Aggregator
Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon
Commissioner Gomez told CyberScoop the agency is poised to eliminate “the only meaningful regulatory response to Salt Typhoon that I have seen.”
The post Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon appeared first on CyberScoop.
TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access
A new global hacking campaign tracked as TamperedChef has emerged, exploiting everyday software names to trick users into installing malicious applications that deliver remote access tools. The campaign uses fake installers disguised as common programs like manual readers, PDF editors, and games, all equipped with valid code-signing certificates to appear legitimate. These applications are distributed […]
The post TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access appeared first on Cyber Security News.
14,5 тонн смертельной тяги: наш военный двигатель 177С поглощает на 30% меньше топлива и работает в 4 раза дольше — назло санкциям
TV streaming piracy service with 26M yearly visits shut down
Link11 expands dutch operations in response to emerging cyber threats
Link11, a European IT security provider that protects organizations worldwide from cyberattacks on infrastructures and web applications, today announces it is further strengthening its presence in the Netherlands. Link11 is already active in the Netherlands, supporting clients in sectors such as transport, ticketing, e-commerce, and retail. Well-known names like TransLink and TicketSwap use Link11’s cloud-native solutions […]
The post Link11 expands dutch operations in response to emerging cyber threats appeared first on Link11.
CVE-2025-41076 | LimeSurvey 6.13.0 Yii information exposure
CVE-2025-40605 | SonicWall Email Security path traversal (SNWLID-2025-0018 / WID-SEC-2025-2647)
CVE-2025-40601 | SonicWall SonicOS SSLVPN Service stack-based overflow (SNWLID-2025-0016)
CVE-2025-12414 | Google Looker up to 25.11.x authentication spoofing (GCP-2025-067 / WID-SEC-2025-2649)
CVE-2025-41075 | LimeSurvey 6.13.0 /optin infinite loop
CVE-2025-41074 | LimeSurvey 6.13.0 Endpoint /optout infinite loop
CVE-2025-40604 | SonicWall Email Security Filesystem Image code download (SNWLID-2025-0018 / WID-SEC-2025-2647)
Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide
A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations worldwide between July and October 2025. The campaign, attributed to the notorious Clop ransomware group and linked to the financially motivated threat actor FIN11, exploited a zero-day vulnerability, CVE-2025-61882, to achieve unauthenticated […]
The post Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide appeared first on Cyber Security News.
Платформеры растят гиппокамп, шутеры его убивают, а всё зависит от навигации. Как жанр игры определяет, что происходит с вашим мозгом
Кибердом объявил программу Киберсъезда, который пройдет 4 декабря
New Malware Via WhatsApp Exfiltrate Contacts to Attack Server and Deploys Malware
Trustwave SpiderLabs researchers have identified a sophisticated banking trojan called Eternidade Stealer that spreads through WhatsApp hijacking and social engineering tactics. The malware, written in Delphi, represents a significant evolution in Brazil’s cybercriminal landscape, combining advanced contact harvesting with credential theft targeting financial institutions. The threat emerges from a multi-stage infection chain that begins with […]
The post New Malware Via WhatsApp Exfiltrate Contacts to Attack Server and Deploys Malware appeared first on Cyber Security News.
Bot Management for the Agentic Era
MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. Multi-stage delivery Dubbed DigitStealer by Jamf researchers, this threat is unusually sophisticated. Before it’s run, a bash script – also executed entirely in-memory – checks the system’s country setting and terminates if it indicates that the machine is located in specific regions. It also checks whether the machine is virtual … More →
The post MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices appeared first on Help Net Security.