Remcos RAT Expands Real-Time Surveillance Capabilities
GénéralInfosecurity Magazineil y a 39 jours
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows
Flux RSS
— Sources secondaires283articles RSS
ReinitialiserIndustrial-Scale Fake Coretax Apps Drive $2m Fraud in Indonesia
Gouvernance & RégulationInfosecurity Magazineil y a 39 jours
Fraud campaign exploiting Indonesia’s Coretax resulted in $1.5m to $2m in losses via malicious apps
Industrial Control System Vulnerabilities Hit Record Highs
GénéralInfosecurity Magazineil y a 39 jours
Forescout paper reveals ICS advisories hit a record 508 in 2025
Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA
Threat IntelligenceInfosecurity Magazineil y a 39 jours
A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal
Flaws in Popular Software Development App Extensions Allow Data Exfiltration
Gouvernance & RégulationInfosecurity Magazineil y a 39 jours
Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched
Researchers Reveal Six New OpenClaw Vulnerabilities
Gouvernance & RégulationInfosecurity Magazineil y a 39 jours
Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Gouvernance & RégulationInfosecurity Magazineil y a 40 jours
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics
AI Assistants Used as Covert Command-and-Control Relays
Gouvernance & RégulationInfosecurity Magazineil y a 40 jours
AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication
Record Number of Ransomware Victims and Groups in 2025
Gouvernance & RégulationInfosecurity Magazineil y a 40 jours
Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025
Chinese APT Group Exploits Dell Zero-Day for Two Years
Gouvernance & RégulationInfosecurity Magazineil y a 40 jours
Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines
Android 17 Beta Introduces Secure-By-Default Architecture
Vulnérabilités & PatchesInfosecurity Magazineil y a 41 jours
Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development
Apple Expands RCS Encryption and Memory Protections in iOS 26.4
Vulnérabilités & PatchesInfosecurity Magazineil y a 41 jours
iOS 26.4 Beta adds end-to-end encryption for RCS messaging and enhanced Memory Integrity Enforcement
Low-Skilled Cybercriminals Use AI to Perform "Vibe Extortion" Attacks
Threat IntelligenceInfosecurity Magazineil y a 41 jours
Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
GénéralInfosecurity Magazineil y a 41 jours
Teleport study reveals that organizations running over-privileged AI have a 76% incident rate
Significant Rise in Ransomware Attacks Targeting Industrial Operations
Malware & RansomwareInfosecurity Magazineil y a 41 jours
Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments
Infostealer Targets OpenClaw to Loot Victim’s Digital Life
Gouvernance & RégulationInfosecurity Magazineil y a 41 jours
Hudson Rock has warned OpenClaw users that infostealers are targeting their configuration files
Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords
Outils & RechercheInfosecurity Magazineil y a 42 jours
Security researchers have challenged end-to-end encryption claims from popular commercial password managers
SMEs Wrong to Assume They Won’t Be Hit by Cyber-Attacks, NCSC Boss Warns
GénéralInfosecurity Magazineil y a 42 jours
NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations
OysterLoader Evolves With New C2 Infrastructure and Obfuscation
Malware & RansomwareInfosecurity Magazineil y a 42 jours
OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
Threat IntelligenceInfosecurity Magazineil y a 42 jours
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo