ποΈ U.S. Seizes $7.74M in Crypto Tied to North Koreaβs Global Fake IT Worker Network ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ said it has filed a civil forfeiture complaint in federal court that targets over 7.74 million in cryptocurrency, nonfungible tokens NFTs, and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. "For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a "rare dualthreat." "The ransomware features a 'wipe mode,' which permanently erases files, rendering recovery impossible even if the ransom is paid," Trend Micro researchers Maristel Policarpio, Sarah Pearl Camiling, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren't. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when somethings wrong. This weeks stories arent just about what was attackedbut how easily it happened. If were only looking for the obvious signs, what are we missing right in front.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from regulators, insurers, and rising threats, many still treat cybersecurity as an afterthought. As a result, providers may struggle to move beyond tactical services like oneoff assessments or compliance checklists, and demonstrate.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers from SafeDep and Veracode detailed a number of malwarelaced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below eslintconfigairbnbcompat 676 Downloads tsruntimecompatcheck 1,588 Downloads solders 983 Downloads mediawavelib 386 Downloads All the identified npm.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Threat Actors Target Victims with HijackLoader and DeerStealer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyberattacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Archetyp Market Shut Down in Europe-wide Law Enforcement Operation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Operation DEEP Sentinel has shut down Archetyp Market, the longestrunning dark web drug marketplace.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Nessus users should update patches as soon as possible.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Anubis Ransomware Adds File-Wiping Capability π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Trend Micro identified a novel wipe mode included in Anubis ransomware to prevent file recovery, increasing pressure on victims to give in to demands.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Over a Third of Grafana Instances Exposed to XSS Flaw π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Some 36 of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π WestJet Investigates Cyber-Attack Impacting Customers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Canadian airline WestJet is investigating a cyberattack that struck on June 13.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π¦
NCSC Q1 2025 Report Reveals 14.7% Surge in Cybercrime Financial Losses in New Zealand π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble NCSC Q1 2025 Report Reveals 14.7 Surge in Cybercrime Financial Losses in New Zealand " dataimagecaption"Cyble NCSC Q1 2025 Report Reveals 14.7 Surge in Cybercrime Financial Losses in New Zealand " datamediumfile"httpscyble.comwpcontentuploads202506CybleBlogsNCSCQ1300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202506CybleBlogsNCSCQ11024x512.jpg" title"NCSC Q1 2025 Report Reveals 14.7 Surge in Cybercrime Financial Losses in New Zealand 1" The National Cyber Security Centre NCSC has released its latest Cyber Security Insights report for Q1 2025, revealing a troubling 14.7 increase in financial losses reported by New Zealanders due to cybercrime. From January 1 to March 31, this year, the New Zealands NCSC recorded 1,369 cybersecurity incidents.cyber security incidents. O...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta Platforms on Monday announced that it's bringing advertising to WhatsApp, but emphasized that the ads are "built with privacy in mind." The ads are expected to be displayed on the Updates tab through its Storieslike Status feature, which allows ephemeral sharing of photos, videos, voice notes, and text for 24 hours. These efforts are "rolling out gradually," per the company. The media.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π Brits Lose Β£106m to Romance Fraud in a Year π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
New City of London Police data reveals British men and women lost over 100m to romance fraudsters in 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a highseverity security flaw in TPLink wireless routers to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability in question is CVE202333538 CVSS score 8.8, a command injection bug that could result in the execution of arbitrary system commands when.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Are Forgotten AD Service Accounts Leaving You at Risk? ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
For many organizations, Active Directory AD service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts created for legacy applications, scheduled tasks, automation scripts, or test environments are often left active with nonexpiring or stale passwords. Its no surprise.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Hard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform XP that could be chained to achieve preauthenticated remote code execution. Sitecore Experience Platform is an enterpriseoriented software that provides users with tools for content management, digital marketing, and analytics and reports. The list of vulnerabilities, which are yet to be.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Backups Are Under Attack: How to Protect Your Backups ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Todays ransomware attacks initially target your last line of defense your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware," Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Taiwan Hit by Sophisticated Phishing Campaign π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Phishing campaign targeting Taiwan has been identified, using taxthemed emails and malware like Winos and HoldingHands.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π±1
π Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and LOral.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity