ποΈ Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors. Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers, while.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloudbased enterprises. Verizons recently released 2025 Data Breach Investigations Report found an 18 YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34. As attacks rise.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is "using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zerodays that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twentyeight of these vulnerabilities lead to remote code execution, 21 of them.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New Fortinet and Ivanti Zero Days Exploited in the Wild π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Fortinet and Ivanti Zero Days Exploited in the Wild
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical
π1
π New 'Chihuahuaβ Infostealer Targets Browser Data and Crypto Wallet Extensions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New 'Chihuahuaβ Infostealer Targets Browser Data and Crypto Wallet Extensions
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods
π European Police Bust β¬3m Investment Fraud Ring π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Law enforcers from multiple countries team up to dismantle a multimillioneuro fraud gang.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
European Police Bust β¬3m Investment Fraud Ring
Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang
π1
π Microsoft Fixes Seven Zero-Days in May Patch Tuesday π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft has patched seven zeroday bugs, five of which were exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Fixes Seven Zero-Days in May Patch Tuesday
Microsoft has patched seven zero-day bugs, five of which were exploited in the wild
π¦Ώ Block Webcam Spying Fast and Forever for $10 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Ashampoo WebCam Guard gives you oneclick privacy on three devices, so no one secretly listens to or watches you.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Block Webcam Spying Fast and Forever for $10
Ashampoo WebCam Guard gives you one-click privacy on three devices, so no one secretly listens to or watches you.
π1
π CISA Reverses Decision on Cybersecurity Advisory Changes π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CISA paused plans to overhaul its advisory system after backlash from the infosec community.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA Reverses Decision on Cybersecurity Advisory Changes
CISA paused plans to overhaul its advisory system after backlash from the infosec community
π1
π΅οΈββοΈ Congress Should Tackle Cyber Threats, Not Competition π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Some members of Congress seem more intent on grabbing headlines than actually working to make America more cyber secure.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Congress Should Tackle Cyber Threats, Not Competition
Some members of Congress seem more intent on grabbing headlines than actually working to make America more cyber secure.
π1
ποΈ CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking highvalue accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CTM360 revealed that attackers behind Meta Mirage impersonate official Meta communications, tricking users into handing.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Marks & Spencer Confirms Customer Data Stolen in Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The British retailer said no account passwords were compromised in last month's cyberattack, but the company will require customers to reset passwords "for extra peace of mind.".π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Marks & Spencer Confirms Customer Data Stolen
The British retailer said no account passwords were compromised in last month's cyberattack, but the company will require customers to reset passwords "for extra peace of mind."
π Android Enterprise Launches Device Trust For Enhanced Security π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Android Enterprise introduced Device Trust to enhance mobile security on Android devices.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Android Enterprise Launches Device Trust For Enhanced Security
Android Enterprise introduced Device Trust to enhance mobile security on Android devices
π1
ποΈ Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chineselanguage, Telegrambased marketplace called Xinbi Guarantee has facilitated no less than 8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee. According to a report published by blockchain analytics firm Elliptic, merchants on the marketplace have been found to peddle technology, personal data, and money laundering.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the RansomExx ransomware.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the RansomExx ransomware.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ European Vulnerability Database is Live: What This βEssential Toolβ Offers Security Experts π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit behind the CVE database.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
European Vulnerability Database is Live: What This βEssential Toolβ Offers Security Experts
The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit behind the CVE database.