intrusion Path is designed to provide a simplified view of cyberthreats and security across the network perimeter.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UN Launches New Cyber-Attack Assessment Framework
The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter
π FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The FBI has detected indicators of malware targeting endoflife routers associated with Anyproxy and 5Socks proxy services.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers
The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services
π1
π PowerSchool Admits Ransom Payment Amid Fresh Extortion Demands π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PowerSchool Admits Ransom Payment Amid Fresh Extortion Demands
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted
π US Federal Agencies Alert on βUnsophisticatedβ OT Cyber-Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Finance Manager π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Finance Manager appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Finance Manager - UnderDefense
π¦
India Experiences Surge in Hacktivist Group Activity Amid Military Tensions π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble India Experiences Surge in Hacktivist Group Activity Amid Military Tensions " dataimagecaption"Cyble India Experiences Surge in Hacktivist Group Activity Amid Military Tensions " datamediumfile"httpscyble.comwpcontentuploads202505CybleBlogsHactivistsGroup300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202505CybleBlogsHactivistsGroup1024x512.jpg" title"India Experiences Surge in Hacktivist Group Activity Amid Military Tensions 1" More than 40 hacktivist groups conducted coordinated cyberattacks against India following the April 22 terror attack in Pahalgam in the Indian state of Jammu and Kashmir, which in turn prompted India to respond with targeted strikes aimed at alleged terrorist infrastructure across the border and the PakistanOccupied Kashmir region PoK. Cyble Re...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
India Experiences Hacktivist Group Activity Amid Military Tensions
40+ hacktivist groups united in cyberattacks against India after a terror attack in the Indian state of Jammu & Kashmir and Indiaβs retaliatory strikes.
π1
π΅οΈββοΈ Insight Partners Data Breach: Bigger Impact Than Anticipated π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The investigation is ongoing, but the VC giant intends to inform affected customers on a rolling basis as more of the breach details come to light.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Commvault: Vulnerability Patch Works as Intended π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Commvault: Vulnerability Patch Works as Intended
The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.
ποΈ BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that's powered by thousands of infected Internet of Things IoT and endoflife EoL devices, enlisting them into a botnet for providing anonymity to malicious actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a crossplatform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have "actively and continuously" updated the malware, introducing versions v3 and v4 in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Cyber Then & Now: Inside a 2-Decade Industry Evolution π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
On Dark Reading's 19year anniversary, EditorinChief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges, and what's next beyond AI.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cyber Then & Now: Inside a 2-Decade Industry Evolution
On Dark Reading's 19-year anniversary, Editor-in-Chief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges, andβ¦
π΅οΈββοΈ LockBit Ransomware Gang Hacked, Operations Data Leaked π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
LockBit Ransomware Gang Hacked, Ops Data Leaked
Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.
ποΈ Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has agreed to pay the U.S. state of Texas nearly 1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent. The 1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid 391 million to a group of 40.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2