Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

The UK's Smartphone Theft Epidemic: A Call to Action for the Tech Industry

The UK's smartphone theft epidemic has reached alarming proportions, with Metropolitan Police figures revealing 117,211 phones were stolen in 2024. The House of Commons Science, Innovation and Technology Committee is urging the UK government to take decisive action against this rising trend, with a call for stronger technical measures from the tech industry.

Published: Sat Oct 25 04:35:07 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Global Cybersecurity Concerns: A Web of Threats Exposed


A complex web of global cybersecurity concerns has been exposed, with high-profile attacks on Amazon Web Services, the indictment of a mob-fueled gambling scam group, vulnerabilities in popular software libraries, and the misuse of satellite-based services by organized crime groups. As we navigate this ever-evolving landscape, it is crucial that individuals, organizations, and governments prioritize cybersecurity to prevent catastrophic failures.

Published: Sat Oct 25 05:46:23 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Critical WSUS Flaw: A Deserialization RCE Vulnerability Under Active Attack

The Critical WSUS Flaw: A Deserialization RCE Vulnerability Under Active Attack
A critical vulnerability in Windows Server Update Service (WSUS) has been reported and is currently under active attack, posing a significant threat to system security. The vulnerability allows an unauthorized attacker to execute code over a network, compromising the security of systems running WSUS. Microsoft has released urgent updates to address this issue and protect affected customers.

Published: Sat Oct 25 06:58:34 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New CoPhish Attack: OAuth Tokens Stolen via Microsoft Copilot Studio Agents

Researchers have identified a new CoPhish attack that exploits Microsoft Copilot Studio agents to steal OAuth tokens, highlighting the importance of vigilance in protecting sensitive data and applications. Microsoft has taken immediate action to address the vulnerability through future product updates.

Published: Sat Oct 25 12:13:33 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Russia's Food Safety Agency Under Siege: A DDoS Attack Disrupts Nationwide Food Shipments


Russia's food safety agency, Rosselkhoznadzor, has been hit by a Distributed Denial of Service (DDoS) attack, disrupting nationwide food shipments and causing widespread delays. The attack targeted the agency's Mercury platform, part of its VetIS system, and crippled its ability to track and verify the origin of food products. The impact of the attack was immediate, with major dairy and baby food producers reporting hours-long delays in issuing electronic veterinary certificates required for shipping meat, milk, and other animal products.

Published: Sat Oct 25 13:25:21 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Sanctioned Russian Propaganda Spreads Through Chatbots: A Growing Concern for European Regulators

Sanctioned Russian propaganda has been found to be spreading through popular AI-powered chatbots in Europe, raising concerns about the ability of these platforms to restrict access to sanctioned media sources. The use of these chatbots by malicious actors poses a significant threat to fundamental rights, public security, and well-being. As chatbots continue to grow in popularity, it is essential that their providers prioritize addressing this issue through robust safeguards and responsible design practices.

Published: Mon Oct 27 10:10:14 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hackers Exploit Emerging Security Vulnerabilities to Spread Malware and Gain Unauthorized Access

Hackers are exploiting a range of emerging vulnerabilities in blockchain smart contracts, Microsoft 365, and other systems to spread malware and gain unauthorized access. From the use of RedTiger infostealers to CoPhish attacks, security experts must remain vigilant to stay ahead of these threats.

Published: Mon Oct 27 10:28:01 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Qilin Ransomware Threat: A Hybrid Attack That Combines Linux Payload with BYOVD Exploit

The Qilin Ransomware Threat: A Hybrid Attack That Combines Linux Payload with BYOVD Exploit

Published: Mon Oct 27 10:42:17 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Crafted URLs Can Deceive OpenAI Atlas: A Threat to Browser Security

OpenAI Atlas's agentic browsing feature can be tricked by attackers who craft URLs that embed malicious instructions, posing a significant threat to browser security and user safety. Experts warn that a lack of strict boundaries between trusted user input and untrusted content allows for prompt injection attacks.

Published: Mon Oct 27 10:51:23 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Qilin Ransomware Group: A Threat That Evades Traditional Endpoint Defenses



The Qilin ransomware group has been making headlines in recent weeks due to its ability to evade detection by leveraging legitimate remote management tools and BYOVD attacks. The attackers used advanced anti-analysis techniques to disable defenses and move across the network quietly, deploying two executables that load a signed driver to help them evade detection. This is just one example of how sophisticated ransomware groups are evolving to bypass traditional endpoint defences.

Published: Mon Oct 27 11:02:12 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

8.7 Million Attacks Foiled: Wordfence Battles Vulnerabilities in GutenKit and Hunk Companion Plugins


Wordfence has successfully blocked 8.7 million attacks exploiting vulnerabilities in GutenKit and Hunk Companion plugins, highlighting the need for prompt updates and security measures to prevent similar incidents.


Published: Mon Oct 27 11:10:19 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Safepay Ransomware Group Strikes Again: Exposing Xortec's Vulnerabilities


The Safepay ransomware group has claimed responsibility for the hacking of professional video surveillance provider Xortec, exposing vulnerabilities in its systems and compromising sensitive data. This attack highlights the importance of robust cybersecurity measures and underscores the need for enhanced vigilance among system administrators, network operators, and end-users.

Published: Mon Oct 27 11:19:31 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Unveiling the World of Malware: A Delicate Dance Between Security and Exploitation



Unveiling the World of Malware: A Delicate Dance Between Security and Exploitation

This article delves into the world of malware, exploring its various forms and the tactics employed by threat actors to evade detection. It highlights pressing concerns such as non-necessary cookies, sophisticated malware, and AI-powered threats, while also examining emerging trends in the underground malware market. The article concludes that cybersecurity professionals must stay vigilant and adapt to emerging threats to protect individuals, organizations, and nations from the devastating impact of malware attacks.



Published: Mon Oct 27 11:26:17 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

PhantomCaptcha and the Rise of Spearphishing Operations: A Growing Threat to Global Cybersecurity

PhantomCaptcha, a sophisticated Multi-Stage WebSocket RAT, has been used in recent spearphishing operations targeting Ukraine relief groups. This growing threat highlights the need for organizations to prioritize cybersecurity awareness education and stay ahead of evolving threats.

Published: Mon Oct 27 11:37:56 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Operation ForumTroll: Italian Spyware Vendor Linked to Chrome Zero-Day Attacks

Italian spyware vendor Memento Labs has been linked to Operation ForumTroll, a campaign that exploited critical vulnerabilities in Google Chrome to deliver malware to Russian organizations. Kaspersky researchers have attributed the attack to Memento Labs with high confidence, but the author of the zero-day vulnerability remains unknown.

Published: Mon Oct 27 13:19:38 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ravin Academy Data Breach Raises Concerns Over Iranian Cybersecurity Capabilities

Ravin Academy's data breach raises concerns over Iranian cybersecurity capabilities, highlighting the threat posed by state-sponsored cyberattackers and the importance of robust cybersecurity measures. The incident also underscores the effectiveness of international sanctions in curbing Iranian cyberattacks and serves as a reminder of the ongoing threat posed by MuddyWater and other MOIS-linked groups.

Published: Mon Oct 27 13:28:29 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

One Week to Opt Out: LinkedIn's AI-Training Scrape Sparks Global Concerns Over Data Privacy

LinkedIn has announced a significant change to its data use terms, effective November 3rd, which will allow the company to scrape data from members in several countries to train AI models. The move has sparked global concerns over data privacy, and users are being urged to opt out of this arrangement before it's too late.

Published: Mon Oct 27 13:35:29 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hacking into the Fabric: The Shifting Landscape of Cybersecurity Threats



Recent high-profile cybersecurity breaches highlight the evolving nature of threats in today's digital world. Hackers are leveraging vulnerabilities in Cisco SNMP systems to deploy rootkits, while Adobe AEM has been identified as having a perfect 10.0 score vulnerability, according to CISA. Furthermore, two new Windows zero-day exploits have emerged and AMD's Confidential Computing protocols have shown themselves vulnerable to exploitation via a single byte of malicious code. These incidents underscore the urgent need for vigilance in maintaining robust security measures across all sectors.



Published: Mon Oct 27 13:43:05 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands


Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the AI-powered assistant's memory and run arbitrary code. This exploit, dubbed "Tainted Memories," takes advantage of a cross-site request forgery (CSRF) flaw in ChatGPT's persistent memory, allowing attackers to plant hidden commands that can survive across devices, sessions, and even different browsers. The vulnerability poses a significant security risk, highlighting the need for immediate action to mitigate its impact and protect users from potential harm.

Published: Mon Oct 27 13:51:59 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

X: Re-enroll 2FA Security Keys Before November 10 or Risk Being Locked OutA crucial warning has been issued to X users regarding their two-factor authentication (2FA) security keys. The company has announced that all accounts utilizing passkeys or hardware-based security keys, such as YubiKeys, will be affected by a deadline of November 10.


X: Re-enroll 2FA security keys by November 10 or get locked out
In order to avoid being locked out of their accounts, users are urged to re-enroll their two-factor authentication (2FA) security keys before the end of November. This update affects all users who utilize passkeys or hardware-based security keys, such as YubiKeys.


Published: Mon Oct 27 15:04:57 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ransomware's Profitability Plummets as Victims Refuse to Pay


Ransomware's Profitability Plummets as Victims Refuse to Pay

In a significant turn of events, ransomware threat actors have witnessed a substantial decline in their profits over the past six years. According to Coveware, only 23% of breached companies were willing to pay ransomware threats in Q3 2025, representing an all-time low. The shift in tactics and the increased pressure from authorities have contributed to this decline, with more than 76% of attacks now involving data exfiltration. Learn more about the changing landscape of ransomware attacks and how organizations can prepare for future threats.

Published: Mon Oct 27 15:11:22 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ravin Academy Data Breach: A Warning Sign for Iranian Cybersecurity and Global Intelligence Efforts



Ravin Academy, a prestigious institution for training state-sponsored cyberattackers, has recently suffered a significant data breach that exposed the personal information of its associates and students. The breach highlights the vulnerability of these training programs to data breaches and raises concerns about the effectiveness of international sanctions against organizations affiliated with state-sponsored cyberattacks. As the use of data breaches as a tool for espionage and sabotage continues to evolve, it is essential that organizations like Ravin Academy take steps to address systemic vulnerabilities and improve their security measures.

Published: Mon Oct 27 15:23:35 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Gmail Data Breach: Separating Fact from Fiction



A major cybersecurity platform claimed that 183 million Gmail accounts had been breached, leading Google to debunk the claims as false. The true origin of the compromised credentials lies in a compilation of various attacks over time, highlighting the importance of staying vigilant about online account security and verifying information through reputable sources.

Published: Mon Oct 27 16:33:01 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Memento Labs Resurfaces: A Ghost from the Hacking Team's Past

Memento Labs, once thought to be eradicated, has resurfaced with a sophisticated attack leveraging a validator script in browsers and a zero-day vulnerability in Chrome. The group's revival poses significant concerns for individuals and organizations worldwide, highlighting the need for continued vigilance and proactive measures to counter such complex threats.

Published: Mon Oct 27 16:43:33 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Windows Server Update Services Vulnerability Sparks Global Alarm: A Growing Concern for Enterprise Security

A critical Windows Server Update Services (WSUS) vulnerability has been identified as a potential threat to multiple organizations worldwide. Despite Microsoft's initial emergency patch, attackers continue to exploit this bug, sparking concerns among cybersecurity experts.

Published: Mon Oct 27 19:59:43 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New ClickOnce-Based Attack Chain Used by SideWinder Threat Actor Targets South Asian Diplomats

SideWinder, a notorious threat actor, has adopted a new ClickOnce-based attack chain to target high-ranking officials in South Asia. The campaign, which involved sending spear-phishing emails in four waves from March through September 2025, was designed to drop malware families such as ModuleInstaller and StealerBot onto compromised hosts. This latest campaign marks a notable evolution in the group's tactics, tactics, and procedures (TTPs), as it demonstrates a sophisticated understanding of geopolitical contexts and the ability to adapt to new environments.

Published: Tue Oct 28 00:19:38 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Marks & Spencer's IT Service Desk Provider Shake-Up: A Troubled Year for Retailer

British retailer Marks & Spencer has replaced Tata Consultancy Services (TCS) as its primary IT service desk provider following a months-long procurement process. The move comes amidst the company's ongoing efforts to strengthen its cybersecurity measures and restore normal operations after a significant cyber incident earlier this year.

Published: Tue Oct 28 04:41:25 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The USS Gerald R. Ford: A Symbol of Military Ambition and Global Reach

The USS Gerald R. Ford, a $13 billion nuclear-powered aircraft carrier, has been deployed to the Caribbean Sea as part of a Pentagon strategy aimed at strengthening the fight against drug trafficking in South America. This development raises questions about Washington's true intentions behind this move and its implications for international relations and global security.

Published: Tue Oct 28 04:51:06 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The LeetAgent Malware Menace: Unpacking the Latest Chrome Zero-Day Exploitation

Cybersecurity researchers have discovered a new type of malware called LeetAgent that exploits a zero-day vulnerability in Google Chrome to deliver its payload. This malware is part of a broader campaign dubbed Operation ForumTroll that targets organizations in Russia and Belarus. The attack highlights how attackers are leveraging sophisticated spyware to carry out targeted spear-phishing operations.

