Flux RSS

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls. "Instead of the usual HTTP requests or image beacons, this malware uses WebRTC data channels to load its payload and exfiltrate stolen payment data," Sansec said in a report published this week. The attack,

Police found cameras pointing at infrastructure Indian authorities have reportedly ordered an audit of the nation’s CCTV cameras, after police uncovered what they claim was a Pakistan-backed surveillance operation.…

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. [...]

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. [...]

A proof-of-concept attack on Context Hub suggests there's not much content santization A new service that helps coding agents stay up to date on their API calls could be dialing in a massive supply chain vulnerability.…

They cleverly mimic most traits of a real phone Smartphones have fast become the basis of our digital identities, securing payment systems and bank accounts. Now virtual devices that pretend to be real handsets have become a key tool for financial scammers, according to one company. …

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. [...]

Ex-CISA boss also says no reason to panic about AI and security RSAC 2026 "Everybody feels massive FOMO if they don't get to RSAC," Jen Easterly says.…

Four former NSA bosses walk onto the stage at RSAC… rsac 2026 There's a theoretical red line with cyber warfare. Cross it, and the US will respond with a physical attack like missile strikes. And that line "is whatever the President says it is," according to former NSA boss retired General Paul Nakasone.…

A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets. [...]

The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and managing a criminal site that allowed stolen

Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts

The startup will invest in product development and go-to-market efforts as it expands into new sectors. The post Onit Security Raises $11 Million for Exposure Management Platform appeared first on SecurityWeek.

Citrix has patched two NetScaler ADC and NetScaler Gateway vulnerabilities, one of which is very similar to the CitrixBleed and CitrixBleed2 flaws exploited in zero-day attacks in recent years. [...]

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

Ilya Angelov was a member of the cybercrime group tracked as TA-551, Shathak, Gold Cabin, Monster Libra, and ATK236. The post Russian Cybercriminal Gets 2-Year Prison Sentence in US appeared first on SecurityWeek.

Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs. "It logs keystrokes, dumps cookies and session tokens, captures screenshots, and

PwC finds AI is amplifying speed and scale of attacks, as identity theft evolves into a cybercriminal supply chain. The post AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link appeared first on SecurityWeek.

AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale. [...]

Apple released security fixes for older devices as well, in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5. The post iOS, macOS 26.4 Roll Out With Fresh Security Patches appeared first on SecurityWeek.