Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromised tens of thousands of outdated or end-of-life ASUS routers worldwide,…
Fake CAPTCHA Triggers 42-Day Akira Ransomware Attack
A fake CAPTCHA click led to a 42-day Akira ransomware breach that went largely undetected despite extensive security tooling. The post Fake CAPTCHA Triggers 42-Day Akira Ransomware Attack appeared first on eSecurity Planet. This article has been indexed from eSecurity…
Amazon security boss: Hostile countries use cyber targeting for physical military strikes
And companies are getting caught in the crossfire interview Warfare has become a joint cyber-kinetic endeavor, with nations using cyber operations to scope out targets before launching missiles. And private companies, including shipping, transportation, and electronics manufacturers, are getting caught…
Secure.com Raises $4.5 Million for Agentic Security
The cybersecurity company has launched Digital Security Teammate (DST), AI agents that investigate, triage, and escalate incidents when needed. The post Secure.com Raises $4.5 Million for Agentic Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes
Amazon threat intelligence experts have documented two cases in which Iran leveraged hacking to prepare for kinetic attacks. The post Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes appeared first on SecurityWeek. This article has been…
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare
The new threat landscape The line between cyber warfare and traditional kinetic operations is rapidly blurring. Recent investigations by Amazon threat intelligence teams have uncovered a new trend that they’re calling cyber-enabled kinetic targeting in which nation-state threat actors systematically…
DPDK Cryptography Build and Tuning Guide
One of the many use cases customers run on Ampere-powered systems is packet processing workloads built on DPDK. Ampere has published a setup and tuning guide for DPDK to assist customers with getting the best performance from these workloads. Since…
Attackers Actively Exploiting Critical Vulnerability in Post SMTP Plugin
On October 11th, 2025, we received a submission for an Account Takeover via Email Log Disclosure vulnerability in Post SMTP, a WordPress plugin with more than 400,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to view…
ShadowRay 2.0 Exploits Ray Vulnerability to Hijack AI Clusters
A new ShadowRay 2.0 campaign is abusing a Ray vulnerability to seize control of AI infrastructure worldwide. The post ShadowRay 2.0 Exploits Ray Vulnerability to Hijack AI Clusters appeared first on eSecurity Planet. This article has been indexed from eSecurity…
US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks
The newly imposed sanctions target Russian-based web host Media Land, which officials say are linked to LockBit and BlackSuit ransomware attacks. This article has been indexed from Security News | TechCrunch Read the original article: US, UK, and Australia sanction…
U.S. Agencies Consider Restrictions on TP-Link Routers Over Security Risks
A coordinated review by several federal agencies in the United States has intensified scrutiny of TP-Link home routers, with officials considering whether the devices should continue to be available in the country. Recent reporting indicates that more than six…
IT Security News Hourly Summary 2025-11-19 18h : 10 posts
10 posts were published in the last hour 17:4 : Hacker Selling Alleged Samsung Medison Data Stolen In 3rd Party Breach 17:4 : Hackers Using Leverage Tuoni C2 Framework Tool to Stealthily Deliver In-Memory Payloads 17:4 : Massive Hacking Operation…
Hacker Selling Alleged Samsung Medison Data Stolen In 3rd Party Breach
Hacker using the alias 888, claims to be selling Samsung Medison data taken through a third party breach, including internal files, keys and user info. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto…
Hackers Using Leverage Tuoni C2 Framework Tool to Stealthily Deliver In-Memory Payloads
A new wave of cyberattacks has emerged using the Tuoni Command and Control (C2) framework, a sophisticated tool that allows threat actors to deploy malicious payloads directly into system memory. This technique helps attackers avoid detection by traditional security solutions…
Massive Hacking Operation WrtHug Compromises Thousands of ASUS Routers Worldwide
A sophisticated cyber campaign known as Operation WrtHug has hijacked tens of thousands of ASUS WRT routers globally, turning them into potential espionage tools for suspected China-linked hackers. SecurityScorecard’s STRIKE team, in collaboration with ASUS, revealed the operation on November…
Chinese PlushDaemon Hackers use EdgeStepper Tool to Hijack Legitimate Updates and Redirect to Malicious Servers
A China-aligned threat group known as PlushDaemon has been weaponizing a sophisticated attack method to infiltrate networks across multiple regions since 2018. The group’s primary strategy involves intercepting legitimate software updates by deploying a specialized tool called EdgeStepper, which acts…
‘The Gentlemen’ Ransomware Group with Dual-Extortion Strategy Encrypts and Exfiltrates Data
A new ransomware threat named “The Gentlemen” has emerged in the cybersecurity landscape, demonstrating advanced attack capabilities and a well-structured operational model. First appearing around July 2025, this group quickly established itself as a serious threat, publishing 48 victims on…
Mac users warned about new DigitStealer information stealer
DigitStealer is a new infostealer built for macOS, and it stands out for being smarter than most. Here’s how it works and how to stay safe. This article has been indexed from Malwarebytes Read the original article: Mac users warned…
NDSS 2025 – The Skeleton Keys: A Large Scale Analysis Of Credential Leakage In Mini-Apps
———– SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Yizhe Shi (Fudan University), Zhemin Yang (Fudan University), Kangwei Zhong (Fudan University), Guangliang Yang (Fudan University), Yifan Yang (Fudan University), Xiaohan Zhang (Fudan University), Min Yang (Fudan University)…
Unicode: It is more than funny domain names., (Wed, Nov 12th)
When people discuss the security implications of Unicode, International Domain Names (IDNs) are often highlighted as a risk. However, while visible and often talked about, IDNs are probably not what you should really worry about when it comes to Unicode.…
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday. The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote…
FCC plan to scrap telecom cyber rules draws congressional backlash
A prominent U.S. senator wants the commission to rethink its plans. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: FCC plan to scrap telecom cyber rules draws congressional backlash
Seraphic Becomes the First and Only Secure Enterprise Browser Solution to Protect Electron-Based Applications
Tel Aviv, Israel, 19th November 2025, CyberNewsWire Seraphic Becomes the First and Only Secure Enterprise Browser Solution to Protect Electron-Based Applications on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed…
Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices
Cybersecurity researchers have disclosed details of a new campaign that leverages a combination of social engineering and WhatsApp hijacking to distribute a Delphi-based banking trojan named Eternidade Stealer as part of attacks targeting users in Brazil. “It uses Internet Message…