GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration
GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data
Information Security Magazine
Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI
1 month 2 weeks ago
Cryptocurrency scams alone cost victims over $7 billion, while AI-enabled fraud threats are on the rise, says FBI
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
1 month 2 weeks ago
Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware
Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited
1 month 2 weeks ago
Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced
New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
1 month 2 weeks ago
A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated phishing platform called Venom
New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
1 month 2 weeks ago
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
1 month 2 weeks ago
The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
1 month 2 weeks ago
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
1 month 2 weeks ago
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
Researchers Observe Sub-One-Hour Ransomware Attacks
1 month 2 weeks ago
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour
Most CNI Firms Face Up to £5m in Downtime from OT Attacks
1 month 2 weeks ago
E2e-assure says 80% of critical infrastructure providers could face millions in downtime from cyber-attacks
Google Introduces Android Dev Verification Amid Openness Debate
1 month 2 weeks ago
Android requires dev identity verification for sideloaded apps; phased global rollout from September
New Venom Stealer MaaS Platform Automates Continuous Data Theft
1 month 2 weeks ago
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
Chinese Hackers Target European Governments in Espionage Campaigns
1 month 2 weeks ago
Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint
Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year
1 month 2 weeks ago
Most UK manufacturers compromised last year suffered financial loss, says ESET
Hackers Hijack Axios npm Package to Spread RATs
1 month 2 weeks ago
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn
Maryland Man Charged Over $53m Uranium Finance Crypto Hack
1 month 3 weeks ago
Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds
Phantom Project Bundles Infostealer, Crypter and RAT For Sale
1 month 3 weeks ago
Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service
ChatGPT Security Issue Enabled Data Theft via Single Prompt
1 month 3 weeks ago
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
1 month 3 weeks ago
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
Checked
2 hours 50 minutes ago