A critical security flaw has been discovered in the Linux kernel's nftables subsystem, which is responsible for packet filtering in modern Linux distributions. This flaw, a double-free...
2025-05-05 • Security Chu • Security Chu • elf.akira, win.akira Open article on Malpedia
Texas Attorney General Ken Paxton has reached a $1.375 billion settlement with tech giant Google, marking the largest amount ever recovered by a single state in a data privacy lawsuit. This...
This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 64 threat intelligence reports and compiled a concise summary of each, along with pertinent metadata that...
Celebrate Mother's Day with SentinelOne as we share three working mothers' stories on how they balance parenthood and cybersecurity.
The Bluetooth Special Interest Group (SIG) has announced Bluetooth Core Specification 6.1, bringing important improvements to the popular wireless communication protocol. [...]
ChatGPT's Deep Research, which allows you to conduct multi-step research for complex tasks, is finally getting an option to save the report as a PDF. [...]
The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on...
For manufacturing organizations throughout Europe, the Middle East, and Africa (EMEA), the rapidly changing cyber threat landscape has... The post Forging OT Security Maturity: Building Cyber...
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition...
Germany's Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money...
Microsoft is working on adding a new Teams feature that will prevent users from capturing screenshots of sensitive information shared during meetings. [...]
The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.
The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.
Plus: A DOGE operative’s laptop reportedly gets infected with malware, Grok AI is used to “undress” women on X, a school software company’s ransomware nightmare returns, and more.
Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called 'Noodlophile,' under the guise of generated media content. [...]
This new security feature will make your Android phone more difficult to access if you haven't used it in a while.
CVE-2025-31324 impacts SAP NetWeaver's Visual Composer Framework. We share our observations on this vulnerability using incident response cases and telemetry. The post Threat Brief: CVE-2025-31324...
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that's powered by thousands of infected Internet of Things (IoT) and end-of-life...
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal...
The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge....
The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge....
A joint U.S.-Dutch law enforcement operation has taken down a botnet-for-hire that was comprised of thousands of end-of-life routers. The U.S. Department of Justice (DOJ) announcement came two...
Cyberthreats like ransomware, phishing and fraud can be creepy and unsettling. But far more creepy—and potentially dangerous—is the growing use of stalkerware. Learn what stalkerware is and its...
Sens. Cassidy and Rosen cite the possibility that the use of DeepSeek to carry out contract work may put sensitive federal data in the hands of the Chinese government. The post Senators move to...
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices.
A CBP spokesperson tells WIRED that the agency plans to expand its program for real-time face recognition at the border, potentially aiding Trump administration efforts to track people who self-deport.
Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since...
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity...
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code...