Weaponized Malwarebytes, LastPass, Citibank, SentinelOne, and Others on GitHub Deliver Malware
24
Sep
2025

Weaponized Malwarebytes, LastPass, Citibank, SentinelOne, and Others on GitHub Deliver Malware

In recent weeks, cybersecurity teams have observed a surge in malicious GitHub repositories masquerading as legitimate security and financial software….

UK Police Arrest Suspect Tied to Ransomware Attack on European Airports
24
Sep
2025

UK Police Arrest Suspect Tied to Ransomware Attack on European Airports

A person in his forties has been arrested in connection with a cyber-attack that caused days of disruption at several…

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models
24
Sep
2025

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system…

McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists
24
Sep
2025

McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists

A review of police surveillance of journalists, lawyers and non-governmental organisations (NGOs) has found that police in Northern Ireland failed…

Boyd Gaming casino data breach
24
Sep
2025

Hackers Target Casino Operator Boyd Gaming

Casino entertainment company Boyd Gaming has disclosed a data breach after hackers gained access to its internal IT systems.  Boyd…

The Desync Delusion: Are You Really Protected Against HTTP Request Smuggling?
24
Sep
2025

Welcome to AI pentesting – add on-demand AI assistance directly to your workflow with new, agentic Burp AI capabilities | Blog

Amelia Coen | 24 September 2025 at 14:17 UTC Whether you’re navigating a client pentest or chasing a bounty target,…

China-linked groups using stealthy malware to hack software suppliers, steal national-security and trade data
24
Sep
2025

China-linked groups using stealthy malware to hack software suppliers, steal national-security and trade data

Listen to the article 5 min This audio is auto-generated. Please let us know if you have feedback. WASHINGTON — Highly…

Top FBI official says Chinese reliance on domestic firms for hacking is a weakness
24
Sep
2025

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign

Ambitious, suspected Chinese hackers with a slew of goals — stealing intellectual property, mining intelligence on national security and trade,…

Google: Brickstone malware used to steal U.S. orgs
24
Sep
2025

Brickstone malware used to steal U.S. orgs’ data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and…

New North Korean IT Worker With Innocent Job Application Get Access to Organization’s Network
24
Sep
2025

New North Korean IT Worker With Innocent Job Application Get Access to Organization’s Network

In recent months, a sophisticated threat actor leveraging North Korean IT worker employment fraud has surfaced, demonstrating how social engineering…

Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads
24
Sep
2025

Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads

Security researchers have discovered a wave of attacks that use in-memory PE loaders to slip past endpoint detection and response (EDR) systems….

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service
24
Sep
2025

ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service

Cybersecurity researchers at Darktrace have identified a new botnet called ShadowV2 is structured as a DDoS-for-hire service, offering attackers an…