Aggregator

Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk. Clipper malware is a type of cryware (as coined by Microsoft) that's designed to monitor a victim's clipboard content and facilitate cryptocurrency theft by substituting copied cryptocurrency wallet addresses

«Сначала выучи, потом спрашивай» — неожиданное наставление от нейросети.

A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This achievement not only underscores the ingenuity of cybersecurity experts but also serves as a powerful message to those who rely on extorting from vulnerable businesses and individuals. The Akira ransomware, known for its complex encryption […]

The post Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk management, insider threat mitigation, and compliance preparedness, CISOs can strengthen their security posture. Here are the top five threats keeping CISOs up at night in 2025 and what CISOs can do about them. AI-driven cyberattacks Attackers leverage AI to automate phishing, generate deepfake voice … More →

The post Top 5 threats keeping CISOs up at night in 2025 appeared first on Help Net Security.

新发现的剪贴板劫持操作 “MassJacker”，利用至少 778,531 个加密货币钱包地址，从受感染计算机中窃取数字资产。

Akira 勒索软件团伙被发现利用不安全的网络摄像头，对受害者网络发起加密攻击，且成功绕过了用于阻止 Windows 中加密器的端点检测和响应（EDR）系统。

接收邮件方会首先检查域名的 SPF 记录，来确定发件人的 IP 地址是否被包含在 SPF 记录里面。

Основатель популярной игровой платформы призвал к бдительности на фоне растущих киберугроз.

A vulnerability has been found in resteasy-netty and classified as problematic. This vulnerability affects unknown code. The manipulation leads to http request smuggling. This vulnerability was named CVE-2024-9622. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Adobe Substance3D up to 10.1.2. This affects an unknown part. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2025-24450. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Substance3D up to 10.1.2. This vulnerability affects unknown code. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2025-24451. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto GlobalProtect App on Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to reliance on untrusted inputs in a security decision. This vulnerability is known as CVE-2025-0117. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in RESTEasy up to 4.6.0.Final and classified as problematic. Affected by this issue is some unknown functionality of the component Endpoint Class Handler. The manipulation of the argument s leads to information exposure through error message. This vulnerability is handled as CVE-2021-20289. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Oracle Communications Cloud Native Core Console 1.9.0. This affects an unknown part of the component CNC Console. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2021-20289. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in RESTEasy and classified as problematic. This vulnerability affects the function File.createTempFile. The manipulation leads to creation of temporary file with insecure permissions. This vulnerability was named CVE-2023-0482. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in RESTEasy up to 3.11.x/4.5.x. Affected by this vulnerability is an unknown functionality of the component Header Handler. The manipulation as part of HTTP Response leads to improper input validation. This vulnerability is known as CVE-2020-1695. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in RESTEasy up to 4.5.6.Final. It has been declared as problematic. This vulnerability affects unknown code of the component Client. The manipulation leads to information exposure through error message. This vulnerability was named CVE-2020-25633. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in RESTEasy up to 3.11.0/4.5.2. This issue affects some unknown processing of the component RESTEASY003870 Exception Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2020-10688. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It's currently not known who is behind the campaign. The rootkit "has the ability to cloak or mask any file, registry key or task

Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks, attributed to a newly identified threat actor tracked as “Mora_001,” culminated in the deployment of a custom ransomware strain dubbed “SuperBlack.” Mora_001 has demonstrated a systematic approach to compromising networks, […]

The post SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware appeared first on Cyber Security News.