🖋️ Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A nowpatched security flaw in Google Chrome was exploited as a zeroday by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper. The attack, observed in midMarch 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE20252783 CVSS score 8.3. Google addressed the flaw later that month after Kaspersky reported inthewild.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach
The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.
🖋️ Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Veeam has rolled out patches to contain a critical security flaw impacting its Backup Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE202523121, carries a CVSS score of 9.9 out of a maximum of 10.0. "A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user," the.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Iran has throttled internet access in the country in a purported attempt to hamper Israel's ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region. Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities KEV catalog, stating it has been actively exploited in the wild. The vulnerability, CVE20230386 CVSS score 7.8, is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A former U.S. Central Intelligence Agency CIA analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information NDI to people who were not entitled to receive them and for attempting to cover up the malicious activity. Asif William Rahman, 34, of Vienna, has been sentenced today to 37 months on charges of.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📢 Government cybersecurity action plan includes £16 million in funding 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Cash will go to help startups, scaleups, and university spinouts, while a new advisory group will aim to improve public sector cybersecurity.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Government cybersecurity action plan includes £16 million in funding
Cash will go to help startups, scale-ups, and university spinouts, while a new advisory group will aim to improve public sector cybersecurity
🕵️♂️ How CISOs Can Govern AI & Meet Evolving Regulations 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Security teams are no longer just the last line of defense they are the foundation for responsible AI adoption.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
How CISOs Can Govern AI & Meet Evolving Regulations
Security teams are no longer just the last line of defense — they are the foundation for responsible AI adoption.
🤔1
🕵️♂️ Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing inmemory code execution and livingofftheland cyberattack strategies.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Serpentine#Cloud Malware Uses Cloudflare in Sneak Attacks
An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.
🖋️ FedRAMP at Startup Speed: Lessons Learned 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is reserved for the wellresourced enterprise. But thats changing. In this post, we break down how fastmoving startups can realistically achieve FedRAMP Moderate authorization without derailing.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multistage malware. "The malware enables data exfiltration including credentials, browser data, and session tokens, remote access, and longterm persistence on infected systems," Trend Micro researchers Jovit Samaniego, Aira Marcelo, Mohamed.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 AI Now Generates Majority of Spam and Malicious Emails 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Barracuda observed a big spike in spam emails generated using AI tools, making up the majority detected in April 2025.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 GodFather Malware Upgraded to Hijack Legitimate Mobile Apps 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Upgraded GodFather banking malware now uses ondevice virtualization to hijack apps, enabling realtime fraud.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 ClickFix Helps Infostealers Use MHSTA for Defense Evasion 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 UK Government Publishes Plan to Boost Cyber Sector Growth 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The new Cyber Growth Action Plan aims to support the UKs cyber industry, including the development of innovative new technologies and startups.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Ransomware Group Qilin Offers Legal Counsel to Affiliates 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The group positions itself not just as a ransomware group, but as a fullservice cybercrime platform, according to Cybereason.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Paddle Pays $5m to Settle Tech Support Scam Allegations 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Payment processor Paddle has agreed to settle with the FTC over allegations related to tech support scams.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🦅 CERT-In Vulnerability Note Highlights Critical Security Risks in Ivanti, Trend Micro, Apache Kafka, and SAP Products 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble CERTIn Vulnerability Note Highlights Critical Security Risks in Ivanti, Trend Micro, Apache Kafka, and SAP Products " dataimagecaption"Cyble CERTIn Vulnerability Note Highlights Critical Security Risks in Ivanti, Trend Micro, Apache Kafka, and SAP Products " datamediumfile"httpscyble.comwpcontentuploads202506CybleBlogsCERTINVulnerability300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202506CybleBlogsCERTINVulnerability1024x512.jpg" title"CERTIn Vulnerability Note Highlights Critical Security Risks in Ivanti, Trend Micro, Apache Kafka, and SAP Products 1" The Indian Computer Emergency Response Team CERTIn has issued a series of highand criticalseverity alerts through its CERTIn Vulnerability Note platform, warning enterprises and individuals about newly discovered securit...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
CERT-In Vulnerability Note: Critical Flaws In Top Software
CERT-In Vulnerability Note warns of high-risk flaws in Ivanti Workspace Control, exposing sensitive credentials and urging urgent patching to prevent breaches.
🖋️ 1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A new multistage malware campaign is targeting Minecraft users with a Javabased malware that employs a distributionasservice DaaS offering called Stargazers Ghost Network. "The campaigns resulted in a multistage attack chain targeting Minecraft users specifically," Check Point researchers Jaromr Hoej and Antonis Terefos said in a report shared with The Hacker News. "The malware was.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤2
📔 Critical Linux Flaws Discovered Allowing Root Access Exploits 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Two critical Linux flaws allow unprivileged users to gain root access, affecting major distributions.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🌊 B2B Growth Marketing Manager 🌊
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
The post B2B Growth Marketing Manager appeared first on UnderDefense.📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
UnderDefense
B2B Growth Marketing Manager - UnderDefense