π΅οΈββοΈ Commvault: Vulnerability Patch Works as Intended π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Commvault: Vulnerability Patch Works as Intended
The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.
ποΈ BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that's powered by thousands of infected Internet of Things IoT and endoflife EoL devices, enlisting them into a botnet for providing anonymity to malicious actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a crossplatform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have "actively and continuously" updated the malware, introducing versions v3 and v4 in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Cyber Then & Now: Inside a 2-Decade Industry Evolution π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
On Dark Reading's 19year anniversary, EditorinChief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges, and what's next beyond AI.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cyber Then & Now: Inside a 2-Decade Industry Evolution
On Dark Reading's 19-year anniversary, Editor-in-Chief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges, andβ¦
π΅οΈββοΈ LockBit Ransomware Gang Hacked, Operations Data Leaked π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
LockBit Ransomware Gang Hacked, Ops Data Leaked
Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.
ποΈ Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has agreed to pay the U.S. state of Texas nearly 1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent. The 1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid 391 million to a group of 40.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2
ποΈ Germany Shuts Down eXch Over $1.9B Laundering, Seizes β¬34M in Crypto and 8TB of Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Germany's Federal Criminal Police Office aka Bundeskriminalamt or BKA has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π€1
π Catching a phish with many faces π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Heres a brief dive into the murky waters of shapeshifting attacks that leverage dedicated phishing kits to autogenerate customized login pages on the fly.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Catching a phish with many faces
Hereβs a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly.
π’ FBI takes down botnet exploiting aging routers π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Organizations warned they should replace potentially affected devices.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI takes down botnet exploiting aging routers
Organizations warned they should replace potentially affected devices
π’ FBI takes down botnet exploiting aging routers π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Organizations warned they should replace potentially affected devices.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI takes down botnet exploiting aging routers
Organizations warned they should replace potentially affected devices
π’ MITREβs near miss: Lessons learned for security and vulnerability management π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Cybersecurity leaders can use recent CVE database worries as inspiration to better protect themselves.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
MITREβs near miss: Lessons learned for security and vulnerability management
Cybersecurity leaders can use recent CVE database worries as inspiration to better protect themselves
ποΈ β‘ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
What do a source code editor, a smart billboard, and a web server have in common? Theyve all become launchpads for attacksbecause cybercriminals are rethinking what counts as infrastructure. Instead of chasing highvalue targets directly, threat actors are now quietly taking over the overlooked outdated software, unpatched IoT devices, and opensource packages. It's not just cleverits.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ The Persistence Problem: Why Exposed Credentials Remain Unfixedβand How to Change That ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Detecting leaked credentials is only half the battle. The real challengeand often the neglected half of the equationis what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors have been observed leveraging fake artificial intelligence AIpowered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. "Instead of relying on traditional phishing or cracked software sites, they build convincing AIthemed platforms often advertised via legitimatelooking Facebook groups and viral social media campaigns,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π EU Launches Free Entry-Level Cyber Training Program π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
SheCyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
EU Launches Free Entry-Level Cyber Training Program
She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry
π FreeDrain Phishing Scam Drains Crypto Hobbyists' Wallets π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FreeDrain Phishing Scam Drains Crypto Hobbyists' Wallets
A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022
π Japanese Account Hijackers Make $2bn+ of Illegal Trades π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Japanese Account Hijackers Make $2bn+ of Illegal Trades
Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market
π German Police Shutter βeXchβ Money Laundering Service π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Germanys BKA has seized the infrastructure behind the crypto swapping service eXch.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
German Police Shutter βeXchβ Money Laundering Service
Germanyβs BKA has seized the infrastructure behind the crypto swapping service eXch
π1
π¦
Weekly Vulnerability Report: IT, ICS Alerts Issued by Cyble π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Weekly Vulnerability Report IT, ICS Alerts Issued by Cyble " dataimagecaption"Cyble Weekly Vulnerability Report IT, ICS Alerts Issued by Cyble " datamediumfile"httpscyble.comwpcontentuploads202505CybleBlogsWeeklyVulnerabilityICS300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202505CybleBlogsWeeklyVulnerabilityICS.jpg" title"Weekly Vulnerability Report IT, ICS Alerts Issued by Cyble 1" In the weekly vulnerability report, Cyble identified several IT and industrial control system ICS vulnerabilities that pose significant risk and should be prioritized by security teams for patching or mitigation. The reports examined nearly 60 vulnerabilities in all, and also looked at vulnerabilities discussed by threat actors on the dark web and attack attempts detected by Cyble honeypo...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Vulnerability Detection Tops Agentic AI at RSAC's Startup Competition π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Agenticnative startups threaten to reduce the zeroday problem to just a zerohour issue. Of course, AI agents will accelerate offensive attacks as well.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Vulnerability Detection Tops Agentic AI at RSAC Competition
Agentic-native startups threaten to reduce the zero-day problem to just a zero-hour issue. Of course, AI agents will accelerate offensive attacks as well.
π #Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent thirdparty risks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
#Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks
During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks