Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub
A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network. "The campaigns resulted in a multi-stage attack chain targeting Minecraft users specifically," Check Point researchers JaromΓr HoΕejΕ‘Γ and Antonis Terefos said in a report shared with The Hacker News. "The malware was
Published on: June 18, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
How CISOs Can Govern AI & Meet Evolving Regulations
Security teams are no longer just the last line of defense β they are the foundation for responsible AI adoption.
Published on: June 18, 2025 | Source:Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks
An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.
Published on: June 18, 2025 | Source:Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation
Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation appeared first on SecurityWeek.
Published on: June 18, 2025 | Source:Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security
Adopting a layered defense strategy that includes human-centric tools and updating security components. The post Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security appeared first on SecurityWeek.
Published on: June 18, 2025 | Source:FedRAMP at Startup Speed: Lessons Learned
For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is reserved for the well-resourced enterprise. But thatβs changing. In this post, we break down how fast-moving startups can realistically achieve FedRAMP Moderate authorization without derailing
Published on: June 18, 2025 | Source:OpenAI to Help DoD With Cyber Defense Under New $200 Million Contract
OpenAI has been awarded a $200 million contract for AI capabilities to help the Defense Department address national security challenges. The post OpenAI to Help DoD With Cyber Defense Under New $200 Million Contract appeared first on SecurityWeek.
Published on: June 18, 2025 | Source:Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign
Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. "The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence on infected systems," Trend Micro researchers Jovit Samaniego, Aira Marcelo, Mohamed
Published on: June 18, 2025 | Source:Chrome 137 Update Patches High-Severity Vulnerabilities
Google has released a Chrome 137 update to resolve two memory bugs in the browserβs V8 and Profiler components. The post Chrome 137 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
Published on: June 18, 2025 | Source:Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products
Veeam and BeyondTrust have resolved several vulnerabilities that could be exploited for remote code execution. The post Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products appeared first on SecurityWeek.
Published on: June 18, 2025 | Source:Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People
Hackers have stolen personal and health information belonging to the customers of healthcare organizations served by Episource. The post Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People appeared first on SecurityWeek.
Published on: June 18, 2025 | Source:CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible
Published on: June 18, 2025 | Source:Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents
A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information (NDI) to people who were not entitled to receive them and for attempting to cover up the malicious activity. Asif William Rahman, 34, of Vienna, has been sentenced today to 37 months on charges of
Published on: June 18, 2025 | Source:Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," the
Published on: June 18, 2025 | Source:Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict
Iran has throttled internet access in the country in a purported attempt to hamper Israel's ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region. Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to
Published on: June 18, 2025 | Source:Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach
The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.
Published on: June 18, 2025 | Source:Researchers say AI hacking tools sold online were powered by Grok, Mixtral
A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI and Mistral, according to Cato Networks. The post Researchers say AI hacking tools sold online were powered by Grok, Mixtral appeared first on CyberScoop.
Published on: June 17, 2025 | Source:Iranβs Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group
The attack introduces a clear cyber element with immediate consequences for the countryβs critical infrastructure amid a growing conflict between Israel and Iran. The post Iranβs Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group appeared first on CyberScoop.
Published on: June 17, 2025 | Source:'HoldingHands' Acts Like a Pickpocket With Taiwan Orgs
Since at least January, the threat actor has been employing multiple malware tools to steal information for potential future attacks against Taiwanese businesses and government agencies.
Published on: June 17, 2025 | Source:New ClickFix Malware Variant βLightPerlGirlβ Targets Users in Stealthy Hack
Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site. The post New ClickFix Malware Variant βLightPerlGirlβ Targets Users in Stealthy Hack appeared first on SecurityWeek.
Published on: June 17, 2025 | Source:Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper. The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3). Google addressed the flaw later that month after Kaspersky reported in-the-wild
Published on: June 17, 2025 | Source:LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
Cybersecurity researchers have disclosed a now-patched security flaw in LangChain's LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform that allows users to
Published on: June 17, 2025 | Source:Cyber experts call for supercharging volunteer network to protect community organizations
To defend βtarget rich, resource poorβ critical infrastructure from cyberattacks, the U.S. must expand its patchwork volunteer system, a new report concludes. The post Cyber experts call for supercharging volunteer network to protect community organizations appeared first on CyberScoop.
Published on: June 17, 2025 | Source:Private 5G: New Possibilities β and Potential Pitfalls
While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.
Published on: June 17, 2025 | Source:Operation Endgame: Do Takedowns and Arrests Matter?
Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.
Published on: June 17, 2025 | Source:The Cyber Future Is Riskier Than You Think
Sound suggestions on how to tackle four "quiet problems" that often slip through the security cracks.
Published on: June 17, 2025 | Source:Hackers Exploit Critical Langflow Flaw to Unleash Flodrix Botnet
A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data
Published on: June 17, 2025 | Source:Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware
Cybersecurity researchers are warning of a new phishing campaign that's targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe. The activity is part of a broader campaign that delivered the Winos 4.0 malware framework earlier this January by sending phishing messages impersonating Taiwan's National Taxation Bureau, Fortinet FortiGuard Labs said in a report
Published on: June 17, 2025 | Source:WestJet Airlines App, Website Suffer After Cyber Incident
Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.
Published on: June 17, 2025 | Source:Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends
Congress should use renewal of an expiring terrorism insurance program to create a federal backstop for cybersecurity insurance, according to a report out Tuesday that tries to thread many difficult needles to bolster an industry that its author says isnβt developing fast enough. In an ideal world, cybersecurity insurance can be a valuable tool to [β¦] The post Federal cyber insurance backstop should be tied to expiring...
Published on: June 17, 2025 | Source:Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms
The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG). "Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarks of Scattered Spider activity," John Hultquist, chief analyst
Published on: June 17, 2025 | Source:US Insurance Industry Warned of Scattered Spider Attacks
Google is warning insurance companies that Scattered Spider appears to have shifted its focus from the retail sector. The post US Insurance Industry Warned of Scattered Spider Attacks appeared first on SecurityWeek.
Published on: June 17, 2025 | Source:Circumvent Raises $6 Million for Cloud Security Platform
Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation. The post Circumvent Raises $6 Million for Cloud Security Platform appeared first on SecurityWeek.
Published on: June 17, 2025 | Source:Are Forgotten AD Service Accounts Leaving You at Risk?
For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts (created for legacy applications, scheduled tasks, automation scripts, or test environments) are often left active with non-expiring or stale passwords. Itβs no surprise
Published on: June 17, 2025 | Source:Where AI Provides Value
If youβve worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a pizza topping, then youβre safe for another day. But the fact remains that AI already has definite advantages over even the most skilled humans, and knowing where these advantages ariseβand where they...
Published on: June 17, 2025 | Source: