Defects are an unavoidable part of software development. But when they slip into production and reach your customers, the consequences go beyond poor user experience — they can damage your brand’s credibility. That’s why every defect must be logged and…
ATM Hackers Using ‘Ploutus’ Malware Charged in US
US charged 54 individuals, including leaders and members of the Venezuelan crime syndicate Tren de Aragua. The post ATM Hackers Using ‘Ploutus’ Malware Charged in US appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Phishing Campaign Leverages Trusted Google Cloud Automation Capabilities to Evade Detection
This report describes a phishing campaign in which attackers impersonate legitimate Google generated messages by abusing Google Cloud Application Integration to distribute malicious emails that appear to originate from trusted Google infrastructure. The emails mimic routine enterprise notifications such as…
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today’s top tools and tech. This bundle is just $34.97 for a limited time. The post Price Drop: This Complete Ethical Hacking Bundle is Now $33 appeared first…
Arcane Werewolf Hacker Group Added Loki 2.1 Malware Toolkit to their Arsenal
The threat actor group known as Arcane Werewolf, also tracked as Mythic Likho, has refreshed its attack capabilities by deploying a new version of its custom malware called Loki 2.1. During October and November 2025, researchers observed this group launching…
Docker Open Sources Production-Ready Hardened Images for Free
Docker has announced a significant shift in its container security strategy, making its Docker Hardened Images (DHI) freely available to all developers. Previously a commercial-only offering, DHI provides a set of secure, minimal, and production-ready container images. By releasing these under an Apache…
Sleeping Bouncer Vulnerability Impacts Motherboards from Gigabyte, MSI, ASRock and ASUS
A significant security vulnerability has emerged affecting motherboards from Gigabyte, MSI, ASRock, and ASUS. Riot Games analysts and researchers identified a critical flaw during their ongoing investigation into gaming system security. The vulnerability, termed “Sleeping Bouncer,” exploits a weakness in…
Best of 2025: Scattered Spider Targets Aflac, Other Insurance Companies
Fresh off a series of recent attacks targeting major retail companies in the United States and the UK, the notorious Scattered Spider cybercrime group is now targeting insurance companies, and earlier this month apparently bagged a high-profile victim in Aflac.…
Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access
Open-source server monitoring tool, Nezha, is being exploited by attackers for remote system control This article has been indexed from www.infosecurity-magazine.com Read the original article: Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access
IT Security News Hourly Summary 2025-12-22 15h : 11 posts
11 posts were published in the last hour 14:2 : Pornhub tells users to expect sextortion emails after data exposure 14:2 : 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware 14:2 : Zero Trust AI Security: The Comprehensive…
Pornhub tells users to expect sextortion emails after data exposure
Users affected by the data breach may be contacted directly by cybercriminals, Pornhub warns. This article has been indexed from Malwarebytes Read the original article: Pornhub tells users to expect sextortion emails after data exposure
54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware
The suspects are leaders and members of the Venezuelan crime syndicate Tren de Aragua. The post 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Zero Trust AI Security: The Comprehensive Guide to Next-Generation Cybersecurity in 2026
The traditional perimeter-based security model has become obsolete in today’s distributed digital environment. With 82% of organizations now operating in hybrid or multi-cloud infrastructures and remote work becoming the standard, the concept of a secure network boundary no longer exists.…
Threat Detection Software: The Complete Guide to Protecting Your Digital Assets in 2026
The cybersecurity landscape in 2026 presents unprecedented challenges for organizations across all industries. With cybercrime damages projected to exceed $10.5 trillion annually, enterprises face sophisticated threats from attackers leveraging AI-powered tools, advanced persistent threats, and multi-vector attack strategies. Effective threat…
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel POSIX CPU Timers
A critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-free (UAF) vulnerability in the Linux kernel’s POSIX…
Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component and was discovered by security researchers…
SideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax Department
Zscaler Threat Hunting has identified a sophisticated espionage campaign targeting Indian entities through fraudulent “Income Tax Department” portals, representing a significant evolution in the SideWinder APT’s operational tradecraft. The threat actor, also known as Rattlesnake or APT-C-17, has refined its…
Blind Eagle Hackers Target Government Agencies Using PowerShell Scripts
Colombian government institutions are facing a sophisticated multi-stage cyberattack campaign orchestrated by the BlindEagle threat group, which leveraged compromised internal email accounts, PowerShell scripts, and steganography to deploy remote access trojans on target systems, according to Zscaler ThreatLabz researchers. The…
Nissan Discloses Data Breach Linked to Compromised Red Hat Infrastructure
Nissan Motor Co., Ltd. has disclosed a significant data breach affecting approximately 21,000 customers of Nissan Fukuoka Sales Co., Ltd. following unauthorized access to a Red Hat-managed server used for developing the company’s dealership customer management system. Red Hat, a…
Credit Monitoring Provider Discloses Breach Impacting 5.6 Million Users
A data breach usually does not lend itself to straightforward comparisons, as each occurrence is characterized by distinctive circumstances and carries different consequences for those involved. It is common for headlines to emphasize the scale of an attack, the prominence…
VPN Surge: Americans Bypass Age Verification Laws
Americans are increasingly seeking out VPNs as states enact stringent age verification laws that limit what minors can see online. These regulations compel users to provide personal information — like government issued IDs — to verify their age, leading to concerns…
Hackers Abuse Popular Monitoring Tool Nezha as a Stealth Trojan
Cybersecurity firm Ontinue reveals how the open-source tool Nezha is being used as a Remote Access Trojan (RAT) to bypass security and control servers globally. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More…
Infy Returns: Iran-linked hacking group shows renewed activity
Researchers report renewed activity by Iran-linked Infy (Prince of Persia), showing the hacking group remains active and dangerous after years of silence. SafeBreach researchers have spotted renewed activity from the Iran-linked APT group Infy, also known as Prince of Persia,…
New Wonderland Android Malware with Bidirectional SMS-Stealing Capabilities Stealing OTPs
A sophisticated new Android malware family called Wonderland has emerged as a significant threat to users in Uzbekistan and the broader Central Asia region. The malware, which specializes in stealing SMS messages and intercepting one-time passwords, represents a major escalation…