Published: Tue Oct 28 05:02:32 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Parroted Propaganda: The Alarming Rise of AI-Generated Disinformation on Chatbots

Researchers have found that a significant proportion of AI-powered chatbots parrot propaganda about the Ukrainian invasion, often citing links to Russian state-attributed sources. The alarming rise of disinformation on these platforms raises concerns about the ability of regulatory bodies to enforce rules aimed at preventing the dissemination of propaganda.

Published: Tue Oct 28 06:18:19 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Pixnapping Android Flaw: A Growing Threat to Google Workspace Security


A newly discovered flaw in the Pixnapping Android app allows rogue apps to steal 2FA codes without user permission, raising concerns about Google Workspace security. Experts recommend immediate action to address this vulnerability.

Published: Tue Oct 28 06:26:37 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ransomware Payments Reach a Record Low: A Decline in Payment Rates Amidst Ongoing Efforts to Combat Cyber extortion


Ransomware payments have reached a record low, with only 23% of ransomware victims paying attackers in Q3 2025. The decline is attributed to the growing maturity among enterprises and cyber response teams, as well as the increasing sophistication of security measures. However, experts caution that the growing automation of attacks and AI will make it challenging to completely eliminate criminal activity. As the cyber extortion economy continues to evolve, businesses must remain vigilant and proactive in preventing these types of incidents.

Published: Tue Oct 28 06:37:27 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Atroposia Malware Spreads: A Modular RAT with a Twist



The Atroposia malware has emerged as a new threat in the cybersecurity landscape, offering an array of capabilities for cybercriminals. With its modular design and built-in vulnerability scanner, this malware poses a significant risk to organizations across various sectors. Learn more about this emerging threat and how you can protect yourself against it.



Published: Tue Oct 28 08:50:11 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Herodotus Android malware fakes human typing to avoid detection


New Herodotus Android malware fakes human typing to avoid detection, using random delay injection in its input routines to mimic human behavior on mobile devices. This advanced technique evades timing-based detection by security software, making it a significant threat to Android users.

Published: Tue Oct 28 08:59:32 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Clearview AI Fined for Repeated Data Protection Violations Amid EU Scrutiny

Clearview AI faces criminal heat for ignoring EU fines, as an Austrian advocacy group accuses the US company of disregarding data protection regulations and exploiting loopholes in the law. The controversy raises questions about corporate accountability and transparency in the face of rapidly evolving global data protection laws.

Published: Tue Oct 28 11:09:24 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Human Toll of the MoD's Afghan Data Breach: A Devastating Consequence of Poor Security Measures

The human toll of the UK Ministry of Defence's Afghan data breach is a grim reminder of the devastating consequences of poor security measures.

Published: Tue Oct 28 11:18:43 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Record Number of Phone Searches at the US Border: An Analysis of Increasing Surveillance Capabilities

A Record Number of Phone Searches at the US Border: An Analysis of Increasing Surveillance Capabilities

Published: Tue Oct 28 11:29:09 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ghosts in the Machine: The Sophisticated Malware Campaigns of BlueNoroff

The sophisticated use of generative AI in BlueNoroff's GhostCall and GhostHire malware campaigns poses significant challenges to cybersecurity experts, highlighting the need for improved defenses.

Published: Tue Oct 28 11:53:31 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Imperative of Early Threat Detection: Unlocking Resilient Business Growth in a Turbulent Cyber Landscape



The Imperative of Early Threat Detection: Unlocking Resilient Business Growth in a Turbulent Cyber Landscape

In today's fast-paced cybersecurity landscape, businesses must adapt quickly to stay ahead of emerging threats. One critical strategy that can help organizations navigate this challenging terrain is early threat detection. Learn how harnessing the power of threat intelligence can unlock resilient business growth and transform your SOC from overwhelmed to proactive.



Published: Tue Oct 28 12:04:35 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Great Power Grid Hack: Everest Group Claims Responsibility for Breach of Sweden's Svenska Kraftnät


The Everest ransomware group has claimed responsibility for breaching Sweden's power grid operator, Svenska Kraftnät, stealing sensitive data from an isolated file transfer system. The breach highlights the growing sophistication of ransomware attacks and the need for robust cybersecurity measures to protect critical infrastructure.

