Aggregator

A new phishing campaign targeting Japanese Pocket Card users has been uncovered by Symantec. The attackers are employing sophisticated tactics to deceive cardholders into divulging their login credentials, potentially compromising their financial accounts. Japanese Cardholders at Risk of Credential Theft The phishing operation begins with fraudulent emails masquerading as official notifications from Pocket Card’s online […]

The post Pocket Card Users Targeted in Sophisticated Phishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent report from Trend Micro has revealed that a new variant of the Albabat ransomware now targets Linux and macOS platforms, marking a significant expansion in its capabilities. Previously limited to Windows systems, this updated strain demonstrates the evolving sophistication of ransomware threats. The malware is still under active development, with its multi-OS functionality […]

The post Albabat Ransomware Expands Reach to Target Linux and macOS Platforms appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cary, NC, Mar. 24, 2025, CyberNewswire –– INE Security, a global provider of cybersecurity training and certification, today announced its initiative to spotlight the increasing cyber threats targeting healthcare institutions.

In recognition of National Physicians Week 2025, … (more…)

The post News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches first appeared on The Last Watchdog.

The post News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches appeared first on Security Boulevard.

More than 40% of all Internet-facing container orchestration clusters are at risk.

Speaker: Bryan Hance

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite []DEF CON 32]2 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

The post DEF CON 32 – Recon Village – Bastardo Grande: Hunting the Largest Black Market Bike Fence appeared first on Security Boulevard.

A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet. The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of

A vulnerability was found in Apache VCL up to 2.5.1. It has been rated as problematic. This issue affects some unknown processing of the component User Lookup. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-53679. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apache VCL up to 2.5.1. It has been declared as critical. This vulnerability affects unknown code of the component New Block Allocation Form. The manipulation leads to sql injection. This vulnerability was named CVE-2024-53678. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in oddlama kanidm-provision up to 1.1.x. It has been classified as problematic. This affects an unknown part. The manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2025-30205. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Vmware Spring Security 6.4.0/6.4.1/6.4.2/6.4.3 and classified as critical. Affected by this issue is some unknown functionality of the component EnableMethodSecurity. The manipulation leads to authentication bypass by spoofing. This vulnerability is handled as CVE-2025-22223. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Kyverno up to 1.13.x. Affected is an unknown function. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2025-29778. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in vitejs vite up to 4.5.9/5.4.14/6.0.11/6.1.1/6.2.2 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-30208. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Производные высших порядков ускоряют классический метод Ньютона в любой степени.

Ukrzaliznytsia, Ukraine's national railway operator, has been hit by a massive cyberattack that disrupted online services for buying tickets both through mobile apps and the website. [...]

Currently trending CVE - Hype Score: 2 - Severity: medium (5.8) / important Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Druid. This issue affects all previous Druid ...

A recent development in Linux kernel security has led to the creation of a Rust-based kernel module designed to detect rootkits, a type of malware that can hide itself and other malicious activities from system administrators. This project, part of an internship at Thalium, focuses on enhancing malware detection capabilities within Linux systems, which are […]

The post New Rust-Based Linux Kernel Module Unveiled to Detect Rootkits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.