A sharp rise in internet-wide scanning activity targeting SonicWall firewall management interfaces has been detected, raising concerns about a potential pre-disclosure reconnaissance phase tied to new vulnerabilities. Threat intelligence firm GreyNoise reported a significant surge in scanning of SonicWall SonicOS…
266,000 Affected by Data Breach at Radiology Associates of Richmond
Threat actors stole files containing names and protected health information from the healthcare organization’s systems. The post 266,000 Affected by Data Breach at Radiology Associates of Richmond appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
The AI Era Is Creating a Bug Hunting Arms Race
As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly. This article has been indexed from Security Latest Read the original article: The AI Era Is Creating a Bug Hunting Arms Race
Laravel-Lang Packages Poisoned for Malware Delivery
Published within a 15-minute window, the malicious tags introduced backdoors to exfiltrate CI secrets. The post Laravel-Lang Packages Poisoned for Malware Delivery appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Laravel-Lang Packages Poisoned…
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
Many findings have been confirmed to be critical or high-severity vulnerabilities and the number will continue to increase. The post Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects appeared first on SecurityWeek. This article has been indexed from…
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations. RemotePE, per NCC Group subsidiary Fox-IT, is part of a…
Italian Authorities Dismantle CINEMAGOAL App Enabling Unauthorised Access to Streaming Platforms
Italian law enforcement agencies have dismantled a sophisticated piracy operation centered around the CINEMAGOAL application, which enabled unauthorized access to premium streaming platforms including Netflix, Sky, DAZN, Disney+, and Spotify. The operation, codenamed “All Clear,” was led by the Financial…
Telegram Channels Fuel Sale of Verified Bank Mule Accounts
Cybercriminal groups are increasingly using Telegram channels and encrypted platforms to sell verified bank and fintech mule accounts, signaling a major shift in how illicit funds are laundered at scale. According to recent threat intelligence findings, money mule operations have…
WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS
Security researchers have raised concerns over how WhatsApp stores user chat data on macOS and iOS, revealing that message databases may be stored in unencrypted form within app group containers accessible by other applications from the same developer ecosystem. According…
IT Security News Hourly Summary 2026-05-25 12h : 11 posts
11 posts were published in the last hour 10:4 : Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed 10:4 : Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks 10:4 : WhatsApp Chat Histories Stored Unencrypted…
Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed
A sharp surge in internet scanning activity targeting SonicWall firewall management interfaces has raised concerns among cybersecurity researchers, with GreyNoise reporting nearly 597,000 sessions in a single day. The spike, observed on May 12, 2026, marks the highest volume recorded…
Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks
Dutch authorities have seized more than 800 servers and arrested two individuals as part of a major investigation into a hosting infrastructure allegedly used to support cyberattacks, disinformation campaigns, and sanctions evasion linked to Russia. The Fiscal Information and Investigation…
WhatsApp Chat Histories Stored Unencrypted on macOS and iOS
Security researchers have revealed that WhatsApp chat histories may be stored unencrypted on both macOS and iOS devices, raising fresh concerns about local data protection and cross-application access within the Apple ecosystem. The issue, highlighted by iOS security researchers at…
MiniUpdate RAT Uses Azure-Hosted C2 Domains for Targeted Espionage Campaigns
A new wave of targeted espionage attacks has put technology professionals across the United States, Israel, and the United Arab Emirates on high alert. The threat comes from an Iran-linked hacking group deploying two families of remote access trojans through…
DocketWise Data Breach Impacts 143,000
Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories. The post DocketWise Data Breach Impacts 143,000 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: DocketWise Data…
Hackers Exploit Azure RBAC to Steal Key Vault Secrets
Hackers are increasingly exploiting cloud identity and access management systems, and a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus: to exfiltrate as much sensitive data from…
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been added to CISA’s…
Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation
Dutch authorities arrested two suspects and seized 800 servers tied to Stark Industries, a hosting firm linked to cyberattacks and disinformation. Dutch financial crime investigators arrested two men and seized 800 servers connected to Stark Industries, a hosting provider accused…
Microsoft Warns Passwords and SMS-Based 2FA Are No Longer Enough Against Modern Cyberattacks
Microsoft is intensifying its push toward passwordless security, warning that traditional passwords and older forms of two-factor authentication are becoming increasingly ineffective against modern phishing attacks powered by artificial intelligence. In a statement released during World Passkey Day, Microsoft said…
iOS 26.5 Introduces Private RCS Messaging and Core Feature Improvements
By introducing end-to-end encrypted RCS messaging between iPhone and Android devices for the first time, Apple has taken another step towards unifying secure cross-platform communication. In the update, Apple’s messaging architecture has been significantly altered, extending advanced encryption protections…
FBI Warns ‘Kali365’ Phishing Kit Hijacks Microsoft 365 OAuth Tokens
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Warns ‘Kali365’ Phishing Kit Hijacks Microsoft 365 OAuth Tokens
Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans
From fake F1 streams to counterfeit merch, fraudsters are exploiting fans online and the Bitdefender Cybersecurity Grand Prix Fan Threat Index details how This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Streams, Counterfeit Merch and Other…
Hackers Exploit Shared CDNs to Evade Domain Reputation Filters
Hackers are increasingly abusing shared Content Delivery Network (CDN) infrastructure to bypass domain-reputation-based security controls using a newly identified technique called “Underminr.” Underminr is not a conventional software flaw but an inherent weakness in how modern CDNs handle multi-tenant traffic.…
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens. The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…