Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
China’s Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations.… This article has been indexed from The Register –…
IT Security News Hourly Summary 2025-12-17 00h : 4 posts
4 posts were published in the last hour 23:3 : SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users 22:55 : IT Security News Daily Summary 2025-12-16 22:34 : Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw 22:34 :…
SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users
SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with follow-up DoS attacks by unnamed attackers while media reports allege involvement of ShinyHunters. This article has been indexed from Hackread…
IT Security News Daily Summary 2025-12-16
141 posts were published in the last hour 22:34 : Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw 22:34 : Cryptomining campaign targeting Amazon EC2 and Amazon ECS 22:2 : Azure CLI Trust Abused in ConsentFix Account Takeovers 22:2 :…
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. The post Google Finds Five China-Nexus Groups Exploiting React2Shell…
Cryptomining campaign targeting Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and…
Azure CLI Trust Abused in ConsentFix Account Takeovers
ConsentFix abuses trusted Azure CLI OAuth flows to hijack Microsoft accounts without passwords or MFA. The post Azure CLI Trust Abused in ConsentFix Account Takeovers appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Analytics provider: We didn’t expose smut site data to crims
An employee of the adult site could be responsible. Analytics vendor Mixpanel says it is not the source of data stolen from Pornhub and says the info was last accessed by an employee of the adult site.… This article has…
APT-C-35 Infrastructure Activity Leveraged Using Apache HTTP Response Indicators
A significant discovery in threat intelligence reveals that APT-C-35, commonly known as DoNot, continues to maintain an active infrastructure footprint across the internet. Security researchers have identified new infrastructure clusters linked to this India-based threat group, which has long been…
Browser ‘privacy’ extensions have eye on your AI, log all your chats
More than 8 million people have installed extensions that eavesdrop on chatbot interactions Ad blockers and VPNs are supposed to protect your privacy, but four popular browser extensions have been doing just the opposite. According to research from Koi Security,…
Code Execution in Jupyter Notebook Exports
After our research on Cursor, in the context of developer-ecosystem security, we turn our attention to the Jupyter ecosystem. We expose security risks we identified in the notebook’s export functionality, in the default Windows environment, to help organizations better protect…
NDSS 2025 – Selective Data Protection against Memory Leakage Attacks for Serverless Platforms
Session 6B: Confidential Computing 1 Authors, Creators & Presenters: Maryam Rostamipoor (Stony Brook University), Seyedhamed Ghavamnia (University of Connecticut), Michalis Polychronakis (Stony Brook University) PAPER LeakLess: Selective Data Protection against Memory Leakage Attacks for Serverless Platforms As the use of…
IT Security News Hourly Summary 2025-12-16 21h : 5 posts
5 posts were published in the last hour 19:32 : Microsoft Details Mitigations Against React2Shell RCE Vulnerability in React Server Components 19:32 : Hackers Can Manipulate Internet-Based Solar Panel Systems to Execute Attacks in Minutes 19:32 : LLMs are Accelerating…
Microsoft Details Mitigations Against React2Shell RCE Vulnerability in React Server Components
Microsoft has released comprehensive mitigations for a critical vulnerability dubbed React2Shell (CVE-2025-55182), which poses severe risks to React Server Components and Next.js environments. With a maximum CVSS score of 10.0, this pre-authentication remote code execution flaw allows threat actors to…
Hackers Can Manipulate Internet-Based Solar Panel Systems to Execute Attacks in Minutes
A new class of internet-based attacks is turning solar power infrastructure into a high‑risk target, allowing hackers to disrupt energy production in minutes using nothing more than open ports and free tools. Modern solar farms rely on networked operational technology,…
LLMs are Accelerating the Ransomware Operations with Functional Tools and RaaS
The integration of Large Language Models (LLMs) into ransomware operations marks a pivotal shift in the cybercrime landscape, functioning as a potent operational accelerator rather than a fundamental revolution. This technology dramatically lowers barriers to entry, enabling even low-skill actors…
Russian Hackers Attacking Network Edge Devices in Western Critical Infrastructure
A Russian state-sponsored hacking group has been targeting network edge devices in Western critical infrastructure since 2021, with operations intensifying throughout 2025. The campaign, linked to Russia’s Main Intelligence Directorate (GRU) and the notorious Sandworm group, represents a major shift…
Veza Extends Reach to Secure and Govern AI Agents
Veza has added a platform to its portfolio that is specifically designed to secure and govern artificial intelligence (AI) agents that might soon be strewn across the enterprise. Currently in the process of being acquired by ServiceNow, the platform is…
SantaStealer stuffs credentials, crypto wallets into a brand new bag
All I want for Christmas … is all of your data A new, modular infostealer called SantaStealer, advertised on Telegram with a basic tier priced at $175 per month, promises to make criminals’ Christmas dreams come true. It boasts that…
From Open Source to OpenAI: The Evolution of Third-Party Risk
From open source libraries to AI-powered coding assistants, speed-driven development is introducing new third-party risks that threat actors are increasingly exploiting. The post From Open Source to OpenAI: The Evolution of Third-Party Risk appeared first on SecurityWeek. This article has…
How test data generators support compliance and data privacy
Whether you’re generating data from scratch or transforming sensitive production data, performant test data generators are critical tools for achieving compliance in development workflows. The post How test data generators support compliance and data privacy appeared first on Security Boulevard.…
Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities
Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original…
Android vs. iPhone: Which one is more secure?
<p>Android and iOS devices differ in a few ways, and security is one area where these differences affect organizations most.</p> <p>The choice between iPhones and Android devices has long been an issue of debate among IT departments looking to ensure…