Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
Feb 28, 2025Ravie LakshmananAPI Security / AI Security Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise…
Month: February 2025
Major UK banks hit by payday digital banking problems again
Customers of multiple banks have reported problems banking online, as they struggle to access services on payday for the second month running. The problems came…
Cisco fixed command injection and DoS flaws in Nexus switches
Cisco fixed command injection and DoS flaws in Nexus switches Pierluigi Paganini February 28, 2025 Cisco addressed command injection and denial-of-service (DoS) vulnerabilities in some…
Man Jailed 24 Years for Running Dark Web CSAM Sites from Coffee Shop
Louis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via Dark Web and other online networks after…
New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable new threat: “Pass-the-Cookie” attacks. Recent findings reveal from Long Wall shows that…
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
Feb 28, 2025Ravie LakshmananFinancial Fraud / Cyber Espionage The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and…
How to Protect Your Digital Identity While Gaming Online
Playing games online provides entertainment but exposes you to specific dangers during gameplay. Hackers and scammers specifically target your personal data, payment specifics, and gaming…
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings…
NHS staff lack confidence in health service cyber measures
Frontline and backend NHS staff alike all understand the role they have to play in protecting Britain’s health service from cyber threats, but only a…
PingAM Java Agent Vulnerability Allows Attackers to Bypass Security
A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s PingAM Java Agent, potentially enabling attackers to bypass policy enforcement and…
Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to infiltrate organizations across Europe, Africa,…
CVE-2025-27364 In MITRE Caldera: Critical RCE Vulnerability
CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw…