20 Top-Level Domain Names Abused by Hackers in Phishing Attacks
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Aggregator
Ivanti Workspace Control hardcoded key flaws expose SQL credentials
1 month 3 weeks ago
Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. [...]
Sergiu Gatlan
«Глухо, как в танке»: в Омске продолжаются перебои с интернетом
1 month 3 weeks ago
Жители обратились к Мизулиной.
Google CTF 2023 - v8box
1 month 3 weeks ago
V8 Sandbox Escape
Double Dash, Double Trouble: A Subtle SQL Injection Flaw
1 month 3 weeks ago
Can a simple dash character introduce a security risk? Discover how SQL line comments can open the door to unexpected injection vulnerabilities in several PostgreSQL client libraries!
The post Double Dash, Double Trouble: A Subtle SQL Injection Flaw appeared first on Security Boulevard.
Paul Gerste
Mastery Schools Notifies 37,031 of Major Data Breach
1 month 3 weeks ago
A ransomware attack on Mastery Schools, Philadelphia, has compromised personal information of 37,031 individuals, exposing sensitive data
Industrial Cybersecurity 2025: Key Takeaways from our Webinar
1 month 3 weeks ago
In a timely and candid webinar hosted by Axio, leading experts discussed what’s working (and what’s not) in industrial cybersecurity as we look toward 2025. Featuring insights from cybersecurity veteran
Read MoreThe post Industrial Cybersecurity 2025: Key Takeaways from our Webinar appeared first on Axio.
The post Industrial Cybersecurity 2025: Key Takeaways from our Webinar appeared first on Security Boulevard.
Axio
Hundreds of Russian devices hit by Rare Werewolf cryptomining attacks
1 month 3 weeks ago
The campaign has affected hundreds of Russian users, particularly targeting industrial enterprises and engineering schools, with additional victims reported in Belarus and Kazakhstan.
Massive Heroku outage impacts web platforms worldwide
1 month 3 weeks ago
Heroku is suffering a widespread outage that has lasted over six hours, preventing developers from logging into the platform and breaking website functionality. [...]
Lawrence Abrams
Ivanti Workspace Control Vulnerability Lets Attackers Remotely Exploit To Steal the Credential
1 month 3 weeks ago
Ivanti has released a critical security update for its Workspace Control software, patching three high-severity vulnerabilities that could allow attackers to compromise sensitive credentials. The vulnerabilities, identified as CVE-2025-5353, CVE-2025-22463, and CVE-2025-22455, affect versions of Ivanti Workspace Control prior to 10.19.10.0. CVE Number Description CVSS Score (Severity) CVE-2025-5353 A hardcoded key in Ivanti Workspace Control […]
The post Ivanti Workspace Control Vulnerability Lets Attackers Remotely Exploit To Steal the Credential appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Balaji
网络安全顶会——SP 2025 论文清单与摘要(中)
1 month 3 weeks ago
SP 2025 论文 cycle 2的论文清单补上
Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users
1 month 3 weeks ago
Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that's being propagated via fraudulent gaming websites.
"Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background," Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan
The Hacker News
Unlock the Power of Plixer One: AI-Driven Network Data Analysis
1 month 3 weeks ago
Plixer is live from Cisco Live 2025 at the San Diego Convention Center, and they’re ready to showcase the future of AI-driven network visibility. Join Peter Silva as he catches up with Nils Werner for a behind-the-scenes look at what attendees can expect at Booth 1940. The Plixer One platform continues to evolve as a […]
The post Unlock the Power of Plixer One: AI-Driven Network Data Analysis appeared first on Security Boulevard.
psilva
Poisoned npm Packages Disguised as Utilities Aim for System Wipeout
1 month 3 weeks ago
Backdoors lurking in legitimate-looking code contain file-deletion commands that can destroy production systems and cause massive disruptions to software supply chains.
Elizabeth Montalbano, Contributing Writer
Marks & Spencer Suffers Ransomware Attack by Scattered Spider Group
1 month 3 weeks ago
Scott Schober, Cyber Expert, Author of "Hacked Again," and CEO of Berkeley Varitronics Systems, sits down with host David Braue to discuss the ransomware attack that recently hit Marks & Spencer.
The post Marks & Spencer Suffers Ransomware Attack by Scattered Spider Group appeared first on Security Boulevard.
Lauren Yacono
Qilin
1 month 3 weeks ago
You must login to view this content
cohenido
Qilin
1 month 3 weeks ago
You must login to view this content
cohenido
AI is a data-breach time bomb, reveals new report
1 month 3 weeks ago
AI acts like Pac-Man—devouring sensitive data across clouds, apps, and copilots. Varonis analyzed 1,000 orgs and found 99% have exposed data AI can access, exposing them to data risks. [...]
Sponsored by Varonis
SSH Keys: The Most Powerful Credential You're Probably Ignoring
1 month 3 weeks ago
SSH keys enable critical system access but often lack proper management. This security blind spot creates significant risk through untracked, unrotated credentials that persist across your infrastructure.
Durgaprasad Balakrishnan
CISA 警告 ConnectWise ScreenConnect 漏洞被利用进行攻击
1 month 3 weeks ago
安全客