North Korean threat actors use JSON sites to deliver malware via trojanized code
North Korean threat actors use JSON sites to deliver malware via trojanized code Pierluigi Paganini November 17, 2025 North Korean Contagious Interview actors now host…
Latest Cybersecurity News — Page 1244
View all →
New MobileGestalt Exploit for iOS 26.0.1 Enables Unauthorized Writes to Protected Data
A sandbox escape vulnerability affecting iPhones and iPads running iOS 16.2 beta 1 or earlier versions. The proof-of-concept (POC) exploits weaknesses in the itunesstored and…
AI-driven dynamic endpoint security is redefining trust
The network perimeter no longer exists. Employees are as likely to log in from a coffee shop or airport lounge as from a corporate office.…
North Korean Hackers Infiltrated 136 U.S. Companies to Generate $2.2 Million in Revenue
The U.S. Justice Department announced major actions against North Korean cybercrime, including five people admitting guilt and the government taking more than $15 million in…
Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet
A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to…
Getting started with agentic AI
A study by Boston Consulting Group (BCG) suggests that organisations that lead in technology development are gaining a first-mover advantage when it comes to artificial…
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025 Pierluigi Paganini November 17, 2025 RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893…
The researcher’s desk: FortiWeb Authentication Bypass (CVE-2025-64446)
Welcome to The researcher’s desk – a content series where the Detectify security research team conducts a technical autopsy on vulnerabilities that are particularly interesting,…
Unremovable Spyware on Samsung Devices Comes Pre-installed on Galaxy Series Devices
Samsung has been accused of shipping budget Galaxy A and M series smartphones with pre-installed spyware that users can’t easily remove. The software in question,…
The next tech divide is written in AI diffusion
AI is spreading faster than any major technology in history, according to a Microsoft report. More than 1.2 billion people have used an AI tool…
Hackers Allegedly Claim Leak of LG Source Code, SMTP, and Hardcoded Credentials
A threat actor known as “888” has purportedly dumped sensitive data stolen from electronics giant LG Electronics, raising alarms in the cybersecurity community. The breach,…
The tech that turns supply chains from brittle to unbreakable
In this Help Net Security interview, Sev Kelian, CISO and VP of Security at Tecsys, discusses how organizations can strengthen supply chain resilience through a…