Author: Admin
Thousands of personal records that are allegedly linked to athletes and visitors to the Saudi Games were published on the Internet by the Praisian Khactivist group called Cyber Fattah. Cybersecurity company said the violation was announced on Telegram on June 22, 2025 in the form of a SQL database, characterizing it as an information operation “conducted by Iran and its trusted persons.” “Actors have received unauthorized access to PHPMYADMIN (Backend) and explicit records,” renewable security – Note. “This is an example of Iran, which uses data violations within a major anti-American, anti-Israel and anti-Saudi propaganda activity in cyberspace, focusing on…
June 25, 2025Red LakshmananVPN Safety / Malicious Software Unknown threat subjects spread the Treanized version of the SonicWall SSL VPN NEExtender app to steal the credentials into unintelligible users who may have installed it. “Netextender allows remote users to securely connect and run applications on the company network,” Sonicwall Sravan Ganachari researcher – Note. “Users can download and upload files, access network drives and use other resources as if they were on the local network.” A malicious useful load put through Rogue VPN software Silentroute Microsoft, which discovered the company along with the network security company. Sonicwall said Netextender, laid…
June 25, 2025Red LakshmananMalicious software / open source Cybersecurity researchers have discovered a fresh batch of malicious NPM -related NPM packages Increased interview Operation that comes from North Korea. According to SocketThe permanent supply chain attack provides 35 malicious packages that have been loaded with 24 NPM accounts. These packages have been combined more than 4000 times. A full list of JavaScript libraries is below – Reactively outlined-SDK Sumbub-Node-Websdk Vite-Plugin-NEXT-REFRESS Vite-Plugin-Purify NEXTJS-INSIM Knowledge-pelv nodes reaction-logs ReactBootstraps Framer-Motion-Elect Serverlog-Dispatch Mongo-ROROG Next Log Patter Vite-Plugin-Tools pixel-procedure Test-Topdev-Logger-V1 Test-Topdev-Logger-V3 Server-flash Logbin-Nodejs Vite-LAADER-SVG Structural-flag flexible-lagers Beautiful plugins Chalk-configuration jsonpacks jsonspecific Jessecs Util-Buffers blurred miles…
June 25, 2025Red LakshmananSafety of the final points / IT -management Microsoft on Tuesday announced that it expands expanded Windows 10 security updates (Es) For an extra year, allowing users either paying a small $ 30 fee, or sync PC settings in the cloud. Development goes ahead of the upcoming technological giant October 14, 2025, termWhen it plans to officially stop support and stop providing security updates for devices running on Windows 10. The desktop operating system was launched in July 2015. The Windows manufacturer describes ESU as “the last resort option” for customers who need to launch Legacy Microsoft…
June 24, 2025Red LakshmananSocial Media / Privacy The US Embassy in India has announced that the applicants for F, M and J non -immigration visas have to make their accounting records in social media publicly. The new guidelines seek to help officials check the identity and right of the applicants provided by the US law. The US Embassy stated that each visa review review is a “national security decision”. “It comes into force immediately, all persons who seek visa F, M or J, non -immigrants are asked to set up privacy settings on all their personal accounts in social media…
June 24, 2025Red LakshmananVulnerability / malicious software Unknown threats were observed on publicly exposed Microsoft Exchange servers to introduce malicious code into the entry pages that collect their powers. Positive technology in a new analysis published last week, – Note He identified two different types of Keylogger code written on JavaScript on the Outlook login page – The ones that store the collected data to the local file available over the Internet Those who immediately sends the collected data to the external server Russian cybersecurity supplier said the attacks were aimed at 65 victims in 26 countries, and is reported…
June 24, 2025Red LakshmananMalicious software / cryptocurrency Cybersecurity researchers described two new methods that can be used to violate Cryptocurrency mining Botnets. Methods use the design of various common Prey topology To close mining processAkamai said in a new report published today. “We have developed two methods using mining -tags and policies in the pool that allow us to reduce Botnet Cryptominer’s efficiency to fully close it, which causes the attacker to make radical changes to your infrastructure or even refuse – Note. Methods said web -infrastructure depends on operation Layer Mining protocol in such a way that it causes…
June 24, 2025Red LakshmananCriminal software / intelligence threats The emergency response team in Ukraine (CERT-UA) has prevent A new cyberattack company in Russia, associated with Russia, APT28 (AKA UAC -0001), using signal messages for the delivery of two new families malware called Beardhell and Covenant. BeardShell, for the Cert-Ua, written in C ++ and offers the ability to download and execute PowerShell scripts, and download the performance results on a remote server via ICedrive API. The agency said Beardhell first watched, as well as a screenshot tool called Slimagent, as part of the incident’s response efforts in March 2024 in…
June 24, 2025Red LakshmananManage the threat of exposure I had the honor to hold the first episode of the podcaso Xpoision Live from Summit Xpoision 2025. And I couldn’t ask for the best panel: three cybersecurity executives who don’t just talk, they live. Let me submit them. Alex delayedCISO in IDB Bank knows what to protect the high -regulated environment. Ben midCybersecurity Director of Avity Biosciences brings a promising safety perspective that reflects the innovation that lying for the purposeful Avitude RNA therapy. And last but no less important, Michael FranceThe cybersecurity director who has threatened at Wyndham hotels and…
June 24, 2025Red LakshmananCloud Security / Kryptoja Doker’s misconceptions are the purpose of the company that uses the Tor anonymity network to make the mining of the mine confidently shake under sensitive conditions. “The attackers exploit incorrectly configured API Docker to access container conditions, and then using Tor to mask their activities when deploying crystals, Trend Micro Researchers Sunil Bharti and Shubham Singhh – Note in an analysis published last week. When using Tor, the idea is to unanimized their origin during the mounting of the miner on the impaired systems. The attacks according to the cybersecurity campaign begin with…