2025-07-01 • ANSSI • ANSSI • elf.goreshell Open article on Malpedia
Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts....
User claims to sell stolen Verizon and T-Mobile data for millions of users (online Verizon says data is old T-Mobile denies any breach and links to it.
The French cybersecurity agency identified Houken, a new Chinese intrusion campaign targeting various industries in France
The Federal Energy Regulatory Commission (FERC) has withdrawn its notice of inquiry and terminated the related rulemaking proceeding... The post FERC ends rulemaking on a CIP reliability standard,...
The Federal Bureau of Investigation (FBI) said that it has recently observed the cybercriminal group Scattered Spider expanding... The post FBI raises alarm over Scattered Spider targeting airline...
SSH Communications Security, a defensive cybersecurity company for humans, systems, and networks, announced on Tuesday its intention to... The post SSH enters into partnership agreement with...
Cybersecurity vendor Forescout Technologies announced Tuesday the appointment of Robert J. Skinner, USAF, retired, and cybersecurity and risk... The post Forescout strengthens advisory board, adds...
Our telemetry shows a surge in Windows shortcut (LNK) malware use. We explain how attackers exploit LNK files for malware delivery. The post Windows Shortcut (LNK) Malware Strategies appeared...
A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks.
The Treasury said that Aeza Group has provided infrastructure services for notorious infostealer and ransomware operators
NimDoor shows how threat actors are continuing to explore cross-platform languages that introduce new levels of complexity for analysts.
Microsoft has fixed a known bug that breaks the 'Print to PDF' feature on Windows 11 24H2 systems after installing the April 2025 preview update. [...]
More than 40 fake extensions in Firefox's official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data. [...]
Benefits admin specialist Kelly Benefits has revealed a breach impacting over 500,000 individuals across 45 client organizations
There are various approaches to managing vulnerabilities on cloud workloads, and knowing which vulnerability scan method to use is critical to your success. However, there isn’t a universally...
ESET Research analyzes Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed throughout 2024
Qantas admits that a “significant” volume of customer data may have been stolen from a contact center
Elon Musk-funded xAI is skipping Grok 3.5 and releasing Grok 4 after Independence Day in the United States. [...]
Microsoft is working to fix a DNS misconfiguration that is causing one-time passcode (OTP) message delivery failures in Exchange Online for some users. [...]
U.S. security agencies on Monday urged critical infrastructure operators to stay alert for possible cyberattacks by Iranian state-sponsored... The post Critical infrastructure warned of rising...
This story was produced in partnership with Agence France-Presse (AFP). In a field near the small town of Bezymenne in southern Ukraine, Viktoria Shynkar carefully picks out a narrow path through...
By Salleh Kodri, SE Regional Manager, Cyble ASEAN is going full throttle on digital growth. From cross-border e-commerce and AI deployments to digital identity and smart cities, the region is...
Australia's national carrier, Qantas Airways Limited, has revealed a cybersecurity incident. The Qantas cyberattack was traced to unauthorized access through a third-party customer service...
Secure Siemens connectivity with user authentication and TLS is now available in dataFEED OPC Suite 5.50.
On 2025-07-02, a campaign was reported, involving an unknown actor, gaining initial access via Software misconfig, targeting JDWP, TeamCity to achieve Resource hijacking. The following tools were...
Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic's Model Context Protocol (MCP) Inspector project that could result in...
The citizen app for anonymously reporting ICE agents and raids went viral after criticism from the U.S. Attorney General.
Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed delivering a loader dubbed TransferLoader....
Managed service providers (MSPs) have seen their portfolios expand significantly over the past decade, from primarily handling the nuts and bolts of systems to becoming frontline defenders in an...