Aggregator

A comprehensive technical deep dive on PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application. Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and persistence. Once deployed, it can dynamically execute payloads while maintaining robust command and control (C2) communication via a dedicated networking module.

The post Dissecting PipeMagic: Inside the architecture of a modular backdoor framework appeared first on Microsoft Security Blog.

Russia-based cybersecurity firm F6 said the attacks began in April and infected devices with Kinsing and XMRig malware, tools commonly used to mine the cryptocurrency Monero.

A multi-stage attack delivered via USB devices has been observed installing cryptomining malware using DLL hijacking and PowerShell

Face morphing software can blend two people’s photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure places. These morphed images can trick face recognition systems into linking the photo to both people, allowing one person to pass as the other. Face morphing software can blend photos of different people’s faces into a single synthesized image (Source: NIST) This kind of software is easy to … More →

The post New NIST guide explains how to detect morphed images appeared first on Help Net Security.

Исходный код вредоноса ушёл всего за 500 долларов. Кто продал Яниса Антропенко?

A vulnerability categorized as problematic has been discovered in IBM Concert Software up to 1.1.0. This affects an unknown part. The manipulation results in improper clearing of heap memory before release. This vulnerability is cataloged as CVE-2025-1759. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in IBM Concert Software up to 1.1.0. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials. This vulnerability is listed as CVE-2025-33100. The attack must be carried out locally. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in IBM Concert Software up to 1.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to inefficient regular expression complexity. This vulnerability is tracked as CVE-2025-33090. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Concert Software up to 1.1.0. It has been classified as problematic. Affected is an unknown function of the component Trusted Domain Handler. Performing manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is identified as CVE-2025-27909. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

Bragg Gaming Group has confirmed a significant cybersecurity incident that compromised the company’s internal IT infrastructure early Saturday morning, August 16, 2025.  The online gaming technology provider discovered unauthorized network intrusion attempts that successfully breached their security perimeter, prompting immediate activation of incident response protocols. Key Takeaways1. Bragg Gaming Group experienced a cybersecurity breach with […]

The post Bragg Confirms Cyber Attack – Hackers Accessed Internal IT Systems appeared first on Cyber Security News.

A sophisticated new cybercriminal technique known as “ghost-tapping” has emerged as a significant threat to contactless payment systems, enabling Chinese-speaking threat actors to exploit stolen payment card details linked to mobile wallet services such as Apple Pay and Google Pay. This innovative attack vector leverages Near Field Communication (NFC) relay tactics to facilitate retail fraud, […]

The post New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay appeared first on Cyber Security News.

A vulnerability was found in lunary-ai lunary up to 1.9.22 and classified as critical. This impacts an unknown function of the file /v1/templates of the component API. Such manipulation of the argument projectId leads to improper access controls. This vulnerability is referenced as CVE-2025-4962. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in IBM Concert Software up to 1.1.0 and classified as problematic. This affects an unknown function. This manipulation causes exposure of sensitive information due to incompatible policies. The identification of this vulnerability is CVE-2024-49827. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability, which was classified as very critical, was found in IBM Storage Virtualize 8.4/8.5/8.6/8.7. The impacted element is an unknown function of the component SSH Session Handler. The manipulation results in incorrect authorization. This vulnerability was named CVE-2025-36120. The attack may be performed from a remote location. There is no available exploit. You should upgrade the affected component.

История технологий началась гораздо раньше.

A vulnerability marked as critical has been reported in NI Vision Builder AI. This affects an unknown function of the component VBAI File Handler. This manipulation causes product ui does not warn user of unsafe actions. The identification of this vulnerability is CVE-2025-2450. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability described as critical has been identified in NI FlexLogger. This impacts an unknown function of the component usiReg URI File Parser. Such manipulation leads to path traversal. This vulnerability is referenced as CVE-2025-2449. It is possible to launch the attack remotely. No exploit is available.