ποΈ Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure CVD, urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The development comes after a researcher named Chaotic Eclipse aka NightmareEclipse disclosed details of multiple zeroday.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Every time you think the industry has finally stopped doing some reckless, loweffort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled socialengineering bait, and enough exposed infrastructure to make you wonder if prod is just a public beta now meanwhile some researcher casually drops a technique that turns a "minor" foothold into total account.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users" ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
State of AI Usage Report 2026 full report here by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily concentrated among a small group of AI power users and a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitmentthemed social engineering and bespoke macOS malware. "These campaigns leveraged sophisticated social engineering techniques, custom macOS malware, and deep targeting of CICD infrastructure," Wiz researchers Shira Ayal,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π What to consider before asking an AI chatbot for health advice π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Heres whats at stake and how to stay safe.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
What to consider before asking an AI chatbot for health advice
Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Hereβs whatβs at stake and how to stay safe.
π BTMOB: A stealthy RAT burrowing deep into Android devices π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
The malware pairs remote access capabilities with readymade campaign tools, lowering the barrier for full device compromise.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
BTMOB: A stealthy RAT burrowing deep into Android devices
The BTMOB malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise.
π Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Foul play: Scams target soccer fans with fake World Cup tickets, merchandise
Watch out for bogus FIFA World Cup-themed websites that mimic official ticket and merchandise flows to steal money and personal data.
π Attackers Move Past Typosquatting to Realistic Package Impersonation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Most malicious open source packages now mimic real code rather than rely on typosquatting.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Attackers Move Past Typosquatting to Realistic Package Impersonation
Most malicious open source packages now mimic real code rather than rely on typosquatting
π Microsoft Condemns "Uncoordinated" Zero Day Disclosures π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft warned the disclosure of several unpatched vulnerabilities without notice has put customers at unnecessary risk.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Condemns
Microsoft warned the disclosure of several unpatched vulnerabilities without notice has put βcustomers at unnecessary riskβ
π New Threat Actor Jinx-0164 Targets Crypto Developers on macOS π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
New actor Jinx0164 hit crypto developers with fake recruiter lures and macOS malware.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Threat Actor Jinx-0164 Targets Crypto Developers on macOS
New actor Jinx-0164 hit crypto developers with fake recruiter lures and macOS malware
π Infosecurity Europe: Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study Reveals π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ISC2 survey of cybersecurity professionals suggests that staff want their information security leaders to have experienced reacting to a significant cyber incident.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cybersecurity Staff Prefer CISOs With Real Attack Response Experience
ISC2 survey of cybersecurity professionals suggests that staff want their information security leaders to have experience reacting to a significant cyber incident
π GCHQ Chief Urges Action as AI Reshapes Cyber Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
GCHQ director urges urgent business cyber action as AI and quantum reshape the threat.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
GCHQ Chief Urges Action as AI Reshapes Cyber Threats
GCHQ director urges urgent business cyber action as AI and quantum reshape the threat
π CrowdStrike, Google Take Down Glassworm Botnet π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CrowdStrike, Google Take Down Glassworm Botnet
Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025
π Infosecurity Europe: Why Burnout in Cybersecurity Demands Risk-Based Response π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cybermindz warns that cybersecurity burnout is a growing risk, urging organizations to move beyond wellness initiatives and adopt a measurable, riskbased approach to workforce stress.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Why Burnout in Cybersecurity Demands Risk-Based Response
Cybermindz warns that cybersecurity burnout is a growing risk, urging organizations to move beyond wellness initiatives and adopt a measurable, risk-based approach to workforce stress
π All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers
Researchers at Cisco tested several well-known LLMs. They found of them could be tricked into bypassing guardrails, just through conversational prompts
π Thousands of Fake FIFA Domains Target World Cup Fans π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
GroupIB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Thousands of Fake FIFA Domains Target World Cup Fans
Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans
π 68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
UK firms plan higher cyber spending as AI adoption raises security concerns.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise
UK firms plan higher cyber spending as AI adoption raises security concerns
π PureLogs Variant Steals Data via Purchase Order Lures π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PureLogs Variant Steals Data via Purchase Order Lures
FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing
π Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Almost all organizations impersonated by Chinese phishing platforms are nonChinese entities, suggesting operators deliberately avoid domestic targets.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese Threat Actors Shift to Live Credential Interception
Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targets
π BTMOB Android RAT Spreads Through No-Code Builder Tooling π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
BTMOB Android RAT sold as a service with a nocode builder for fast, regional phishing lures.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
BTMOB Android RAT Spreads Through No-Code Builder Tooling
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures
π India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CERTIn urges 12hour patching of exposed flaws as AI compresses exploitation timelines.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws
CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines