Aggregator

You must login to view this content

The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government agencies, and media organizations across North America, South America, Europe, and East Asia. Initiated in January 2025, this attack, detailed by Microsoft’s Threat Intelligence team and reported by Bleeping Computer, […]

The post Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has revolutionized its iconic Notepad application by introducing an AI-powered text generation feature called “Write,” marking a dramatic transformation for the minimalist text editor that has remained largely unchanged for decades.  The new functionality, powered by a variant of GPT technology, enables users to generate content directly within Notepad using natural language prompts. Currently […]

The post Windows 11 Notepad Gets AI Writer Using a Variant of ChatGPT or Microsoft’s AI Model appeared first on Cyber Security News.

Detection as code (DaC) is a powerful way for security teams to streamline rule development, automate threat detection, and respond to attacks with greater speed and precision. The DaC approach applies formal software development practices to write, manage, and deploy rules for detecting security threats.

The post Detection as code: How to enhance your real-time threat detection appeared first on Security Boulevard.

CISA released one Industrial Control Systems (ICS) advisory on May 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-146-01 Johnson Controls iSTAR Configuration Utility (ICU) Tool

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Today, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

This guidance includes the following three resources:

• Implementing SIEM and SOAR Platforms – Executive Guidance outlines how executives can enhance their organization’s cybersecurity framework by implementing these technologies to improve visibility into network activities, enabling swift detection and response to cyber threats.
• Implementing SIEM and SOAR Platforms – Practitioner Guidance focuses on how practitioners can quickly identify and respond to potential cybersecurity threats and leverage these technologies to streamline incident response processes by automating predefined actions based on detected anomalies.
• Priority Logs for SIEM Ingestion – Practitioner Guidance offers insights for prioritizing log ingestion into a SIEM, ensuring that critical data sources are effectively collected and analyzed to enhance threat detection and incident response capabilities tailored for organizations.

CISA encourages organizations to review this guidance and implement the recommended best practices to strengthen their cybersecurity. For access to the guidance documents, please visit CISA’s SIEM and SOAR Resource page.

A critical security vulnerability in the widely-used GitHub Model Context Protocol (MCP) server has been discovered, exposing users to sophisticated attacks that can compromise private repository data through malicious prompt injections. The vulnerability affects any agent system using the GitHub MCP integration, which has garnered significant attention with over 14,000 stars on GitHub, making it […]

The post GitHub MCP Server Vulnerability Let Attackers Access Private Repositories appeared first on Cyber Security News.