Author: Admin
May 12, 2025.Red LakshmananMalicious software / artificial intelligence Actors threats were observed for the use of fake tools that support artificial intelligence (AI) as a bait to attract users to download the theft of malicious software called Emergency. ‘Instead of relying on traditional phishing or hacked software sites, they build convincing AI-thematic platforms – Note In a report published last week. Messages that are divided into these pages have been found to attract more than 62,000 views on one message, indicating that users looking for AI -to -editing tools are the goals of this company. Some of the fake pages…
10 May 2025Red LakshmananCryptocurrency / cybercrime The Federal Criminal Police of Germany (aka Bundeskriminalamt or BKA) have seized the Internet infrastructure and shut -off with Exchange of cryptocurrencies over charges of money laundering and the operation of the criminal trading platform. The operation was carried out on April 30, 2025, the authorities said, adding that they also seized 8 terabytes worth 34 million euros (38.25 million dollars) at Bitcoin, Ether, Litecoin and Dash. According to BKA, CX (.) CX has existed since 2014 and offered to replace cryptocurrencies, allowing its users to share digital assets. It was available both in…
10 May 2025Red LakshmananBiometric data / privacy Google has agreed to pay the US states of nearly $ 1.4 billion to resolve two lawsuits that accused the company tracking the users’ personal location and maintain a person’s recognition data without consent. Payment of $ 1.375 billion paid that the technological giant paid for the settlement of such lawsuits brought by other US states. In November 2022 he paid 391 million dollars to a group of 40 states. In January 2023 he paid $ 29.5 million to Indiana and Washington. Later in September he dispersed another 93 million dollars To settle…
North Korean subjects threats Increased interview The company was observed using updated versions of the interplatform malicious program called Ottercookie with opportunities to steal the credentials in web browsers and other files. NTT Security Holdings which minute The new conclusions said that the attackers “actively and constantly” updated malicious software, presenting versions of V3 and V4 in February and April 2025, respectively. The Japanese Cybersecurity Company is tracking cluster called DiverAlso known as CL-Sta-0240, DepeptiveVevelopment, Dev#Popper, Famous Chollima, Purplebravo and Pungson’s Honor. Ottercookie was First documented NTT last year after watching it in the attacks since September 2024. Delivered by…
A joint operation on law enforcement agencies conducted by the Dutch and US authorities dismantled the criminal network of proxy, which works on thousands of infected Internet things (IoT) and the devices of the end of life (EOL), engaging them in Bottet for the provision of anonymous actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chrtkov, 37, Kirill Vladimirovich Morozov, 41, Aleksandrovich Shishkin, 36, and Dmitriy Rubtsov, 38, 36, 36, 36, 36, 36. National, Have Been accuse The US Department of Justice (Doj) on exploitation, maintenance and profit from proxy. DOJ noted that users paid a monthly…
09 May 2025Red LakshmananAttack of supply chain / malicious software Cybersecurity researchers have indicated three malicious NPM packages that are designed to focus on the Apple MacOS Cursor version, a popular Apple MacOS source. “Demanded into the developer tools offering” the cheapest API cursor “, these packages steal users’ powers, get encrypted useful load from infrastructure controlled by the threat – Note. Under consideration packages are given below – All three packages will still be available to download from the NPM registry. “AIIDE-CU” was first published on February 14, 2025. It was downloaded by the user called “AIIDE”. The NPM…
09 May 2025Hacker NewsArtificial Intelligence / Safety Safety AI agents change a way to work business. They can answer the questions, automate tasks and create the best user impressions. But with this vigor comes new risks – such as data leaks, identity theft and malicious abuse. If your company is studying either already using AI agents, you need to ask: Are they safe? AI agents work with sensitive data and make decisions in real time. If they are not protected, the attackers can use them for theft of information, dissemination of misinformation or control systems. Join Michelle Agoskin, the product…
09 May 2025Red LakshmananMalicious software / email safety Cybersecurity researchers have warned of a new campaign aimed at Portuguese users in Brazil with a trial version of commercial software for remote monitoring and management (RMM) since January 2025. “In the SPAM message used Brazilian Electronic Account System – Note In the report on Thursday. Attack networks start with a specially designed spam -electronic letters that claim that they come from financial institutions or cellphone media, preferred accounts or payable payments to fool users to press Bogus Dropbox links indicating the binary installer for the RMM instrument. Two notable RMM tools…
09 May 2025Red LakshmananArtificial Intelligence / Fraud online Google on Thursday announced that it was unfolding with a new artificial intelligence (AI) that works in combating Chrome, Search and Android scams. The technical giant said he would start using Gemini nanoits a great linguistic model on your device (LLM) to improve Safe view In Chrome 137 on the working stacks. “The approach to the device gives an instant understanding of risky sites and allows us to offer protection, even from scams that have not been seen before. LLM Gemini Nano is ideal for this use due to the ability to…
09 May 2025Red LakshmananVulnerability / industrial security Chinese unnamed actor threatened called CHAYA_004 It was noted that a recently disclosed security lack of SAP Netwaver was used. The forecast sees the lab, in report Published today, it is said that it has revealed a malicious infrastructure, which is probably related to the hacking group that enhances the CVE-2025-31324 (CVSS: 10.0) from 29 April 2025. The CVE-2025-31324 refers to the critical lack of SAP Netweaver, which allows the attackers to reach the remote code (RCE) by downloading the web for the sensitive “/development/methodology” “final point”. The vulnerability was First specified As…