Published: Tue Oct 28 12:15:17 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Critical ASP.NET Flaw Exposed: QNAP NetBak PC Agent Under Siege



A critical vulnerability has been identified in the QNAP NetBak PC Agent software, which could allow attackers to hijack credentials or bypass security controls. Users of this software are urged to update their systems with the latest ASP.NET Core patches in order to mitigate the risk posed by CVE-2025-55315.

Published: Tue Oct 28 12:22:04 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Qilin Ransomware's Clever Exploitation of Windows Subsystem for Linux (WSL) to Evade Detection and Encrypt Data

The Qilin Ransomware has been exploiting the Windows Subsystem for Linux (WSL) to launch its Linux-based encryptors within a Windows environment, bypassing traditional security defenses and evading detection. This clever tactic highlights the importance of staying vigilant against emerging threats and adapting security strategies accordingly.

Published: Tue Oct 28 14:56:42 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

CISA Alerts: Dassault Vulnerabilities Spark Widespread Attack Activity

Two Dassault Systèmes' DELMIA Apriso manufacturing operations management and execution solutions have been identified as targets for malicious attack activity due to actively exploited vulnerabilities. Organizations must prioritize patching and mitigation efforts to prevent potential attacks from materializing.

Published: Tue Oct 28 15:10:41 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Side-Channel Attack Exposes Intel and AMD's Hardware Security Vulnerabilities


A recent side-channel attack has exposed vulnerabilities in Intel and AMD's hardware security systems, allowing attackers to extract secrets from the trusted execution environment (TEE). The TEE.Fail attack has significant implications for data protection and encryption, and researchers are urging caution as this vulnerability is yet to be seen in action.

Published: Tue Oct 28 15:18:27 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Android Banking Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human


A new Android banking Trojan called Herodotus has been discovered, boasting advanced capabilities that allow it to evade anti-fraud systems by mimicking human behavior. This novel approach highlights the ongoing evolution in malware tactics and underscores the need for security experts to stay vigilant and adapt their defenses accordingly.

Published: Tue Oct 28 15:27:29 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Python's Ethical Dilemma: The $1.5M Grant Conundrum

Python rejects $1.5M grant from U.S. govt. fearing ethical compromise: In a move that highlights the growing tension between financial sustainability and social responsibility, the Python Software Foundation has declined a $1.5 million grant proposal from the U.S. National Science Foundation due to concerns over restrictive funding terms.

Published: Tue Oct 28 18:15:23 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Dentsu's Subsidiary Merkle Exposes Staff and Client Data in Cybersecurity Incident


Japanese advertising giant Dentsu has disclosed that its U.S.-based subsidiary Merkle suffered a cybersecurity incident that exposed staff and client data, resulting in concerns about transparency and the importance of robust security measures. The company is now conducting an investigation into the full extent of the breach and notifying impacted individuals.



Published: Tue Oct 28 18:30:30 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Aisuru Botnet: Behind Record 20Tb/sec DDoS Attacks and a Wake-Up Call for Cybersecurity


A new Mirai-based IoT botnet, dubbed Aisuru, has launched record-breaking DDoS attacks exceeding 20Tb/sec. The botnet's use of residential proxies and diversified attack vectors make it a significant threat to online gaming platforms and broadband providers.

Published: Tue Oct 28 18:37:14 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Streamlining Patch Management: Bridging Visibility Gaps and Ensuring Effective Vulnerability Remediation

Streamlining Patch Management: Bridging Visibility Gaps and Ensuring Effective Vulnerability Remediation

Published: Wed Oct 29 10:03:04 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of Residential Proxies: Aisuru Botnet's Shift from DDoS to Anonymizing Cybercrime


The Aisuru botnet has abandoned its traditional DDoS attacks in favor of renting infected IoT devices as residential proxies for cybercriminals, raising significant concerns about data scraping and AI-powered exploitation. As these networks continue to grow in influence, it's essential that we develop effective strategies to counter their impact on our digital infrastructure.

Published: Wed Oct 29 10:33:21 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Discovery of a Hidden Fish City: Unveiling the Secrets of Shackleton's Endurance

Scientists have made a groundbreaking discovery while exploring the Weddell Sea, Antarctica, during a research expedition led by researchers from South Africa. Hundreds of fish nests arranged in particular patterns were found, providing valuable insights into the behavior of fish species living in extreme conditions and highlighting the importance of preserving habitats like the Weddell Sea.

Published: Wed Oct 29 10:41:29 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cyberattack on Dentsu's US Subsidiary Sparks Widespread Panic Among Employees

Dentsu's US-based data-driven media marketing and customer experience business Merkle has been the victim of a devastating cyberattack, resulting in the theft of sensitive employee data. The breach has raised concerns about the company's cybersecurity measures and its ability to protect its employees' information.

Published: Wed Oct 29 10:52:44 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Bharat Singh Chand Fined £200,000 for Unlawful Spam Texting Campaign


A sole trader has been fined £200,000 for sending nearly 966,449 spam text messages to unsuspecting recipients who were facing financial hardship. The Information Commissioner's Office (ICO) says Chand showed "blatant disregard" for the law and attempted to mislead them during the investigation.

Published: Wed Oct 29 11:01:53 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Alarming Reality: 9 in 10 Exchange Servers in Germany Remain Vulnerable to Exploitation Due to EoL SoftwareA recent security advisory from Germany's infosec agency has highlighted a critical vulnerability affecting the majority of public-facing Exchange servers in the country, leaving thousands of organizations and institutions at risk. With Microsoft having ended support for versions 2016 and 2019, including Exchange Server, on October 14, the German BSI has sounded the alarm, warning that only six months of extended security updates remain available before full support ceases.


German Exchange servers facing severe security risks due to end-of-support software, warns BSI
In a stark warning, Germany's infosec agency has alerted organizations running outdated Exchange servers to upgrade or risk being compromised by malicious actors, citing the alarming rate of 92% still using out-of-support software.


Published: Wed Oct 29 11:16:56 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Australia Develops AI-Powered Tool to Decode Online Crime Fluencers' Slang


Australian police are developing an AI-powered tool to decode the slang used by online "crimefluencers" who glorify crime and violence, particularly targeting pre-teen girls. The initiative aims to improve cybersecurity and protect vulnerable populations from exploitation.

Published: Wed Oct 29 11:25:51 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Global Cyber Threat Landscape: The Rise of Automated Botnet Attacks Targeting PHP Servers and IoT Devices


A global cyber threat landscape has emerged with a sharp increase in automated botnet attacks targeting PHP servers and IoT devices. These attacks exploit known vulnerabilities and cloud misconfigurations to gain control over exposed systems, expand botnet networks, and launch DDoS attacks exceeding 20 terabits per second (Tbps). The Qualys TRU report highlights the need for robust cybersecurity measures, including penetration testing, vulnerability assessments, and incident response plans. Individuals must also take proactive steps to secure their devices, networks, and online presence by keeping software up-to-date, using strong passwords, and being cautious when clicking on links or downloading attachments from unknown sources.

Published: Wed Oct 29 11:35:54 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

New AI-Targeted Cloaking Attack Tricks AI Crawlers into Citing Fake Info as Verified Facts

A new and sophisticated threat has emerged, exposing underlying AI models to context poisoning attacks. Discover how this attack works and what it means for you.

Published: Wed Oct 29 11:44:20 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolving Threat Landscape: A Decade of Cybersecurity Challenges



The latest wave of cybersecurity attacks highlights the need for organizations to stay vigilant and adapt their security measures to counter evolving risks. From side-channel attacks to social engineering campaigns, AI-powered tools, and supply chain vulnerabilities, the threats are becoming increasingly diverse and complex. To stay ahead of these evolving risks, organizations must prioritize regular security updates and patches, as well as more sophisticated security measures such as web application security testing and vulnerability scanning.

Published: Wed Oct 29 11:52:41 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

BeyondTrust's 2026 Cybersecurity Predictions: The Evolving Identity-Privilege ProblemThe cybersecurity landscape is on the cusp of a significant transformation, as emerging threats and shifting attitudes towards identity management reshape the way organizations approach security. In BeyondTrust's 2026 cybersecurity predictions, we examine the evolving nature of the security threat landscape, where traditional notions of privilege and access are being redefined.


BeyondTrust's 2026 Cybersecurity Predictions: The Evolving Identity-Privilege Problem
The cybersecurity landscape is expected to undergo significant changes in the coming year, driven by emerging threats and shifting attitudes towards identity management. From account poisoning to AI veganism, these predictions highlight the evolving nature of the security threat landscape.


Published: Wed Oct 29 12:00:49 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Russian Hackers Utilize Stealthy Living-Off-The-Land Tactics to Target Ukrainian Organizations

Russian hackers have employed sophisticated living-off-the-land tactics to target Ukrainian organizations, using legitimate tools and exploiting vulnerabilities to gain access to sensitive data. This attack vector poses a significant threat to cybersecurity posture and highlights the need for robust threat intelligence capabilities and collaborative efforts between organizations and law enforcement agencies.

Published: Wed Oct 29 12:13:27 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cybersecurity Alert: 10 Malicious npm Packages Steal Developer Credentials Across Windows, macOS, and Linux

A devastating cyberattack has been discovered that has left many developers reeling. A set of 10 malicious npm packages have been found to steal developer credentials across Windows, macOS, and Linux systems.

Published: Wed Oct 29 12:21:10 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolving Landscape of Modern Browser Attacks: Why Perimeter Tools Are No Longer Enough



Recent attacks highlight the growing concern of modern browser attacks, which are rendering traditional perimeter security tools ineffective. With AI-powered cyber-attacks becoming increasingly sophisticated, cybersecurity professionals must adapt their strategies to stay ahead of the threat curve. The era of perimeter tools is no longer enough; it's time for a more comprehensive approach to defense planning.



Published: Wed Oct 29 12:31:20 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Russian Hackers Utilize Living-Off-The-Land Tactics Against Ukrainian Targets

Russian hackers, likely linked to the notorious Sandworm group, have employed Living-Off-The-Land tactics against Ukrainian targets, exploiting legitimate tools to gain initial access and establish a persistent presence on compromised networks. The attackers utilized webshells, scheduled tasks, and PowerShell backdoors to steal data and maintain control over the systems.

Published: Wed Oct 29 12:39:29 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dassault Systèmes DELMIA Apriso Vulnerabilities: A Threat to Industrial Automation Systems


U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities in the Dassault Systèmes DELMIA Apriso software, urging federal agencies and private organizations to address these security concerns by November 18, 2025.



Published: Wed Oct 29 12:45:26 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolution of Malicious Typing: Herodotus Android Malware's Unparalleled Mimicry


The world of cybercrime has witnessed numerous evolutions over the years, but a recent Android malware known as Herodotus takes the cake with its unprecedented mimicry tactics. Researchers have identified an innovative banking Trojan that utilizes random delays between keystrokes to create the illusion of natural human interaction on infected devices. This malicious activity underscores the growing popularity of device takeover threats and the commercial efficiency of Malware-as-a-Service business models.

Published: Wed Oct 29 12:53:25 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Google to Mandate Secure Connections for All Users Starting October 2026

A major update is coming to Chrome, as Google plans to make secure connections the default option for all users starting next October. From that date forward, the browser will issue warnings when a user attempts to access an insecure website without HTTPS or other secure protocols.

Published: Wed Oct 29 14:36:18 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Canada's Critical Infrastructure Breached: Hacktivists' Opportunistic Attacks Raise Concerns

Canada has issued a warning about multiple instances of hacktivists breaching critical infrastructure systems across the country, raising concerns about the impact on essential services. To address this issue, authorities have recommended several measures to ensure the security of Industrial Control Systems and prevent potential security breaches.

Published: Wed Oct 29 14:44:11 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Exposing the Elephant in the Room: EY's 4TB SQL Backup File Breach Reveals the Dangers of Cloud Misconfiguration

EY, one of the "Big Four" accounting and consulting firms, recently found itself at the center of a high-profile data breach that exposed its sensitive information to the public internet. A 4TB SQL Server backup file was left unencrypted and exposed for an unknown amount of time, allowing attackers to access trade secrets and credentials.

Published: Wed Oct 29 14:53:10 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Unraveling of a Web of Deceit: The Case of Peter Williams and the Selling of L3 Harris Trenchant's Trade Secrets



A former executive at L3 Harris Trenchant has pleaded guilty to selling trade secrets worth $1.3 million to a Russian software broker. The case raises serious questions about the vetting and supervision processes within US defense contractors and highlights the complex world of international espionage.

Published: Wed Oct 29 15:00:23 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

WordPress Security Plugin Vulnerability Exposes Private Data to Site Subscribers



A widely used security plugin on over 100,000 websites has been found to expose private data due to a critical vulnerability. Installed by WordPress administrators for protection against malware, brute-force attacks, and database injection attempts, the Anti-Malware Security and Brute-Force Firewall plugin's flaw allows site subscribers to access sensitive information such as database credentials and password hashes.

By installing the latest version of the plugin, which has been released following a report of the vulnerability by Wordfence, WordPress users can protect themselves against this potential threat. The critical nature of this issue underscores the importance of applying patches promptly and vigilantly in maintaining robust cybersecurity measures for their online assets.

