FBI says recent breach of US telecommunications infrastructure by China’s Salt Typhoon is largely contained with affected networks.
Posted inCybersecurity News

FBI says recent breach of US telecommunications infrastructure by China’s Salt Typhoon is largely contained with affected networks.

The FBI’s top cyber official announced this week that the Chinese state-backed hacking group known as Salt Typhoon, responsible for a significant breach of U.S. telecommunications infrastructure, is now “largely contained” within affected networks. While the immediate threat has been mitigated, federal authorities caution that the risk posed by the group remains unresolved.
Researchers reveal the existence of extensive brand-spoofing campaigns that leverage thousands of fraudulent websites impersonating known brands.
Posted inCybersecurity News

Researchers reveal the existence of extensive brand-spoofing campaigns that leverage thousands of fraudulent websites impersonating known brands.

Recent investigations by cybersecurity firm Silent Push and VPN provider NordVPN have revealed the existence of extensive brand-spoofing campaigns that leverage thousands of fraudulent websites to impersonate some of the world’s most recognized brands. These operations are designed to deceive consumers, steal sensitive information, and facilitate financial fraud on a global scale.
Initial Access Brokers are deploying patches to exploited vulnerabilities to effectively lock out rival cybercriminals.
Posted inCybersecurity News

Initial Access Brokers are deploying patches to exploited vulnerabilities to effectively lock out rival cybercriminals.

A recent cyber campaign has brought to light a sophisticated new tactic employed by initial access brokers, believed to be linked to China. These threat actors are leveraging zero-day vulnerabilities in Ivanti Connect Secure systems to infiltrate target networks. Uniquely, after gaining access, the attackers are applying their own patches to the exploited vulnerabilities, effectively locking out both defenders and rival cybercriminals.
The Big Beautiful Bill: How the New Legislation Will Impact U.S. Cybersecurity.
Posted inCybersecurity News

The Big Beautiful Bill: How the New Legislation Will Impact U.S. Cybersecurity.

Washington, D.C. – The recently approved "Big Beautiful Bill" is making waves across the cybersecurity landscape, promising sweeping changes for federal agencies, the Department of Defense, and civilian infrastructure. While the bill delivers major funding boosts for federal IT modernization and defense cybersecurity, it also slashes budgets for key civilian programs, raising concerns among experts about the nation’s ability to respond to evolving cyber threats.
Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign.
Posted inCybersecurity News

Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign.

Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign, as well as others such as NortonLifeLock, PayPal, and Geek Squad. The primary technique being used is known as callback phishing or Telephone-Oriented Attack Delivery (TOAD), where victims are persuaded to call phone numbers controlled by the attackers.
Chinese-linked Houken targets France in Ivanti zero-day exploit campaign.
Posted inCybersecurity News

Chinese-linked Houken targets France in Ivanti zero-day exploit campaign.

A Chinese-linked hacking group, dubbed “Houken,” has been identified as the orchestrator of a sophisticated cyberattack campaign targeting French organizations by exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices. The campaign was first detected by France’s national cybersecurity agency, ANSSI, in September 2024, though evidence suggests it may have started as early as 2023.
Critical vulnerability found in Cl0p’s custom data exfiltration tool that could allow remote code execution against the criminal cybergang.
Posted inCybersecurity News

Critical vulnerability found in Cl0p’s custom data exfiltration tool that could allow remote code execution against the criminal cybergang.

A critical vulnerability has been discovered in the Cl0p cybercrime gang’s custom data exfiltration tool, which exposes the group itself to potential remote code execution (RCE) attacks. This flaw, rated with a severity score of 8.9, was found by Italian researcher Lorenzo N and detailed by the Computer Incident Response Center Luxembourg (CIRCL).
Multiple critical vulnerabilities found in Forminator WordPress plugin could impact up to 600,000 websites.
Posted inCybersecurity News

Multiple critical vulnerabilities found in Forminator WordPress plugin could impact up to 600,000 websites.

A series of critical vulnerabilities have been discovered in the popular Forminator WordPress plugin, which is used by hundreds of thousands of websites to create contact forms, payment forms, and other interactive elements. These vulnerabilities have put over 400,000 to 600,000 WordPress websites at risk of remote takeover and other severe attacks.
Researchers have discovered dozens of fake wallet Firefox add-ons are stealing sensitive credentials.
Posted inCybersecurity News

Researchers have discovered dozens of fake wallet Firefox add-ons are stealing sensitive credentials.

Dozens of fake wallet add-ons have recently flooded the official Firefox add-ons store, targeting cryptocurrency users by impersonating popular wallet brands and stealing sensitive credentials. Over 40 malicious extensions were discovered, posing as legitimate wallets from well-known providers such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero.