Aggregator

无接触支付，真的安全吗？

As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the Dark Web.

The Anti-Phishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloading malware.

Microsoft has released a critical security update for Edge Stable Channel on July 1, 2025, addressing a severe vulnerability that cybercriminals have actively exploited.  The latest Microsoft Edge Stable Channel Version 138.0.3351.65 incorporates crucial security patches from the Chromium project, including an urgent fix for CVE-2025-6554, which security researchers have confirmed is being exploited in […]

The post Urgent Update: Microsoft Edge Fixes Actively Exploited Chromium Vulnerability appeared first on Cyber Security News.

Oud-defensieminister Wim van Eekelen is woensdag 25 juni in Den Haag overleden. Hij werd 94 jaar. In de landelijke kranten betuigde Defensie gisteren haar medeleven met de nabestaanden.

Currently trending CVE - Hype Score: 3 - Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.

Currently trending CVE - Hype Score: 1

A major security vulnerability in the Android spyware operation Catwatchful has exposed the complete database of over 62,000 customer accounts, including plaintext passwords and email addresses, according to a security researcher who discovered the breach in June 2025. Canadian cybersecurity researcher Eric Daigle uncovered the vulnerability through a SQL injection attack that allowed him to […]

The post Android Spyware Catwatchful Exposes Credentials of Over 62,000+ Customer Accounts appeared first on Cyber Security News.

Dylan, 13, has accomplished a remarkable achievement by becoming the youngest security researcher to work with the Microsoft Security Response Center (MSRC), leaving his mark on the history of cybersecurity. His journey from tinkering with Scratch, a visual programming language for creating games, to identifying critical vulnerabilities in Microsoft products showcases a rare blend of […]

The post 13-Year-Old Dylan Joins Forces with Microsoft Security Response Center as the Youngest Security Researcher appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Умная книга из «Алмазного века» уже стала реальностью. Но хорошая ли это новость?

Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Security.

“After careful consideration and in light of recent developments, we have decided to close the Hunters International project,” the prolific cybercrime gang wrote on its darknet site.

A new malware loader dubbed “BUBBAS GATE” has surfaced on underground forums and Telegram channels, drawing attention for its bold claims of advanced evasion capabilities, including bypassing Microsoft’s SmartScreen and modern AV/EDR solutions. The loader was first advertised on June 22, 2025, with the threat actor touting a suite of features designed to evade detection and maximize […]

The post New ‘BUBBAS GATE’ Malware Advertised on Telegram Boasts SmartScreen and AV/EDR Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Popular AI chatbots powered by large language models (LLMs) often fail to provide accurate information on any topic, but researchers expect threat actors to ramp up their efforts to get them to spew out information that may benefit them, such as phishing URLs and fake download pages. Surfacing incorrect, potentially malicious URLs SEO poisoning and malvertising has made searching for login pages and software via Google or other search engines a minefield: if you don’t … More →

The post You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code appeared first on Help Net Security.

The sudden emergence of the “TeamsPhantom” malware in early June rattled school districts and multinational corporations alike. Masquerading as a harmless Microsoft Teams plug-in, the threat weaponized legitimate meeting invitations to sideload a multi-stage loader that siphoned Azure AD refresh tokens and session cookies. Within forty-eight hours, telemetry showed probing activity on more than 24,000 […]

The post 13-Year-Old Dylan – Youngest Security Researcher Collaborates with Microsoft Security Response Center appeared first on Cyber Security News.

Microsoft has officially confirmed that its recent Windows 11 update, KB5060829, is causing unexpected error entries in the Windows Firewall With Advanced Security logs. The company has assured users and IT administrators that these errors, while potentially alarming, do not indicate any malfunction or security risk and can be safely ignored. Following the installation of […]

The post Microsoft Acknowledges Error Entry in Windows Firewall With Advanced Security appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Let’s Encrypt, a leading certificate authority (CA) known for providing free SSL/TLS certificates since 2015, has issued its first-ever certificate for an IP address. This development, announced earlier in January, marks a significant step in expanding secure communication options for Internet infrastructure. The organization is now rolling out this feature gradually to its subscribers, with […]

The post Let’s Encrypt Expands to Issue SSL/TLS Certificates for IP Addresses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The popular artificial intelligence tools, including GPT models and Perplexity AI, are inadvertently directing users to phishing websites instead of legitimate login pages.  The study found that when users ask these AI systems for official website URLs, over one-third of the responses point to domains not controlled by the intended brands, creating unprecedented security vulnerabilities […]

The post AI Tools Like GPT Direct Users to Phishing Sites Instead of Legitimate Ones appeared first on Cyber Security News.

Дипфейки калечат не только счета, но и души.