Cybersecurity
-
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
Source: The Hacker NewsRead more: Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email SecurityMicrosoft has raised concerns over a new phishing campaign targeting U.S. organizations that leverages large language models (LLMs) to enhance…
-
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package
Source: The Hacker NewsRead more: First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP PackageResearchers have identified the first-known malicious Model Context Protocol (MCP) server, highlighting new risks in software supply chains. The rogue…
-
The $847 Million Wake-Up Call: Why AI Security Can No Longer Wait
Read more: The $847 Million Wake-Up Call: Why AI Security Can No Longer WaitLast year, a Fortune 500 financial institution discovered their AI-powered fraud detection system had been compromised for six months. The…
-
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Source: BleepingComputerRead more: Akira ransomware breaching MFA-protected SonicWall VPN accountsAkira ransomware attacks have been breaching accounts on SonicWall SSL VPN devices, even with one-time password multi-factor authentication (MFA) enabled.…
-
British Department Store Harrods Warns Customers That Some Personal Details Taken in Data Breach
Source: SecurityWeekRead more: British Department Store Harrods Warns Customers That Some Personal Details Taken in Data BreachHarrods has alerted customers that certain personal information was compromised in a data breach. This incident is part of a…
-
EU probes SAP over anti-competitive ERP support practices
Source: BleepingComputerRead more: EU probes SAP over anti-competitive ERP support practicesThe European Commission is investigating SAP for potential anti-competitive practices related to its aftermarket services for on-premise ERP software. This…
-
Fake Microsoft Teams installers push Oyster malware via malvertising
Source: BleepingComputerRead more: Fake Microsoft Teams installers push Oyster malware via malvertisingCybercriminals are leveraging SEO poisoning and search engine ads to distribute malicious Microsoft Teams installers. This malware, known as Oyster,…
-
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
Source: The Hacker NewsRead more: China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN NetworksA new variant of the PlugX malware is actively targeting the telecommunications and manufacturing sectors in Central and South Asia.…
-
Threat Insights: Active Exploitation of Cisco ASA Zero Days
Source: Palo Alto Networks Unit 42Read more: Threat Insights: Active Exploitation of Cisco ASA Zero DaysRecent zero-day vulnerabilities CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363 have been identified in multiple Cisco products. These vulnerabilities are currently being exploited…
-
New tool: convert-ts-bash-history.py, (Fri, Sep 26th)
Source: SANS Internet Storm CenterRead more: New tool: convert-ts-bash-history.py, (Fri, Sep 26th)A new script simplifies the process of creating timelines from .bash_history data. It parses history files and presents the commands…