The DEAD#VAX campaign tricks users into installing AsyncRAT by disguising a virtual hard disk as a PDF attachment. This article has been indexed from Malwarebytes Read the original article: Open the wrong “PDF” and attackers gain remote access to your…
SaaS Abuse at Scale: Phone-Based Scam Campaign Leveraging Trusted Platforms
Overview This report documents a large-scale phishing campaign in which attackers abused legitimate software-as-a-service (SaaS) platforms to deliver phone-based scam lures that appeared authentic and trustworthy. Rather than spoofing domains or compromising services, the attackers deliberately misused native platform functionality…
VS Code Configs Expose GitHub Codespaces to Attacks
VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request. The post VS Code Configs Expose GitHub Codespaces to Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign
Criminals are using AI to clone professional websites at an industrial scale. A new report shows how one AI-powered network grew to 150+ domains by hiding behind Cloudflare and rotating IP ranges. The post Researchers Expose Network of 150 Cloned…
Foxit Publishes Security Patches for PDF Editor Cloud XSS Bugs
In response to findings that exposed weaknesses in the way user-supplied data was processed within interactive components, Foxit Software has issued a set of security fixes intended to address newly identified cross-site scripting vulnerabilities. Due to the flaws in…
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths,…
IT Security News Hourly Summary 2026-02-05 15h : 7 posts
7 posts were published in the last hour 13:36 : Cyberattackers Use Fake RTO Challan Alerts to Spread Android Malware 13:36 : Nullify Secures $12.5 Million in Seed Funding for Cybersecurity AI Workforce 13:36 : Smartphones Now Involved in Nearly…
Cyberattackers Use Fake RTO Challan Alerts to Spread Android Malware
Indian users’ trust in government services through a sophisticated Android malware campaign that impersonates Regional Transport Office (RTO) challan notifications. This campaign represents an evolution from previous RTO-themed malware, featuring advanced anti-analysis techniques, a modular three-stage architecture, and a structured…
Nullify Secures $12.5 Million in Seed Funding for Cybersecurity AI Workforce
This latest infusion, led by SYN Ventures, brings the company’s total funding to $16.9 million. The post Nullify Secures $12.5 Million in Seed Funding for Cybersecurity AI Workforce appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Smartphones Now Involved in Nearly Every Police Investigation
Cellebrite data confirms digital evidence is now central to almost all cases This article has been indexed from www.infosecurity-magazine.com Read the original article: Smartphones Now Involved in Nearly Every Police Investigation
Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers
Compromised home routers in 30+ countries had DNS traffic redirected, sending users to malicious sites while normal browsing appeared unaffected. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Sanctioned…
Moxa Switches Vulnerability Enables Unauthorized Access through Authentication Bypass
Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentially granting unauthorized access to critical network infrastructure. With a CVSS…
n8n Vulnerability Allows Remote Attackers to Hijack Systems via Malicious Workflow Execution
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and execute arbitrary system commands, potentially leading…
ShadowSyndicate Leverages Server Transition Technique in Latest Ransomware Attacks
ShadowSyndicate, a sophisticated cybercrime cluster first identified in 2023, has evolved its infrastructure management tactics by implementing a previously unreported server transition technique. This method involves rotating SSH fingerprints across multiple servers to obscure operational continuity. However, operational security (OPSEC)…
Cybersecurity Alert: Fake Traffic Ticket Portals Target Personal, Credit Card Data
A highly sophisticated phishing campaign that targets Canadian drivers by impersonating provincial traffic bureaus. This new wave of attacks utilizes “SEO poisoning” to trick search engines into ranking fake websites above legitimate government portals. The campaign forces victims through a…
Microsoft to Add Sysmon Threat Detection Feature Natively to Windows 11
A major upgrade has been announced to enhance capabilities for cybersecurity defenders and threat hunters in the Windows ecosystem. With the release of Windows 11 Insider Preview Build 26300.7733 (KB5074178) to the Dev Channel. The company is integrating the popular…
SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown
The malware is known for dropping ransomware and other payloads, and for abusing infected machines to proxy traffic. The post SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says
Italy has foiled a series of cyberattacks targeting some of its foreign ministry offices, including one in Washington. The post Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says appeared first on SecurityWeek. This article has been indexed…
European Officials Warn of Russian Satellites Intercepting Communications
Russian Luch “inspector” satellites are suspected of shadowing European GEO spacecraft, raising fears of interception, jamming, and orbital risk. The post European Officials Warn of Russian Satellites Intercepting Communications appeared first on TechRepublic. This article has been indexed from Security…
Varonis Acquires AllTrue to Strengthen AI Security Capabilities
The deal underscores a broader industry shift as security vendors race to address the risks introduced by LLMs, copilots, and autonomous AI agents. The post Varonis Acquires AllTrue to Strengthen AI Security Capabilities appeared first on TechRepublic. This article has…
Backdoor in Notepad++
Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users. Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised…
Flock cameras shared license plate data without permission
A California city pulled the plug on its entire ALPR system when it found Flock had shared data with hundreds of agencies without permission. This article has been indexed from Malwarebytes Read the original article: Flock cameras shared license plate…
n8n security woes roll on as new critical flaws bypass December fix
Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes.……
Italy claims cyberattacks ‘of Russian origin’ are pelting Winter Olympics
Right on cue, petulant hacktivists attempt to disrupt yet another global sporting event Italy’s foreign minister says the country has already started swatting away cyberattacks from Russia targeting the Milano Cortina Winter Olympics.… This article has been indexed from The…