ποΈ Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The financially motivated threat actor known as Storm0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional onpremises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Someone Created the First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence AIpowered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gptoss20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in realtime. The openweight language model was released by OpenAI earlier this month. "PromptLock.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Someone Created the First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence AIpowered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gptoss20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in realtime. The openweight language model was released by OpenAI earlier this month. "PromptLock.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Someone Created the First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence AIpowered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gptoss20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in realtime. The openweight language model was released by OpenAI earlier this month. "PromptLock.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of the Treasury's Office of Foreign Assets Control OFAC announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology IT worker scheme to generate illicit revenue for the regime's weapons of mass destruction and ballistic missile programs. "The North Korean regime continues to target American.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The financially motivated threat actor known as Storm0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional onpremises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Someone Created the First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence AIpowered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gptoss20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in realtime. The openweight language model was released by OpenAI earlier this month. "PromptLock.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
βοΈ Affiliates Flock to βSoullessβ Scam Gambling Machine βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that these scam gambling sites have proliferated thanks to a new Russian affiliate program called "Gambler Panel" that bills itself as a "soulless project that is made for profit.".π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Affiliates Flock to βSoullessβ Scam Gambling Machine
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that theseβ¦
ποΈ Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named "ahbanC.shiba" that functioned similarly to two other extensions ahban.shiba and ahban.cychelloworld .π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Salesloft Attacks Target Google Workspace π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Adversaries targeting the Salesloft Drift application integration with Salesforce have also compromised Google Workspace accounts.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Salesloft Attacks Target Google Workspace
Adversaries targeting the Salesloft Drift application integration with Salesforce have also compromised Google Workspace accounts
π¦Ώ Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for 39.99 reg. 240.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for $39.99 (reg. $240).
π’ Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The attack on IT systems supplier Miljdata has impacted public sector services across the country.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities
The attack on IT systems supplier MiljΓΆdata has impacted public sector services across the country
π’ Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The attack on IT systems supplier Miljdata has impacted public sector services across the country.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities
The attack on IT systems supplier MiljΓΆdata has impacted public sector services across the country
π WhatsApp Patches Zero-Day, Zero-Click Flaw π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
WhatsApp has fixed a zeroday vulnerability linked to a sophisticated cyberattack.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
WhatsApp Patches Zero-Day, Zero-Click Flaw
WhatsApp has fixed a zero-day vulnerability linked to a sophisticated cyber-attack
π¦
Supply Chain Attacks Have Doubled. Whatβs Driving the Increase? π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
supply chain attacks " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509supplychainattacks300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509supplychainattacks.webp" title"Supply Chain Attacks Have Doubled. Whats Driving the Increase? 1" Software supply chain attacks have been occurring at twice their longterm average in recent months and have shown no sign of slowing down. The uptick in supply chain attacks began in April 2025, when Cyble dark web researchers observed claims of 31 such attacks. Since then, cyberattacks with supply chain implications have averaged 26 a month, twice the rate seen from early 2024 through March 2025 chart below. Cybles most recent threat landscape report registration required documented 30 supply chain incidents...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Supply Chain Attacks Surge In 2025: Double The Usual Rate
Supply chain attacks have doubled since April 2025, targeting IT and tech firms. Ransomware, data theft, and zero-day exploits drive the ongoing surge.
π’ Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The attack on IT systems supplier Miljdata has impacted public sector services across the country.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities
The attack on IT systems supplier MiljΓΆdata has impacted public sector services across the country
π¦Ώ Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for 39.99 reg. 240.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for $39.99 (reg. $240).
π¦Ώ Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for 39.99 reg. 240.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for $39.99 (reg. $240).
π¦
Supply Chain Attacks Have Doubled. Whatβs Driving the Increase? π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
supply chain attacks " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509supplychainattacks300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509supplychainattacks.webp" title"Supply Chain Attacks Have Doubled. Whats Driving the Increase? 1" Software supply chain attacks have been occurring at twice their longterm average in recent months and have shown no sign of slowing down. The uptick in supply chain attacks began in April 2025, when Cyble dark web researchers observed claims of 31 such attacks. Since then, cyberattacks with supply chain implications have averaged 26 a month, twice the rate seen from early 2024 through March 2025 chart below. Cybles most recent threat landscape report registration required documented 30 supply chain incidents...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Supply Chain Attacks Surge In 2025: Double The Usual Rate
Supply chain attacks have doubled since April 2025, targeting IT and tech firms. Ransomware, data theft, and zero-day exploits drive the ongoing surge.
π¦
Supply Chain Attacks Have Doubled. Whatβs Driving the Increase? π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
supply chain attacks " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509supplychainattacks300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509supplychainattacks.webp" title"Supply Chain Attacks Have Doubled. Whats Driving the Increase? 1" Software supply chain attacks have been occurring at twice their longterm average in recent months and have shown no sign of slowing down. The uptick in supply chain attacks began in April 2025, when Cyble dark web researchers observed claims of 31 such attacks. Since then, cyberattacks with supply chain implications have averaged 26 a month, twice the rate seen from early 2024 through March 2025 chart below. Cybles most recent threat landscape report registration required documented 30 supply chain incidents...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Supply Chain Attacks Surge In 2025: Double The Usual Rate
Supply chain attacks have doubled since April 2025, targeting IT and tech firms. Ransomware, data theft, and zero-day exploits drive the ongoing surge.
β€1
ποΈ ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korealinked hacking group called ScarCruft aka APT37 to deliver a malware known as RokRAT. The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1