Security News

Filter by:

New AI Malware PoC Reliably Evades Microsoft Defender

Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.
Dark Reading 10 Jul 2025 10369 Views

Someone used AI to impersonate a secretary of state - how to make sure you're not next

An identity protection expert shares tips on protecting yourself from AI scams.
ZDnet 10 Jul 2025 851 Views

M&S confirms social engineering led to massive ransomware attack

M&S confirmed today that the retail outlet's network was initially breached in a "sophisticated impersonation attack" that ultimately led to a DragonForce ransomware attack. [...]
Bleepingcomputer 9 Jul 2025 1140 Views

Massive spike in use of .es domains for phishing abuse

¡Cuidado! Time to double-check before entering your Microsoft creds Cybersecurity experts are reporting a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.…
The Register 5 Jul 2025 4197 Views

Provider of covert surveillance app spills passwords for 62,000 users

Creators say app is intended for parental monitoring. So why the emphasis on stealth?
Ars Technica 4 Jul 2025 902 Views

Cisco warns that Unified CM has hardcoded root SSH credentials

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.
Bleeping Computer 2 Jul 2025 1113 Views

Dozens of fake wallet add-ons flood Firefox store to drain crypto

More than 40 fake extensions in Firefox’s official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data.
Bleeping Computer 2 Jul 2025 1020 Views

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors.
The Hacker News 2 Jul 2025 10251 Views

New FileFix attack runs JScript while bypassing Windows MoTW alerts

A new FileFix attack allows executing malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows by exploiting how browsers handle saved HTML webpages. [...]
Bleepingcomputer 2 Jul 2025 901 Views

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks

A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft's ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within the energy, oil, and gas sectors. [...]
Bleepingcomputer 26 Jun 2025 1364 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY