Hackers use fake Ledger apps to steal Mac users’ seed phrases
Cybercriminal campaigns are using fake Ledger apps to target macOS users and their digital assets by deploying malware that attempts to steal seed phrases that…
Month: May 2025
Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware
Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in Cityworks, a widely used asset management system. This critical flaw…
Database Leak Reveals 184 Million Infostealer-Harvested Emails and Passwords
Cybersecurity researcher Jeremiah Fowler discovered a misconfigured cloud server containing a massive 184 million login credentials, likely collected using infostealer malware. Cybersecurity researcher Jeremiah Fowler…
US, allies recommend security protections for AI models
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Companies designing AI systems should…
Police arrests 270 dark web vendors, buyers in global crackdown
Police arrested 270 suspects following an international law enforcement action codenamed ‘Operation RapTor’ that targeted dark web vendors and customers from ten countries. National authorities…
Hackers Deploy Weaponized npm Packages to Target React and Node.js JavaScript Frameworks
Socket’s Threat Research Team, a series of malicious npm packages have been found lurking in the JavaScript ecosystem for over two years, amassing more than…
How Agentic AI Empowers Lean Security Teams to Combat Cyber Threats
22 May How Agentic AI Empowers Lean Security Teams to Combat Cyber Threats Posted at 11:46h in Blogs by Taylor Fox Empowering Lean Security Teams…
Unpatched Windows Server vulnerability allows full domain compromise
A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The…
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
May 22, 2025Ravie LakshmananVulnerability / Threat Intelligence A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability…
Microsoft raises posse to target dangerous Lumma malware
A broad coalition of technology partners and law enforcement agencies, spearheaded by Microsoft’s Digital Crimes Unit (DCU), has disrupted the dangerous Lumma Stealer malware-as-a-service (MaaS)…
Ohio’s Kettering Health hit by cyberattack
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Kettering Health is facing a…
Senators revive bill to harmonize conflicting cybersecurity regulations
A bipartisan Senate duo is reintroducing legislation Thursday that would establish an executive branch panel to align conflicting cybersecurity regulations on the private sector. Michigan…