Aggregator

Hackers Use TeamFiltration Penetration Testing Tool
A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts - and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants.

300-Person Acquisition Expands Managed Services, Adds Legal and Forensics Expertise
The acquisition of Aon’s 300-person cyber unit enhances LevelBlue’s incident response and managed security services. It brings legal experience, global coverage and new law firm partnerships to strengthen its channel strategy and customer support, said CEO Bob McCullen.

Multi-Line Insurance Company Warns Customers of Potential Scams
Erie Indemnity Company, which offers a wide range of insurance including Medicare supplements and cyber coverage, has notified the U.S. Securities and Exchange Commission that it has been responding to a cyber incident since last weekend. The company is also warning customers of potential scams.

WhatsApp CEO Says UK Request Sets "Dangerous Precedent"
Instant messaging app WhatsApp is seeking to join Apple's legal battle with the U.K. government over end-to-end encryption. Apple is challenging a Home Office order requiring the device maker to provide law enforcement with unencrypted copies of customer data.

超过半数的医疗保健领域领导者认为，未来五年内网络安全事件可能危及患者生命。

安克（Anker）宣布召回逾百万台有起火风险的移动电源 PowerCore 10000（型号 A1263）。美国消费者产品安全委员会 (USCPSC) 称它收到了 19 起火灾和爆炸报告，这些事故造成了轻微烧伤和总计逾 60,700 美元的财产损失。召回的产品总数约 1,158,000 台，于 2016 年 6 月到 2022 年 12 月期间通过亚马逊、新蛋和 eBay 在线出售。如果美国客户的产品在受影响范围内，他们可以选择获得 30 美元礼品卡或者免费更换型号为 A1388 的移动电源，具体信息可访问安克官网。

StackHawk announced Sensitive Data Identification to give security teams visibility into high-risk APIs across thousands of code repositories within an organization. With most security teams only aware of approximately 10% of their API attack surface, StackHawk illuminates the complete API landscape, including shadow APIs, zombie APIs that are no longer under active development, and ghost APIs that bypass traditional gateways. Leveraging StackHawk’s existing API Discovery platform, which automatically uncovers APIs directly from source code repositories, … More →

The post StackHawk Sensitive Data Identification provides visibility into high-risk APIs appeared first on Help Net Security.

看似普通的文件删除漏洞，实则暗藏提升权限的‘机关’

За знакомым логотипом прячется схема редиректов, push-ловушек и фейков, замешанная в информационной войне.

The Fog ransomware group has evolved beyond conventional attack methods, deploying an unprecedented arsenal of legitimate pentesting tools in a sophisticated May 2025 campaign targeting a financial institution in Asia. This latest operation marks a significant departure from typical ransomware tactics, incorporating employee monitoring software and open-source penetration testing frameworks previously unseen in the ransomware […]

The post Fog Ransomware Actors Exploits Pentesting Tools to Exfiltrate Data and Deploy Ransomware appeared first on Cyber Security News.

On June 12, 2025, concurrent infrastructure failures at Cloudflare and Google caused widespread service disruptions, highlighting vulnerabilities in modern cloud dependencies. The outages impacted critical services ranging from authentication systems to AI platforms, underscoring the fragility of interconnected internet ecosystems. Cloudflare Outage: Cloudflare’s outage began at 17:52 UTC when internal monitoring detected failures in device […]

The post Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

悬镜再次领衔安全牛报告代表性创新能力表现、最佳实践、代表厂商推荐。

对于停止在 X 平台上投放广告的企业，马斯克（Elon Musk）采取了起诉或威胁起诉的策略。根据 WSJ 的报告， 这一策略取得了部分成效。2022 年起不再投放广告的 Verizon 公司在去年底被通知，如果再不投广告就要被起诉。Verizon 随后承诺今年将至少投入 1000 万美元（这一数额仍然远远低于 2020 年的 8000 万美元）。时尚公司拉夫·劳伦 (Ralph Lauren)在收到起诉威胁之后也同意恢复投放广告。至少有六家企业因为面临起诉威胁或施压策略而与 X 达成了广告交易。X 是亚马逊云服务 AWS 的客户，但它拖欠了应付款项，并以此为筹码要求 亚马逊投放广告。在 CEO Andy Jassy 的参与下，亚马逊最后同意扩大对 X 的广告支出。X 今年 2 月将乐高公司以及和 Pinterest 加入到起诉名单中，但两家公司拒绝屈服。

A vulnerability, which was classified as critical, has been found in VMware SALT. This issue affects the function find_file. The manipulation leads to permission issues. The identification of this vulnerability is CVE-2025-22240. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in VMware SALT. This vulnerability affects unknown code. The manipulation leads to use of a one-way hash with a predictable salt. This vulnerability was named CVE-2024-38822. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in VMware SALT. This affects an unknown part. The manipulation leads to authentication bypass by capture-replay. This vulnerability is uniquely identified as CVE-2024-38823. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto GlobalProtect App up to 6.0.0/6.1.0/6.2.8-h1/6.3.2-565/11.2.6. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Endpoint Traffic Policy Enforcement. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2025-4227. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in VMware SALT. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component salt.auth.pki. The manipulation of the argument Password leads to improper certificate validation. This vulnerability is known as CVE-2024-38825. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

HiddenLayer’s security research team has uncovered TokenBreak, a novel attack technique that bypasses AI text classification models by exploiting tokenization strategies. This vulnerability affects models designed to detect malicious inputs like prompt injection, spam, and toxic content, leaving protected systems exposed to attacks they were meant to prevent. Technical Breakdown of TokenBreak According to the […]

The post TokenBreak Exploit Tricks AI Models Using Minimal Input Changes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WebDAV) protocol, tracked as CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon since March 2025. The flaw, patched in June’s Patch Tuesday, enables remote code execution (RCE) via manipulated .url shortcut files and has been linked to attacks […]

The post WebDAV Remote Code Execution 0-Day Actively Exploited — PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.