ποΈ Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going "dark." Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by an increase in lookalike domains.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material CSAM. Conor Brian Fitzpatrick aka Pompompurin, 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, one count of access device.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft's Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishingasaservice Phaas toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024. "Using a court order granted by the Southern District of New York, the DCU seized 338.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π FileFix Campaign Using Steganography and Multistage Payloads π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
FileFix campaign hides PowerShell script and encrypted EXEs in JPGs via multilingual phishing.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FileFix Campaign Using Steganography and Multistage Payloads
FileFix campaign hides PowerShell script and encrypted EXEs in JPGs via multilingual phishing
π Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A trio of critical vulnerabilities in the ChaosMesh platform allow incluster attackers to run arbitrary code, even in default configuration.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution
A trio of critical vulnerabilities in the Chaos-Mesh platform allow in-cluster attackers to run arbitrary code, even in default configuration
π TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An employee of outsourcing firm TaskUs allegedly sold data stolen during the Coinbase data breach to hackers for 200 per record before her arrest in January 2025.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges
An employee of outsourcing firm TaskUs allegedly sold data stolen during the Coinbase data breach to hackers for $200 per record before her arrest in January 2025
π Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
π A Quarter of UK and US Firms Suffer Data Poisoning Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
New IO research reveals a surge in AI attacks attempting to corrupt underlying training data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
A Quarter of UK and US Firms Suffer Data Poisoning Attacks
New IO research reveals a surge in AI attacks attempting to corrupt underlying training data
π Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A secretstealing worm is spreading fast across the npm ecosystem, experts have warned.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets
A secret-stealing worm is spreading fast across the npm ecosystem, experts have warned
π’ BreachForums founder resentenced to three years in prison π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A US appeals court vacated his previous sentence and remanded the case for resentencing.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
BreachForums founder resentenced to three years in prison
A US appeals court vacated his previous sentence and remanded the case for resentencing
π’ BreachForums founder resentenced to three years in prison π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A US appeals court vacated his previous sentence and remanded the case for resentencing.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
BreachForums founder resentenced to three years in prison
A US appeals court vacated his previous sentence and remanded the case for resentencing
π’ BreachForums founder resentenced to three years in prison π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A US appeals court vacated his previous sentence and remanded the case for resentencing.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
BreachForums founder resentenced to three years in prison
A US appeals court vacated his previous sentence and remanded the case for resentencing
π VC Firm Insight Partners Notifies Victims After Ransomware Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Insight Partners has released more details of a 2024 ransomware breach impacting thousands of individuals.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
VC Firm Insight Partners Notifies Victims After Ransomware Breach
Insight Partners has released more details of a 2024 ransomware breach impacting thousands of individuals
π’ Microsoft and Cloudflare just took down a major phishing operation π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
RaccoonO365s phishing as a service platform has risen to prominence via Telegram.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Microsoft and Cloudflare just took down a major phishing operation
RaccoonO365βs phishing as a service platform has risen to prominence via Telegram
π’ Cyber professionals are losing sleep over late night attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Hackers are biding their time and launching attacks when businesses cant respond.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Cyber professionals are losing sleep over late night attacks
Hackers are biding their time and launching attacks when businesses canβt respond
π¦Ώ Break Into Cybersecurity with 38 Hours of Training β Now Less Than $25 for Life π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Build jobready cybersecurity skills with 38 hours of selfpaced training from this lifetime bundle. The post Break Into Cybersecurity with 38 Hours of Training Now Less Than 25 for Life appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Break Into Cybersecurity with 38 Hours of Training β Now Less Than $25 for Life
Build job-ready cybersecurity skills with 38 hours of self-paced training from this lifetime bundle.
ποΈ SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered two new malicious packages in the Python Package Index PyPI repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. "SilentSync is capable of remote command execution, file exfiltration, and screen capturing," Zscaler ThreatLabz's Manisha Ramcharan Prajapati and Satyam Singh said. "SilentSync also extracts.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ How CISOs Can Drive Effective AI Governance ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
AIs growing role in enterprise environments has heightened the urgency for Chief Information Security Officers CISOs to drive effective AI governance. When it comes to any emerging technology, governance is hard but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a set of restrictions, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zeroday vulnerability in question is CVE202510585, which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine. Type confusion vulnerabilities can have severe consequences as they can be.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π 1 in 3 Android Apps Leak Sensitive Data π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
One third of Android and over half iOS apps shown to be leaking insecure APIs and hardcoded secrets.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
1 in 3 Android Apps Leak Sensitive Data
One third of Android and over half iOS apps shown to be leaking insecure APIs and hardcoded secrets
π SonicWall Discloses Compromise of Cloud Backup Service π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
SonicWall said that threat actors accessed firewall preference files stored in the cloud for around 5 of its firewall install base.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
SonicWall Discloses Compromise of Cloud Backup Service
SonicWall said that threat actors accessed firewall preference files stored in the cloud for around 5% of its firewall install base