ποΈ β‘ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Security failures rarely arrive loudly. They slip in through trusted tools, halffixed problems, and habits people stop questioning. This weeks recap shows that pattern clearly. Attackers are moving faster than defenses, mixing old tricks with new paths. Patched no longer means safe, and every day, software keeps becoming the entry point. What follows is a set of small but telling signals.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Winning Against AI-Based Attacks Requires a Combined Defensive Approach ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
If theres a constant in cybersecurity, its that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Googles Threat Intelligence Group, recently reported on adversaries using Large Language Models LLMs to both conceal code and generate malicious scripts on the fly, letting malware shapeshift in realtime to evade.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence AI tools to target developers and engineering teams in the blockchain sector. The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary's expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISA Releases List of Post-Quantum Cryptography Product Categories π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CISA released initial list of PQCcapable hardware and software to guide companies amid quantum threats.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Researchers Uncover βHaxorβ SEO Poisoning Marketplace π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Fortra researchers have discovered a new SEO poisoning operation known as HaxorSEO.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US law firm Hagens Berman will lead a class action lawsuit against Coupang over security failures that led to a June 2025 data breach.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
β€1
π Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors posing as IT support teams use phishing kits to generate fake login sites in realtime to trick victims into handing over credentials.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Wiper Attack on Polish Power Grid Linked to Russiaβs Sandworm π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A destructive cyber attack targeting Polands energy sector has been linked to Russian APT group Sandworm.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Python Developer π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Python Developer appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Python Developer - UnderDefense
ποΈ Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a multistage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit TRU, involves using phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive, ultimately granting the threat.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π B2b Growth Marketing Manager (Online media, external placements, integrated campaigns) π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post B2b Growth Marketing Manager Online media, external placements, integrated campaigns appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
B2b Growth Marketing Manager (Online media, external placements, integrated campaigns) - UnderDefense
π eScan Antivirus Supply Chain Breach Delivers Signed Malware π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Supply chain breach in eScan antivirus distributes multistage malware via legitimate updates.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
β€2
π’ Hackers are using LLMs to generate malicious JavaScript in real time β and theyβre going after web browsers π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Defenders advised to use runtime behavioral analysis to detect and block malicious activity at the point of execution, directly within the browser.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Hackers are using LLMs to generate malicious JavaScript in real time β and theyβre going after web browsers
Defenders advised to use runtime behavioral analysis to detect and block malicious activity at the point of execution, directly within the browser
π¦Ώ $95M Payout: Apple Begins Compensating Users in Siri Eavesdropping Case π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Apple has started issuing Siri privacy settlement payouts, with claimants seeing deposits as low as 8 per device from a 95 million fund. The post 95M Payout Apple Begins Compensating Users in Siri Eavesdropping Case appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
$95M Payout: Apple Begins Compensating Users in Siri Eavesdropping Case
Apple has started issuing Siri privacy settlement payouts, with claimants seeing deposits as low as $8 per device from a $95 million fund.
π¦Ώ WhatsApp Adds One-Tap Security Settings for Added Privacy π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
WhatsApp rolled out Strict Account Settings, a lockdownstyle mode that blocks unknown attachments, disables link previews, and silences unknown callers. The post WhatsApp Adds OneTap Security Settings for Added Privacy appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
WhatsApp Adds One-Tap Security Settings for Added Privacy
WhatsApp rolled out Strict Account Settings, a lockdown-style mode that blocks unknown attachments, disables link previews, and silences unknown callers.
π¦Ώ Build Practical Cyber Defense Skills with This 5-Course Bundle π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Train in AI threat detection, OSINT tools, and Zero Trust security models with lifetime access for just 19.99. The post Build Practical Cyber Defense Skills with This 5Course Bundle appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Build Practical Cyber Defense Skills with This 5-Course Bundle
Train in AI threat detection, OSINT tools, and Zero Trust security models with lifetime access for just $19.99.
π1
π¦Ώ Trumpβs Acting Cyber Chief Allegedly Leaked Data to ChatGPT π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Sources say event triggered internal cybersecurity alerts and a DHSlevel review into whether federal information had been improperly exposed. The post Trumps Acting Cyber Chief Allegedly Leaked Data to ChatGPT appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Trumpβs Acting Cyber Chief Allegedly Leaked Data to ChatGPT
Sources say event triggered internal cybersecurity alerts and a DHSβlevel review into whether federal information had been improperly exposed.
π¦Ώ Android Phones Get AI-Powered Anti-Theft Features π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Enhanced lockouts and stronger remote locking aim to make stolen devices far harderand less profitablefor criminals. The post Android Phones Get AIPowered AntiTheft Features appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Android Phones Get AI-Powered Anti-Theft Features
Enhanced lockouts and stronger remote locking aim to make stolen devices far harderβand less profitableβfor criminals.
ποΈ Google Disrupts IPIDEA β One of the Worldβs Largest Residential Proxy Networks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that end, the company said it took legal action to take down dozens of domains used to control devices and proxy traffic through them. As of writing, IPIDEA's website "www.ipidea.io" is no longer accessible. It.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code VS Code extension for Moltbot formerly Clawdbot on the official Extension Marketplace that claims to be a free artificial intelligence AI coding assistant, but stealthily drops a malicious payload on compromised hosts. The extension, named "ClawdBot Agent AI Coding Assistant" "clawdbot.clawdbotagent".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian statesponsored hacking crew known as ELECTRUM. Operational technology OT cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity