Aggregator

At Seceon’s 2025 Q1 Innovation and Certification Days, Seceon CEO Chandra Pandey and Joshua Skeens, CEO of Seceon’s partner Logically (www.logically.com) engaged in an insightful discussion about AI’s transformative role in cybersecurity. As cyber threats become increasingly AI-driven, organizations must evolve their security strategies to stay ahead of attackers. The Growing AI Threat Landscape Skeens

The post Leveraging AI to Stay Ahead in Cybersecurity: A Conversation with Chandra Pandey and Joshua Skeens, CEO of Logically  appeared first on Seceon Inc.

The post Leveraging AI to Stay Ahead in Cybersecurity: A Conversation with Chandra Pandey and Joshua Skeens, CEO of Logically  appeared first on Security Boulevard.

A sophisticated malware campaign leveraging the Lumma InfoStealer has been identified, targeting educational institutions to distribute malicious files disguised as PDF documents. This campaign employs compromised school infrastructure to deliver weaponized LNK (shortcut) files masquerading as legitimate PDFs, initiating a multi-stage infection process. The Lumma InfoStealer, a Malware-as-a-Service (MaaS) offering, is designed to exfiltrate sensitive […]

The post Weaponized PDFs Deliver Lumma InfoStealer Targeting Educational Institutions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a new MageCart malware campaign targeting e-commerce websites running on the Magento platform. This attack exploits <img> HTML tags to conceal malicious JavaScript skimmers, enabling cybercriminals to steal sensitive payment information while evading detection by security tools. MageCart, a term used to describe credit card skimming malware, has evolved with increasingly […]

The post Cybercriminals Embedded Credit Card Stealer Script Within <img> Tag appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing, […]

A Threat Actor is Selling Domain Admin Access to an Unidentified U.S.-Based Company

The rise of customized large language models (LLMs) has revolutionized artificial intelligence applications, enabling businesses and individuals to leverage advanced reasoning capabilities for complex tasks. However, this rapid adoption has also exposed critical vulnerabilities. A groundbreaking study by Zhen Guo and Reza Tourani introduces DarkMind, a novel backdoor attack targeting the reasoning processes of customized […]

The post DarkMind: A Novel Backdoor Attack Exploiting Customized LLMs’ Reasoning Capabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyber espionage campaign leveraging the EagerBee malware has been targeting government agencies and Internet Service Providers (ISPs) across the Middle East. This advanced backdoor malware, attributed to the Chinese-linked threat group CoughingDown, demonstrates cutting-edge stealth capabilities and persistence mechanisms, posing a significant threat to critical infrastructure in the region. Advanced Capabilities of EagerBee […]

The post EagerBee Malware Targets Government Agencies & ISPs with Stealthy Backdoor Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The identification of this vulnerability is CVE-2025-1448. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in PRTG Network Monitor up to 18.2.40. This issue affects some unknown processing of the file /public/login.htm. The manipulation as part of HTTP Request leads to improper access controls. The identification of this vulnerability is CVE-2018-19410. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024. Between October and December alone, 2.55 billion cyber threats were blocked – an astonishing rate of 321 per second. The risk of encountering a threat climbed to 27.7% in Q4, with social engineering attacks accounting for 86% of all blocked threats. This underscores the increasingly sophisticated psychological tactics cybercriminals are using to deceive victims. “We’re continuing to see … More →

The post Cybercriminals shift focus to social media as attacks reach historic highs appeared first on Help Net Security.

Authors/Presenters: Tim Chase

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Manufacturing Lessons Learned, Lessons Taught appeared first on Security Boulevard.

A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This vulnerability affects unknown code of the file /pigeon/imgproxy/index.php. The manipulation of the argument url leads to server-side request forgery. This vulnerability was named CVE-2025-1447. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

SecWiki周刊（第572期) by ourren

DeepSeek 本地部署指南 by ourren

FlowPic：一种通用的加密流量分类与应用识别表示方法 by ourren

AI-Infra-Guard: AI基础设施安全评估系统 by ourren

更多最新文章，请访问SecWiki

Submit #494788 / VDB-296135

Submit #501978 / VDB-296134