A groundbreaking bill has been proposed by the Danish government to curb the growing threat of artificial intelligence-generated deepfakes, a threat that is expected to rise in the future. In the proposed framework, individuals would be entitled to claim…
North Korea-Linked Hackers Behind $2.1 Billion in Crypto Theft in Early 2025
A new report from blockchain analytics firm TRM Labs reveals that hackers stole an unprecedented $2.1 billion in cryptocurrency during the first half of 2025—marking the highest amount ever recorded for a six-month period. A staggering 70% of the…
“CitrixBleed 2” Vulnerability PoC Released – Warns of Potential Widespread Exploitation
Critical flaw in Citrix NetScaler devices echoes infamous 2023 security breach that crippled major organizations worldwide. The new critical vulnerability in Citrix NetScaler devices has security experts warning of potential widespread exploitation, drawing alarming parallels to the devastating “CitrixBleed” attacks…
IT Security News Hourly Summary 2025-07-05 15h : 1 posts
1 posts were published in the last hour 13:2 : Massive spike in use of .es domains for phishing abuse
New Phishing Attack Impersonates as DWP Attacking Users to Steal Credit Card Data
A sophisticated phishing campaign targeting UK citizens has emerged, masquerading as official communications from the Department for Work and Pensions (DWP) to steal sensitive financial information. The campaign, which has been active since late May 2025, represents a significant escalation…
Writable File in Lenovo’s Windows Directory Enables a Stealthy AppLocker Bypass
A significant security vulnerability has been discovered in Lenovo’s preloaded Windows operating systems, where a writable file in the Windows directory enables attackers to bypass Microsoft’s AppLocker security framework. The issue affects all variants of Lenovo machines running default Windows…
Instagram Started Using 1-Week Validity TLS Certificates and Changes Them Daily
Instagram has adopted an unprecedented approach to web security by implementing daily rotation of TLS certificates that maintain validity periods of just one week, according to a recent technical analysis. This practice represents a significant departure from industry standards, where…
Threat Actors Turning Job Offers Into Traps, Over $264 Million Lost in 2024 Alone
Cybercriminals are exploiting the economic uncertainty and remote work trends to orchestrate sophisticated employment fraud schemes, with victims losing over $264 million in 2024 alone according to FBI reports. These malicious campaigns, known as “task scams,” represent a rapidly evolving…
Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
Russian Federal Security Service (FSB) officers have detained two hackers in Siberia who conducted cyberattacks on critical infrastructure facilities under direct orders from Ukrainian intelligence services. The simultaneous arrests in the Kemerovo and Tomsk regions exposed a sophisticated cyber espionage…
Massive spike in use of .es domains for phishing abuse
¡Cuidado! Time to double-check before entering your Microsoft creds Cybersecurity experts are reporting a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.… This article has been indexed…
How Digital Executive Protection Shields Top Leaders from Modern Threats
Cybersecurity threats have emerged so quickly that most companies struggle to keep up and executives are often the… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: How Digital…
Android May Soon Warn You About Fake Cell Towers
Plus: Iran-linked hackers threaten to release Trump campaign emails, Chinese hackers still in US telecoms networks, and an abusive deepfake website plans an expansion. This article has been indexed from Security Latest Read the original article: Android May Soon Warn…
Scattered Spider Upgraded Their Tactics to Abuse Legitimate Tools to Evade Detection and Maintain Persistence
The cybercriminal group known as Scattered Spider has significantly evolved its attack methodologies, demonstrating alarming sophistication in exploiting legitimate administrative tools to maintain persistent access to compromised networks. Also tracked under aliases including UNC3944, Scatter Swine, and Muddled Libra, this…
IT Security News Hourly Summary 2025-07-05 12h : 2 posts
2 posts were published in the last hour 9:34 : Researchers Uncover New Technique to Exploit Azure Arc for Hybrid Escalation in Enterprise Environment and Maintain Persistence 9:34 : Hackers Exploit Legitimate Inno Setup Installer to Use as a Malware…
Researchers Uncover New Technique to Exploit Azure Arc for Hybrid Escalation in Enterprise Environment and Maintain Persistence
Cybersecurity researchers have discovered a sophisticated attack technique that exploits Microsoft Azure Arc deployments to gain persistent access to enterprise environments. The research, conducted during recent red team operations, reveals how adversaries can leverage misconfigured Azure Arc installations to escalate…
Hackers Exploit Legitimate Inno Setup Installer to Use as a Malware Delivery Vehicle
Cybercriminals have increasingly turned to legitimate software installation frameworks as vehicles for malware distribution, with Inno Setup emerging as a preferred tool for threat actors seeking to bypass security measures. This legitimate Windows installer framework, originally designed to simplify software…
IT Security News Hourly Summary 2025-07-05 09h : 2 posts
2 posts were published in the last hour 6:35 : Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS 6:34 : Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
Hackers Exploiting Java Debug Wire Protocol Servers in Wild to Deploy Cryptomining Payload
A new wave of cyberattacks is targeting organizations that inadvertently expose Java Debug Wire Protocol (JDWP) servers to the internet, with attackers leveraging this overlooked entry point to deploy sophisticated cryptomining malware. JDWP, a standard feature in the Java platform,…
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS
Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. “The attacker used a modified version of XMRig with a hard-“coded configuration, allowing them to avoid suspicious…
Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China. The alert comes following an inspection of…
UK Man Accused in Major International Hacking Case, Faces US Charges
A 25-year-old British citizen has been formally charged in the United States for allegedly leading an international hacking operation that caused millions in damages to individuals, companies, and public institutions. Authorities in the US claim the man, identified as Kai…
Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition
Key Takeaways1. Next.js versions 15.1.0-15.1.8 have a cache poisoning bug causing DoS attacks through blank page delivery.2. Needs affected Next.js version + ISR with cache revalidation + SSR with CDN caching 204 responses.3. Race condition allows HTTP 204 responses to…
IT Security News Hourly Summary 2025-07-05 00h : 2 posts
2 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-07-04 21:36 : Friday Squid Blogging: How Squid Skin Distorts Light
IT Security News Daily Summary 2025-07-04
72 posts were published in the last hour 21:36 : Friday Squid Blogging: How Squid Skin Distorts Light 20:34 : Critical Sudo bugs expose major Linux distros to local Root exploits 20:34 : Ransomware Attacks Spike Despite Gang Closure 17:7…
Friday Squid Blogging: How Squid Skin Distorts Light
New research. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. This article has been indexed from Schneier on Security Read the original article:…
Critical Sudo bugs expose major Linux distros to local Root exploits
Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities…
Ransomware Attacks Spike Despite Gang Closure
New research from Comparitech revealed that in the first half of 2025, 3,627 ransomware attacks were reported and logged. This is a 47% increase since the first half of 2024, which is highly concerning for major organisations due to the…