Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This post reviews TTPs, IOCs, and mitigation guidance. The post Storm-2561 uses…
Attackers Hijack Microsoft 365 Accounts Through OAuth Device Code Abuse Without Stealing Passwords
Analysts at ANY.RUN has identified a sharp spike in phishing campaigns exploiting Microsoft’s OAuth Device Authorization Grant flow, with more than 180 malicious URLs detected within a single week. Unlike conventional credential harvesting, this technique routes victims through legitimate Microsoft…
From transparency to action: What the latest Microsoft email security benchmark reveals
The latest Microsoft benchmarking data reveals how Microsoft Defender mitigates modern email threats compared to SEG and ICES vendors. The post From transparency to action: What the latest Microsoft email security benchmark reveals appeared first on Microsoft Security Blog. This…
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Scammers are hijacking popular security tools like Cloudflare to hide fake Microsoft 365 login pages. Learn how this new invisible phishing campaign bypasses antivirus software and how you can stay safe. This article has been indexed from Hackread – Cybersecurity…
Law enforcement shuts down botnet made of tens of thousands of hacked routers
An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute child sexual abuse material. This article has been indexed from Security News…
Google API Keys Expose Gemini AI Data via Leaked Credentials
Google API keys, once considered harmless when embedded in public websites for services like Maps or YouTube, have turned into a serious security risk following the integration of Google’s Gemini AI assistant. Security researchers at Truffle Security uncovered this…
How to manage the lifecycle of Amazon Machine Images using AMI Lineage for AWS
As organizations scale their cloud infrastructure, maintaining proper lifecycle management of Amazon Machine Images (AMIs) is a critical component of their security and risk management goals. AMIs provide the essential information required to launch Amazon Elastic Compute Cloud (Amazon EC2)…
IT Security News Hourly Summary 2026-03-12 18h : 12 posts
12 posts were published in the last hour 16:34 : 400K WordPress Sites Exposed by Elementor Ally Plugin SQL Flaw 16:34 : How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks 16:34 : Operating Lightning takes down SocksEscort proxy network…
400K WordPress Sites Exposed by Elementor Ally Plugin SQL Flaw
A SQL injection flaw in the Elementor Ally plugin exposes over 400,000 WordPress sites to potential data theft. The post 400K WordPress Sites Exposed by Elementor Ally Plugin SQL Flaw appeared first on eSecurity Planet. This article has been indexed…
How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks
Amid a paralyzing breach of medical tech firm Stryker, the group has come to represent Iran’s use of “hacktivism” as cover for chaotic, retaliatory state-sponsored cyberattacks. This article has been indexed from Security Latest Read the original article: How ‘Handala’…
Operating Lightning takes down SocksEscort proxy network blamed for tens of millions in fraud
International cops stuck down 23 servers in 7 countries Cops from eight countries this week disrupted SocksEscort, a residential proxy service used by criminals to compromise hundreds of thousands of routers worldwide and carry out digital fraud, costing businesses and…
Top 5 Security Operations Consulting Firms for Government Contractors
Government contractors do not have the luxury of treating security operations like a background IT… Top 5 Security Operations Consulting Firms for Government Contractors on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article…
Siemens Heliox EV Chargers
View CSAF Summary Heliox EV Chargers listed below contain improper access control vulnerability that could allow an attacker to reach unauthorized services via the charging cable. Siemens has released new versions for the affected products and recommends to update to…
Trane Tracer SC, Tracer SC+, and Tracer Concierge
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, execute arbitrary commands, or perform a denial-of-service on the product. The following versions of Trane Tracer SC, Tracer SC+, and Tracer Concierge are affected:…
Siemens SIMATIC
View CSAF Summary SIMATIC S7-1500 devices contain a vulnerability that could allow an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in the web interface. Siemens has released new versions for several…
Siemens RUGGEDCOM APE1808 Devices
View CSAF Summary Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. The following versions of…
Siemens SIDIS Prime
View CSAF Summary SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest…
Apple issues emergency fixes for Coruna flaws in older iOS versions
Apple released iOS 16.7.15 and 15.8.7 updates for older iPhones and iPads to patch vulnerabilities linked to the Coruna exploits. Apple has released security updates for legacy devices, rolling out iOS and iPadOS 16.7.15 and 15.8.7 to address vulnerabilities tied…
Critical MediaTek Vulnerability Lets Attackers Steal Android Phone PINs in 45 Seconds
A critical vulnerability in the MediaTek Dimensity 7300 chipset allows a physical attacker to extract device PINs, decrypt on-device storage, and steal cryptocurrency wallet seed phrases in approximately 45 seconds, raising serious alarms for the roughly 25% of Android users…
PixRevolution Malware Hijacks Brazil’s PIX Transfers in Real Time
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse This article has been indexed from www.infosecurity-magazine.com Read the original article: PixRevolution Malware Hijacks Brazil’s PIX Transfers in Real Time
Bell Ambulance Confirms Data Breach Affecting 237,830 Individuals
Bell Ambulance disclosed a data breach impacting 237,830 individuals after unauthorized access to its network exposed personal and medical data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Bell…
DPoP: What It Is, How It Works, and Why Bearer Tokens Aren’t Enough
DPoP is one of the most exciting developments in the identity and access management (IAM) space in recent years. Yet many backend developers either have not heard of it or are unsure what it actually changes. In this article, I…
Critical Zero-Click Flaw in n8n Allows Full Server Compromise
The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Zero-Click Flaw in n8n Allows Full Server Compromise
Meta Rolls Out New Scam Alerts Across Facebook, WhatsApp, and Messenger
Meta is rolling out new scam alerts across Facebook, WhatsApp, and Messenger as it ramps up AI-driven fraud detection and advertiser verification. The post Meta Rolls Out New Scam Alerts Across Facebook, WhatsApp, and Messenger appeared first on TechRepublic. This…