2025-04-02 • ANALYST1 • analyst1 • elf.blackbasta, win.blackbasta Open article on Malpedia
2025-04-08 • Trustwave • Nikita Kazymirskyi, Serhii Melnyk • elf.blackbasta, win.blackbasta Open article on Malpedia
Read SentinelOne's response to President Donald Trump's Executive Order dated April 9, 2025 here.
OpenAI is preparing to launch as many as three new AI models, possibly called "o4-mini", "o4-mini-high" and "o3". [...]
The initial intrusion vector was an SMS phishing campaign that spoofed internal IT notifications to harvest user credentials and MFA codes. Atlas Lion then enrolled a VM from their Azure tenant...
Cyber threats are becoming increasingly sophisticated and frequent, and the protection of critical infrastructure has never been more important. Australia... The post SOCI Act: Strengthening...
The executive order also eliminates security clearances for SentinelOne employees. The post Trump signs order stripping Chris Krebs of security clearance appeared first on CyberScoop.
Sensata Technologies, a U.S.-based manufacturer or industrial technologies with operations in about a dozen countries, told federal regulators that a recent ransomware attack disrupted key systems.
A hacker using the alias “Satanic” claims a WooCommerce data breach via a third party, selling data on…
One CVE was used against “a small number of targets.” Windows 10 users needed to wait a little bit for their patches.
The U.S. Treasury Department’s Office of the Comptroller of the Currency (OCC) has notified Congress of “a major information security incident” involving threat actor access to about 150,000...
You may not be the intended target of these malicious apps masquerading as legitimate programs - but you can still be their victim.
Cybercriminals constantly evolve their threat tactics and strategies, using the latest technologies available to them to bypass traditional email security solutions. Gain insight into the topics...
Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to...
Company didn't notice its chatbot was being abused for (at least) 4 months.
A new survey from Malwarebytes reveals that most people are worried about their personal data being misused by corporations. But it doesn't have to be a losing battle. Here's how to better protect...
Copilot on Windows 11 is testing OS-level integration that would allow you to share your favourite apps' screen with Copilot. [...]
Microsoft warns CVE-2025-29824 lets attackers with user access escalate privileges to deploy ransomware via a flaw in Windows CLFS.
The list of 1,223 victims in 51 countries hints at the “true scale of the spyware problem,” per one researcher.
The Israeli spyware maker, still on the US Commerce Department’s “blacklist,” has hired a new lobbying firm with direct ties to the Trump administration, a WIRED investigation has found.
In a joint advisory with Western allies, the National Cyber Security Centre sounded the alarm about variants of BADBAZAAR and MOONSHINE. The post BadBazzar and Moonshine malware targets Taiwanese,...
In a joint advisory with Western allies, the National Cyber Security Centre sounded the alarm about variants of BADBAZAAR and MOONSHINE. The post BadBazaar and Moonshine malware targets Taiwanese,...
Google has quietly launched Firebase Studio, which is a cloud-based AI-powered integrated development environment that lets you build full-fledged apps using prompts. [...]
A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver a previously undocumented malware...
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management...
The OCC said the February incident resulted in the theft of “highly sensitive information" tied to the financial conditions of federally regulated institutions. The post Treasury bureau notifies...
Sean Plankey's nomination to head up CISA will be blocked, for now.
Human rights non-profit Amnesty International urged Thai authorities this week to investigate claims of state-sponsored cyberattacks against human rights organizations and pro-democracy activists...
Cybersecurity researchers have identified a new spam campaign driven by ‘AkiraBot,’ an AI-powered bot that targets small business…
Cybersecurity researchers have identified a new spam campaign driven by ‘AkiraBot,’ an AI-powered bot that targets small business…