FBI Alerts Law Firms to Luna Moth’s Stealth Phishing Campaign
May 27, 2025Ravie LakshmananData Breach / Social Engineering The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal…
Month: May 2025
UK eVisa: Ethical or harmful?
Thank you for joining! Access your Pro+ Content below. 27 May 2025 UK eVisa: Ethical or harmful? Share this item with your network: In this…
Arm Mali GPU Vulnerability Enables Bypass of MTE and Arbitrary Kernel Code Execution
A critical vulnerability, identified as CVE-2025-0072, has been discovered in the Arm Mali GPU driver, posing a significant threat to devices with newer Mali GPUs…
Nova Scotia Power confirms it was hit by ransomware
Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom Pierluigi Paganini May 27, 2025 Nova Scotia Power confirms it…
Hackers Exploit HTTP/2 Flaw to Launch Arbitrary Cross-Site Scripting Attacks
A groundbreaking study from Tsinghua University and Zhongguancun Laboratory has uncovered critical vulnerabilities in modern web infrastructure, revealing that HTTP/2 server push and Signed HTTP…
Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents
May 27, 2025Ravie LakshmananMalware / Threat Intelligence The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled…
Crooks stole +$200 million from crypto exchange Cetus Protocol
Crooks stole over $200 million from crypto exchange Cetus Protocol Pierluigi Paganini May 27, 2025 Cetus Protocol reported a $223 million crypto theft and is…
How Google Meet Pages Are Exploited to Deliver PowerShell Malware
A new wave of cyberattacks exploits user trust in Google Meet by deploying meticulously crafted fake meeting pages that trick victims into running malicious PowerShell…
4.5% of breaches now extend to fourth parties
Security teams can no longer afford to treat third-party security as a compliance checkbox, according to SecurityScorecard. Traditional vendor risk assessments, conducted annually or quarterly,…
How AI agents reshape industrial automation and risk management
In this Help Net Security interview, Michael Metzler, Vice President Horizontal Management Cybersecurity for Digital Industries at Siemens, discusses the cybersecurity implications of deploying AI…
How well do you know your remote IT worker?
Is the remote IT worker you recently hired really who he says he is? Fake IT workers are slipping into companies around the world, gaining…
Threat Actors Deploy Database Client Tools on Targeted Systems to Exfiltrate Sensitive Data
Cybersecurity experts have noted an increase in data breaches where threat actors are directly querying internal databases to steal sensitive information. Unlike traditional malware-based attacks,…