ποΈ CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internetaccessible devices. The sweeping campaign, believed to be the work of Russianspeaking threat actors, has been codenamed FortiBleed. The number of compromised devices stands at.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access to infected computer systems," Maikel Rollman of the Netherlands National High Tech Crime Unit said. "This prevents.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same machine and spawn a process on the host. No credentials, no signin screen, and no further user interaction once.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use. This is not a remote attack. It requires.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Gentlemen ransomwareasaservice RaaS operation is actively developing and maintaining a suite of endpoint detection and response EDR killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of EDRterminating tools is centered around a framework that's known as GentleKiller. "They also incorporate thirdparty or.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ Apple Patches Beats Studio Buds Flaw That Could Enable Wiretapping π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Apple patched a Beats Studio Buds Bluetooth flaw that could let nearby attackers listen through the microphone during pairing. The post Apple Patches Beats Studio Buds Flaw That Could Enable Wiretapping appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Apple Patches Beats Studio Buds Wiretap Flaw
Apple patched a Beats Studio Buds Bluetooth flaw that could let nearby attackers listen through the microphone during pairing.
π¦Ώ Android 17 Is Live on Pixel, but Samsung and Other Android Users Still Have to Wait π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Android 17 is rolling out to supported Pixel devices first, while nonPixel users and IT teams face separate OEM timelines, beta programs, and apptesting considerations. The post Android 17 Is Live on Pixel, but Samsung and Other Android Users Still Have to Wait appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Android 17 Is Live on Pixel, but Samsung and Other Android Users Still Have to Wait - TechRepublic
Android 17 is live on supported Pixel devices, but Samsung, Xiaomi, OPPO, OnePlus, and other Android users must wait for OEM rollout schedules.
β€1
ποΈ Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE20264020 CVSS score 5.3, is a mediumseverity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π Ransomware Response Checklist: The First 60 Minutes π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Discover what to do in the first 60 minutes of a ransomware attack, from a CEO who has run live response for six years The post Ransomware Response Checklist The First 60 Minutes appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
π’ IT teams are bullish on AI tools, but theyβre worried security practices canβt keep pace π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Executives and IT teams are at odds over the risks associated with AI adoption.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
IT teams are bullish on AI tools, but theyβre worried security practices canβt keep pace
Executives and IT teams are at odds over the risks associated with AI adoption
ποΈ 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A heap overread in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy. The bug traces to a 1997 FTPparsing change and is still live in Squid's default configuration. Researchers at Calif.io disclosed it in June and named it Squidbleed .π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER. According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidence indicates that the threat actor is likely Russianspeaking and financially motivated, owing to the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major devicemaker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailand will block normal installs of apps whose developers have not registered an identity with Google, whether the app.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Stop Your Legacy Infrastructure from Hijacking Your AI Agents ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Earlier this month, I spoke at the Gartner Security Risk Management Summit about a blind spot most security programs are still not accounting for how attackers are circumventing AI security programs by using legacy infrastructure to hijack AI agents. AI adoption is moving faster than security programs can account for. Roughly 71 of organizations are piloting AI agents across their.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Its Monday again. This weeks threat list looks painfully familiar abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control. The annoying part is how little of this feels new. Weak credentials, sketchy downloads, browser extensions with too much access, and WordPress sites are used to push more.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Canadaβs Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreignrun botnets. The Federal Court released a public version of the ruling on June 15. It is the first time the Canadian Security Intelligence Service has used its threat reduction warrant powers this way. The warrant let CSIS alter,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin's XLab calls it AryStinger and counts at least 4,300 infected routers, a total it says is still rising. The distinction matters. AryStinger exists for the stage of an attack that comes before the breakin. Infected.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity. According to INTERPOL's 20252026 Asia and South Pacific Cyberthreat Assessment Report, phishing has emerged as the most widespread and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¨ The AI shift in cyber risk: why leaders must act now π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
National Cyber Security Centre
The AI shift in cyber risk: why leaders must act now
π GentleKiller Framework Disables Victims' Security Software π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ESET details GentleKiller, the EDRkiller framework the Gentlemen ransomware gang gives affiliates.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
GentleKiller Framework Disables Victims' Security Software
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
π Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices