New Wave of AiTM Phishing Targets TikTok for Business
Threat IntelligenceInfosecurity Magazineil y a 7 heures
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
Flux RSS
— Sources secondaires254articles RSS
ReinitialiserTeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
Gouvernance & RégulationInfosecurity Magazineil y a 8 heures
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware
Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google
Gouvernance & RégulationInfosecurity Magazineil y a 11 heures
‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
Gouvernance & RégulationInfosecurity Magazineil y a 11 heures
The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Gouvernance & RégulationInfosecurity Magazinehier
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
Gouvernance & RégulationInfosecurity Magazinehier
Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study
EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts
GénéralInfosecurity Magazinehier
EtherRAT hides C2 in Ethereum smart contracts via EtherHiding, steals wallets and credentials
AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns
Gouvernance & RégulationInfosecurity Magazinehier
PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients
OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns
Gouvernance & RégulationInfosecurity Magazinehier
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws
Iran-Linked Pay2Key Ransomware Group Re-Emerges
Malware & RansomwareInfosecurity Magazineavant-hier
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
Invoice Fraud Costs UK Construction Sector Millions, NCA Warns
GénéralInfosecurity Magazineavant-hier
The National Crime Agency has warned construction firms about surging invoice fraud
Cloud Phones Linked to Rising Financial Fraud Threat
Outils & RechercheInfosecurity Magazineavant-hier
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
Gouvernance & RégulationInfosecurity Magazineavant-hier
Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials
US: FCC Bans Foreign-Made Routers Over National Security Concerns
Gouvernance & RégulationInfosecurity Magazineavant-hier
The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Malware & RansomwareInfosecurity Magazineavant-hier
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Gouvernance & RégulationInfosecurity Magazineil y a 3 jours
Expel has warned of malicious Chrome extensions stealing users’ AI conversations
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown
GénéralInfosecurity Magazineil y a 3 jours
UK police trumpet success of Operation Henhouse as they seize and freeze over £27m in suspected fraud proceeds
RSA Conference: UK NCSC Head Urges Industry to Develop Vibe Coding Safeguards
GénéralInfosecurity Magazineil y a 3 jours
The head of the UK’s NCSC is calling the cybersecurity industry to “seize the disruptive vibe coding opportunity” to make software more secure
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
Malware & RansomwareInfosecurity Magazineil y a 3 jours
Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing
Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities
Vulnérabilités & PatchesInfosecurity Magazineil y a 3 jours
A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory