2025-04-29 • LinkedIn (Ethical Hackers Academy) • Ethical Hackers Academy • js.fakeupdates, win.ransomhub Open article on Malpedia

2025-04-29 • Recorded Future • Insikt Group • js.fakeupdates, js.mints_loader, win.stealc Open article on Malpedia

Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command execution. [...]

Alongside its new Meta AI app, Facebook’s parent company launched several new products to help secure open-source AI applications

Follow me to catch the top #RSAC moments you may have missed

A misconfigured, non-password-protected database belonging to TicketToCash exposed data from 520,000 customers, including PII and partial financial details.…

SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed...

Smarter TV operating systems bring added convenience - but also new privacy concerns, especially from automatic content recognition (ACR), which quietly tracks everything you watch.

Loading legitimate system drivers from illegitimate or suspicious directories is a known tactic for persistence, evasion, or execution by adversaries. One high-value target in this category is...

Loading legitimate system drivers from illegitimate or suspicious directories is a known tactic for persistence, evasion, or execution by adversaries. One high-value target in this category is...

Potentially Unwanted Applications (PUAs) like NimScan are increasingly used by adversaries during the reconnaissance phase to map open ports or identify network assets. Detecting their execution...

Threat actors are bypassing MFA with adversary-in-the-middle attacks via reverse proxies. Phishing-as-a-Service tools like Evilproxy make these threats harder to detect.

Although passkeys remain an evolving ecosystem, we'd be wise to embrace tomorrow's authentication standard today. Here are ZDNET's 10 recommendations for reaching passkey paradise.

The ICO has decided not to fine the British Library for a 2023 ransomware breach

When malware like the Kalambur backdoor leverages native tools like curl.exe to route traffic through TOR, defenders need visibility at the process and command-line level. But in tools like...

One of the more advanced tactics in attacker playbooks is tampering with event log configurations to erase traces of compromise. Detecting such attempts via Windows Registry modifications is...

CrushFTP is a popular file transfer application, but in the wrong hands, it can become a stealthy foothold for lateral movement. A process like crushftpservice.exe spawning common Windows binaries...

File transfer services like CrushFTP are critical for business operations—but they can also be leveraged as stealthy launchpads for post-exploitation activity. When a server process such as...

In modern cyberattacks, attackers rely not only on payloads but also on clever evasion techniques. One of the most subtle methods? Whitespace padding in command-line arguments—a tactic often used...

According to Bloomberg, the increasingly popular AI framework can vastly increase your chances of getting dangerous answers. What can you do?

With password best practices continuing to evolve, now's a good time for a refresher. Consider this your annual cybersecurity to-do list.

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community

The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event

The French foreign ministry has attributed a series of cyberattacks on national interests to APT28, a group linked... The post French Foreign Ministry blames Russian GRU-linked APT28 for...

Honeywell published its AI in the Energy Industry pulse survey, which reveals that the majority of participating U.S.... The post Honeywell survey finds AI poised to play critical role in energy...

The International Society of Automation (ISA) announced that UL Solutions has received full accreditation from the International Accreditation... The post UL Solutions earns ISASecure...

Exposure management company Tenable announced the appointment of Eric Doerr as Chief Product Officer (CPO). Doerr brings nearly... The post Tenable appoints Eric Doerr as chief product officer to...

EUCC (EU Common Criteria) and the Cyber Resilience Act There were two inconspicuous developments in February and March... The post Mandatory, externally verified cybersecurity certificates are...

For years, North Korea has been secretly placing young IT workers inside Western companies. With AI, their schemes are now more devious—and effective—than ever.

In March 2025, almost 55k records were breached from the Hungarian education office website TehetségKapu. The data was subsequently published to a popular hacking forum and included email...