Darcula PhaaS steals 884,000 credit cards via phishing texts
The Darcula phishing-as-a-service (PhaaS) platform stole 884,000 credit cards from 13 million clicks on malicious links sent via text messages to targets worldwide. The cyber…
Latest Cybersecurity News — Page 2076
View all →
Transport for NSW expands SAP Ariba usage
Transport for NSW is expanding its SAP Ariba service to improve supplier vetting in its procurement activities. The transport department intends to implement SAP Ariba’s…
DOD plans to fast-track software security reviews
Dive Brief: The Department of Defense is streamlining its software-procurement approval process. The Pentagon on Monday announced that its “Software Fast Track Initiative” would define…
New “Bring Your Own Installer” EDR bypass used in ransomware attack
A new “Bring Your Own Installer” EDR bypass technique is exploited in attacks to bypass SentinelOne’s tamper protection feature, allowing threat actors to disable endpoint detection…
MediaTek Fixes Multiple Security Flaws in Smartphone, Tablet, and TV Chipsets
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak…
Microsoft finds default Kubernetes Helm charts can expose data
Microsoft warns about the security risks posed by default configurations in Kubernetes deployments, particularly those using out-of-the-box Helm charts, which could publicly expose sensitive data.…
Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000
A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating…
Unofficial Signal app used by Trump officials investigates hack
TeleMessage, an Israeli company that sells an unofficial Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being…
LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands
The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant threat, employing the cunning “ClickFix” social engineering technique to compromise…
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
May 05, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to…
Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials
The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent Tribe (APT36) targeting Indian Government and Defense personnel. This operation,…
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
May 05, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay protocol that, if successfully exploited,…