Tuesday, May 20, 2025

cyber security

New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials

A newly identified phishing campaign is targeting unsuspecting users by masquerading as urgent Zoom meeting invitations from colleagues. This deceptive tactic leverages the familiarity and trust associated with workplace...

New Hannibal Stealer Uses Stealth and Obfuscation to Evade Detection

A newly identified piece of malware, dubbed the "Hannibal Stealer," has emerged as a significant cybersecurity threat due to its advanced stealth mechanisms and...

Chinese APT Hackers Target Organizations Using Korplug Loaders and Malicious USB Drives

Advanced persistent threat (APT) groups with ties to China have become persistent players in the cyber espionage landscape, with a special emphasis on European...

Cache Timing Techniques Used to Bypass Windows 11 KASLR and Reveal Kernel Base

Cache timing side-channel attacks have been used to circumvent Kernel Address Space Layout Randomization (KASLR) on fully updated Windows 11 PCs, which is a...

Hackers Exploit AutoIT Scripts to Deploy Malware Targeting Windows Systems

Cybersecurity researchers have unearthed a sophisticated attack leveraging AutoIT, a long-standing scripting language known for its deep integration with Windows operating systems. Often compared to...

New Report Finds 67% of Organizations Experienced Cyber Attacks in the Last Year

A disturbing 67% of businesses in eight worldwide markets—the US, UK, Spain, the Netherlands, Germany, France, Belgium, and Ireland—reported having experienced cyberattacks in the...

Auth0-PHP Vulnerability Enables Unauthorized Access for Attackers

Critical security vulnerability has been discovered in the Auth0-PHP SDK that could potentially allow unauthorized access to applications through brute force attacks on session...

Active Exploitation of Ivanti EPMM Zero-Day Vulnerability in the Wild

Security researchers at The Shadowserver Foundation have identified active exploitation attempts targeting a critical zero-day vulnerability in Ivanti's Enterprise Mobility Management (EPMM) platform. The...

Hacker Arrested for Taking Over SEC Social Media to Spread False Bitcoin News

Alabama man has been sentenced to 14 months in prison for orchestrating a sophisticated SIM swap attack that allowed him to hijack the U.S....

Investigating Cobalt Strike Beacons Using Shodan: A Researcher’s Guide

Security researcher has revealed a robust method for gathering threat intelligence on Cobalt Strike beacons using Shodan and PowerShell, filling the gap left by...

Volkswagen Car Hack Exposes Owner’s Personal Data and Service Records

Tech-savvy Volkswagen owner has uncovered critical security flaws in the My Volkswagen app that potentially exposed sensitive personal data and vehicle information of thousands...