π Small businesses, big targets: Protecting your business against ransomware π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Long known to be a sweet spot for cybercriminals, small businesses are more likely to be victimized by ransomware than large enterprises.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Small business, big risk: How SMBs can fight back against ransomware
Long known to be a sweet spot for cybercriminals, small businesses are more likely to be victimized by ransomware than large enterprises.
π Zero-Click Vulnerability in ChatGPT's Agent Enables Silent Gmail Data Theft π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Researchers at Radware found a zeroclick flaw in ChatGPT Deep Research agent when connected to Gmail and browsing.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Zero-Click Vulnerability in ChatGPT's Agent Enables Silent Gmail Data Theft
Researchers at Radware found a zero-click flaw in ChatGPT Deep Research agent when connected to Gmail and browsing
π Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed
π Lawyer π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Lawyer appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
π Russian State Hackers Collaborate in Attacks Against Ukraine π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ESET found that the FSBaffiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian State Hackers Collaborate in Attacks Against Ukraine
ESET found that the FSB-affiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations
β€1
ποΈ 17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The phishingasaservice PhaaS offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "PhishingasaService PhaaS deployments have risen significantly recently," Netcraft said in a new report. "The PhaaS operators charge a monthly fee for phishing software with preinstalled templates impersonating, in some cases,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
The Week in Vulnerabilities: 1000+ Bugs with 135 Publicly Known PoCs π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
IT Vulnerabilities report " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509ITVulnerabilitiesreport300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509ITVulnerabilitiesreport.webp" title"The Week in Vulnerabilities 1000 Bugs with 135 Publicly Known PoCs 1" Overview Cyble Research and Intelligence Labs CRIL analyzed significant IT vulnerabilities disclosed between September 1016, 2025. Cybles Vulnerability Intelligence module tracked 1,045 IT vulnerabilities, of which over 135 already have publicly available ProofofConcepts PoCs. As the timetoexploit window continues to shrink, this accelerates the risk of realworld exploitation. Highprofile IT vulnerabilities were identified in Apple operating systems, Zimbra Collaboration Suite ZCS, Samsung...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ποΈ SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80 of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. "REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of open proxies it finds freely available online," the company said in a report shared with.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer MFT software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE202510035, carries a CVSS score of 10.0, indicating maximum severity. "A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ βChannel their curiosity into something meaningfulβ: Cyber expert warns an uptick of youth hackers should be a βwake-up callβ after teens charged over TfL attack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Encouraging youths to engage in positive tech initiatives will guide them down the right path and away from nefarious activities.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
βChannel their curiosity into something meaningfulβ: Cyber expert warns an uptick of youth hackers should be a βwake-up callβ afterβ¦
Encouraging youths to engage in positive tech initiatives will guide them down the right path and away from nefarious activities
β€1
ποΈ UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An Irannexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitmentthemed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Getting a grip on digital identity π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
As AI agent adoption explodes, security leaders will need better identity controls than ever before.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Getting a grip on digital identity
As AI agent adoption explodes, security leaders will need better identity controls than ever before
ποΈ DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to the Democratic People's Republic of Korea aka DPRK or North Korea have been observed leveraging ClickFixstyle lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malwarelaced programs masquerading as legitimate tools. "In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware," researchers Alex Cox, Mike Kosak, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware that bakes in Large Language Model LLM capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of LLMs, the cybersecurity company said.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a zeroclick flaw in OpenAI ChatGPT's Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed by OpenAI in early August. "The attack.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to the Democratic People's Republic of Korea aka DPRK or North Korea have been observed leveraging ClickFixstyle lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to the Democratic People's Republic of Korea aka DPRK or North Korea have been observed leveraging ClickFixstyle lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to the Democratic People's Republic of Korea aka DPRK or North Korea have been observed leveraging ClickFixstyle lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to the Democratic People's Republic of Korea aka DPRK or North Korea have been observed leveraging ClickFixstyle lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A critical token validation failure in Microsoft Entra ID previously Azure Active Directory could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE202555241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity