Chat App Used by Trump Admin Suspends Operation Amid Hack
TM SGNL, a chat app by US-Israeli firm TeleMessage used by Trump officials, halts operations after a breach exposed messages and backend data. A data…
Month: May 2025
Qld government scales up generative AI usage
Over 14,000 Queensland public service workers have adopted the state government’s generative AI tool, QChat, nearly a year after it became fully operational. The Azure…
Darcula PhaaS steals 884,000 credit cards via phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. The cyber…
Transport for NSW expands SAP Ariba usage
Transport for NSW is expanding its SAP Ariba service to improve supplier vetting in its procurement activities. The transport department intends to implement SAP Ariba’s…
DOD plans to fast-track software security reviews
Dive Brief: The Department of Defense is streamlining its software-procurement approval process. The Pentagon on Monday announced that its “Software Fast Track Initiative” would define…
New “Bring Your Own Installer” EDR bypass used in ransomware attack
A new “Bring Your Own Installer” EDR bypass technique is exploited in attacks to bypass SentinelOne’s tamper protection feature, allowing threat actors to disable endpoint detection…
MediaTek Fixes Multiple Security Flaws in Smartphone, Tablet, and TV Chipsets
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak…
Microsoft finds default Kubernetes Helm charts can expose data
Microsoft warns about the security risks posed by default configurations in Kubernetes deployments, particularly those using out-of-the-box Helm charts, which could publicly expose sensitive data.…
Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000
A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating…
Unofficial Signal app used by Trump officials investigates hack
TeleMessage, an Israeli company that sells an unofficial Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being…
LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands
The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant threat, employing the cunning “ClickFix” social engineering technique to compromise…
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
May 05, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to…