Published: Wed Oct 29 16:18:35 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Vulnerability Exposed: A Global Chrome Browser Crisis

A critical vulnerability in Chromium's Blink rendering engine can crash billions of web browsers worldwide within seconds, causing a denial-of-service condition. With Google yet to release a fix, the global internet is left vulnerable to exploitation.

Published: Wed Oct 29 16:28:28 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Cloud is Showing Its Flaws: A Wake-Up Call for the Digital Age

A major cloud outage highlights the instability of an internet built largely on infrastructure run by a few tech giants, and raises questions about the reliability and security of our digital backbone.

Published: Wed Oct 29 16:38:55 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hacktivist Breach of Critical Infrastructure: A New Era of Cyber Threats in Canada


Hacktivists have breached Canada's critical infrastructure, exploiting internet-facing industrial control systems (ICS) devices to gain attention, discredit organizations, and harm the country's image. The breach has left experts worried about potential risks to public safety and the country's industrial control systems.

Published: Wed Oct 29 16:49:54 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Malicious NPM Packages Exposed: A Threat to Developers and Users Alike

Malicious NPM packages have been secretly infiltrating the npm registry, compromising sensitive data from Windows, Linux, and macOS systems. Developers are advised to take immediate action to clean up infections and rotate access tokens and passwords.

Published: Wed Oct 29 19:02:15 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

NPM's Critical Security Weakness Exposed: A Wake-Up Call for Developers



A major vulnerability in NPM's Remote Dynamic Dependencies has exposed the code repository to more than 100 credential-stealing packages, putting millions of users at risk. This critical weakness highlights the need for developers to be vigilant and take proactive measures to protect their projects against sophisticated attacks.

Published: Wed Oct 29 21:10:34 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Dentsu's US Subsidiary Merkle Hit by Sophisticated Cyberattack Exposing Sensitive Staff and Client Data


Dentsu's U.S. subsidiary Merkle hit by cyberattack exposing sensitive staff and client data, forcing some systems offline to mitigate the security breach.

Published: Thu Oct 30 04:35:49 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Side of SAVE: How Trump's Administration is Threatening American Democracy


A recently released agreement gives the Department of Homeland Security access to hundreds of millions of Americans' Social Security data, raising concerns about voter misidentification and potential disenfranchisement. The use of this data for voter verification has been criticized by experts, who warn that it poses significant risks to American democracy.


Published: Thu Oct 30 05:45:03 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Decentralized Communication Revolution: France's Matryoshka Approach to Secure Messaging


France has signed up as the first country to join the Matrix.org Foundation as a Silver member, marking an important step towards creating a secure and decentralized instant messaging service for public sector entities. The move reflects growing concerns about dependency on closed platforms and the need for greater control over one's own data.

Published: Thu Oct 30 05:52:51 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Technical Blunder Exposes Customer Data: A Cautionary Tale for the UK's People's Postcode Lottery

People's Postcode Lottery's recent technical error exposed customer data, highlighting the importance of robust data protection measures. The incident serves as a reminder that even the most stringent protocols can be breached, emphasizing the need for organizations to prioritize security and adhere to industry standards.

Published: Thu Oct 30 07:02:29 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolving Landscape of Cyber Threats: A Complex Web of Attacks and Exploits


A complex web of cyber threats has emerged, with new tactics, techniques, and procedures being employed by attackers on a daily basis. From nation-state actors to individual hackers, the evolving landscape of cyber threats requires security professionals to stay vigilant and proactive in their efforts to protect systems and data from malicious activities.

Published: Thu Oct 30 07:13:48 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

The PhantomRaven Malware: A Sophisticated Supply Chain Attack on npm Packages


A new malicious software supply chain attack has been uncovered by cybersecurity researchers, leaving a trail of compromised npm packages and stolen GitHub tokens in its wake. The attack, known as PhantomRaven, targets the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers' machines. In this article, we'll explore the details of the attack and highlight the importance of robust security measures to prevent such incidents.

Published: Thu Oct 30 07:22:03 2025 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ex-Defense Contractor Exec Pleads Guilty to Selling Cyber Exploits to Russia: A Case of National Security Betrayal


Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia: A Case of National Security Betrayal. In a shocking turn of events, an ex-defense contractor executive has pleaded guilty to stealing trade secrets and selling cyber exploits to a Russian broker, highlighting the dangers posed by insider threats and the need for robust cybersecurity measures.

Published: Thu Oct 30 07:30:50 2025 by llama3.2 3B Q4_K_M










© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us