ποΈ Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chinesespeaking threat actor tracked as UAT6382 has been linked to the exploitation of a nowpatched remotecodeexecution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT6382 successfully exploited CVE20250944, conducted reconnaissance, and rapidly deployed a variety of web shells and custommade malware to maintain longterm access," Cisco Talos researchers.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Coinbase Breach Affected Almost 70,000 Customers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US cryptocurrency exchange claimed that the breach occurred in December 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Coinbase Breach Affected Almost 70,000 Customers
The US cryptocurrency exchange claimed that the breach occurred in December 2024
ποΈ Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory AD. "The attack exploits the delegated Managed Service Account dMSA feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement," Akamai security researcher Yuval Gordon said in a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Critical Zero-Days Found in Versa Networks SD-WAN/SASE Platform π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile EPMM software has been exploited by a Chinanexus threat actor to target a wide range of sectors across Europe, North America, and the AsiaPacific region. The vulnerabilities, tracked as CVE20254427 CVSS score 5.3 and CVE20254428 CVSS score 7.2, could be chained to execute arbitrary code on a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Sensitive Personal Data Stolen in West Lothian Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
West Lothian Council confirmed that ransomware attackers have stolen personal and sensitive information held on its education network.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Its not enough to be secure. In todays legal climate, you need to prove it. Whether youre protecting a small company or managing compliance across a global enterprise, one thing is clear cybersecurity can no longer be left to guesswork, vague frameworks, or besteffort intentions. Regulators and courts are now holding organizations accountable for how reasonable their security programs are.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Law enforcers worldwide have teamed up with Microsoft to disrupt the infrastructure behind Lumma Stealer.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
Law enforcers worldwide have teamed up with Microsoft to disrupt the infrastructure behind Lumma Stealer
ποΈ Identity Security Has an Automation ProblemβAnd It's Bigger Than You Think ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality too much still depends on peoplenot systemsto function. In fact, fewer than 4 of security teams have fully automated their core identity workflows. Core workflows, like.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Western Logistics and Tech Firms Targeted by Russiaβs APT28 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
NSA, NCSC and allies warn Western tech and logistics firms of Russian APT28 cyberespionage threat.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SDWAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issues.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π #Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NCC Group Expert Warns UK Firms to Prepare for New Cybersecurity Bill
UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill
ποΈ FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma aka LummaC or LummaC2, seizing 2,300 domains that acted as the commandandcontrol C2 backbone to commandeer infected Windows systems. "Malware like LummaC2 is deployed to steal.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¨ UK and allies expose Russian intelligence campaign targeting western logistics and technology organisations π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
Organisations urged to familiarise themselves with the threat and take immediate action to protect themselves.π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
www.ncsc.gov.uk
UK and allies expose Russian intelligence campaign targeting western logistics and technology organisations
Organisations urged to familiarise themselves with the threat and take immediate action to protect themselves.
ποΈ CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's Metallic Microsoft 365 M365 backup softwareasaservice SaaS solution, hosted in Azure," the agency said. "This.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence AI assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. GitLab Duo is an artificial intelligence AIpowered coding assistant that enables users to write,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Thursday announced the disruption of the online infrastructure associated with DanaBot aka DanaTools and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russiabased cybercrime organization. The malware, the DoJ said, infected more than 300,000.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Sixteen Doors In: A Red Team Tale of Phishing, Certificates, and Domain Takeover π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
What happens when one phishing email opens sixteen different doors into a targets environment? In this realworld red team operation, our experts used minimal resources to simulate how an attacker could move from a single email to full domain takeover, without triggering a single alert. This isnt your average we got in story. Its a The post Sixteen Doors In A Red Team Tale of Phishing, Certificates, and Domain Takeover appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Sixteen Doors In: A Red Team Tale of Phishing, Certificates, and Domain Takeover - UnderDefense
Discover how a phishing attack led to domain takeover and certificate abuse in this detailed study. Learn key lessons, red flags, and how to strengthen your defenses against similar threats.
π DragonForce Engages in "Turf War" for Ransomware Dominance π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
DragonForce Engages in "Turf War" for Ransomware Dominance
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace
π’ It's been a bad week for ransomware operators π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A host of ransomware strains have been neutralized, servers seized, and key players indicted.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
It's been a bad week for ransomware operators
A host of ransomware strains have been neutralized, servers seized, and key players indicted
ποΈ SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
From zeroday exploits to largescale bot attacks the demand for a powerful, selfhosted, and userfriendly web application security solution has never been greater. SafeLine is currently the most starred opensource Web Application Firewall WAF on GitHub, with over 16.4K stars and a rapidly growing global user base. This walkthrough covers what SafeLine is, how it works, and why its.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity