Author: Admin
May 13, 2025Red LakshmananZero day / vulnerability The Türkiye threat actor exploits the lack of security with zero day on the Indian communication platform called “Messenger withdrawal” as part of a cyber-spanning campaign since April 2024. “These exploits have led to the collection of relevant users’ data for goals in Iraq,” Microsoft’s intelligence group – Note. “The targets of the attack are related to the Kurdish military personnel operating in Iraq, according to previously observed marble priorities aimed at dust.” Activities has been associated with a group of threats it monitors as Marble dust (Previously silicon), which is also known…
May 12, 2025.Red LakshmananVulnerability / safety of the final points ASUS released updates to address two security deficiencies that affect the ASUS DriverHub, which, if successfully used, can allow the attacker to use the software to achieve the remote execution of the code. Driver This is a tool designed to automatically detect a computer’s maternity board model and displaying the necessary drivers updates for subsequent installation by communication with A with A with A A highlighted site Located in “DriverHub.Asus (.) Com.” Disadvantages found in the software given below – Cve-2025-3462 (CVSS Assessment: 8.4) – Vulnerability of Error Verification, which…
The detection of the tinted powers is only half the battle. A real problem – and often neglected half of the equation is what happens after detection. New Studies from the state Mysteries Hitgardan spread 2025. The report shows an alarming trend: the vast majority of exposed campaign The secrets expressed in the state shelters remain real years after the detection, creating an extended surface of the attack that many organizations do not solve. According to the GitGuardian analysis for open secrets in GitHub repository, an alarming percentage of powers found in 2022 remains true today: “Detection of a secret…
May 12, 2025.Red LakshmananMalicious software / artificial intelligence Actors threats were observed for the use of fake tools that support artificial intelligence (AI) as a bait to attract users to download the theft of malicious software called Emergency. ‘Instead of relying on traditional phishing or hacked software sites, they build convincing AI-thematic platforms – Note In a report published last week. Messages that are divided into these pages have been found to attract more than 62,000 views on one message, indicating that users looking for AI -to -editing tools are the goals of this company. Some of the fake pages…
10 May 2025Red LakshmananCryptocurrency / cybercrime The Federal Criminal Police of Germany (aka Bundeskriminalamt or BKA) have seized the Internet infrastructure and shut -off with Exchange of cryptocurrencies over charges of money laundering and the operation of the criminal trading platform. The operation was carried out on April 30, 2025, the authorities said, adding that they also seized 8 terabytes worth 34 million euros (38.25 million dollars) at Bitcoin, Ether, Litecoin and Dash. According to BKA, CX (.) CX has existed since 2014 and offered to replace cryptocurrencies, allowing its users to share digital assets. It was available both in…
10 May 2025Red LakshmananBiometric data / privacy Google has agreed to pay the US states of nearly $ 1.4 billion to resolve two lawsuits that accused the company tracking the users’ personal location and maintain a person’s recognition data without consent. Payment of $ 1.375 billion paid that the technological giant paid for the settlement of such lawsuits brought by other US states. In November 2022 he paid 391 million dollars to a group of 40 states. In January 2023 he paid $ 29.5 million to Indiana and Washington. Later in September he dispersed another 93 million dollars To settle…
North Korean subjects threats Increased interview The company was observed using updated versions of the interplatform malicious program called Ottercookie with opportunities to steal the credentials in web browsers and other files. NTT Security Holdings which minute The new conclusions said that the attackers “actively and constantly” updated malicious software, presenting versions of V3 and V4 in February and April 2025, respectively. The Japanese Cybersecurity Company is tracking cluster called DiverAlso known as CL-Sta-0240, DepeptiveVevelopment, Dev#Popper, Famous Chollima, Purplebravo and Pungson’s Honor. Ottercookie was First documented NTT last year after watching it in the attacks since September 2024. Delivered by…
A joint operation on law enforcement agencies conducted by the Dutch and US authorities dismantled the criminal network of proxy, which works on thousands of infected Internet things (IoT) and the devices of the end of life (EOL), engaging them in Bottet for the provision of anonymous actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chrtkov, 37, Kirill Vladimirovich Morozov, 41, Aleksandrovich Shishkin, 36, and Dmitriy Rubtsov, 38, 36, 36, 36, 36, 36. National, Have Been accuse The US Department of Justice (Doj) on exploitation, maintenance and profit from proxy. DOJ noted that users paid a monthly…
09 May 2025Red LakshmananAttack of supply chain / malicious software Cybersecurity researchers have indicated three malicious NPM packages that are designed to focus on the Apple MacOS Cursor version, a popular Apple MacOS source. “Demanded into the developer tools offering” the cheapest API cursor “, these packages steal users’ powers, get encrypted useful load from infrastructure controlled by the threat – Note. Under consideration packages are given below – All three packages will still be available to download from the NPM registry. “AIIDE-CU” was first published on February 14, 2025. It was downloaded by the user called “AIIDE”. The NPM…
09 May 2025Hacker NewsArtificial Intelligence / Safety Safety AI agents change a way to work business. They can answer the questions, automate tasks and create the best user impressions. But with this vigor comes new risks – such as data leaks, identity theft and malicious abuse. If your company is studying either already using AI agents, you need to ask: Are they safe? AI agents work with sensitive data and make decisions in real time. If they are not protected, the attackers can use them for theft of information, dissemination of misinformation or control systems. Join Michelle Agoskin, the product…