The following is the information on Yara and Snort rules (week 4, March 2025) collected and shared by the AhnLab TIP service. 10 YARA Rules Detection name Description Source PK_Alibaba_whizkossy...
Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media...
Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows...
NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems
This guide is part of a collaboration between Bellingcat and Evident on detecting AI-generated products. You can watch Evident’s video here. Sipping coffee from a mug carved from mineral rock, its...
The New America Open Technology Institute report comes amid DOGE access to sensitive government agency information that has alarmed experts. The post Privacy-boosting tech could prevent breaches,...
Ramat Gan, Israel, 25th March 2025, CyberNewsWire
A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. [...]
Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years
Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between...
Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools
Cybercriminals exploit AbyssWorker driver to disable EDR systems, deploying MEDUSA ransomware with revoked certificates for stealthy attacks.
A new phishing campaign targets Counter-Strike 2 players utilizing Browser-in-the-Browser (BitB) attacks that display a realistic window that mimics Steam's login page. [...]
The President directed state and local governments to better protect essential infrastructure. The effort to change this infrastructure in a short amount of time may cause unprecedented risk to...
New Android malware campaigns use Microsoft's cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. [...]
The FDD urged President Donald Trump to concentrate on the People’s Republic of China’s state-owned enterprises (SOEs), highlighting... The post FDD calls on Trump to address threats from China’s...
Following reports of a large-scale cyberattack targeting Ukrzaliznytsia, Ukraine’s state-owned railway operator, Kyiv’s central railway station was reportedly... The post Ukraine’s Ukrzaliznytsia...
Malaysia Airports Holdings Berhad (MAHB) recently became the target of a cyberattack, causing disruption to its digital systems. The MAHB cyberattack, which occurred in late March 2025, involved...
Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes
Abusing of Telegram to spy and put pressure on their victims’ employees, notifying the victims by printing messages on printers connected to a compromised network – we publish interesting details...
The Kaspersky financial threat report for 2024 contains the main trends and statistics on financial phishing and scams, mobile and PC banking malware, as well as recommendations on how to protect...
Union County, Pennsylvania, has fallen victim to a ransomware attack that compromised personal information belonging to its more than 40,000 residents. The Union County Cyberattack, discovered on...
Australian businesses may be underestimating the severity of cybersecurity risks, a new survey reveals. According to the Datacom State of Cybersecurity Index for 2025, conducted by Tech Research...
A powerful cyberattack paralyzed Ukraine's state railway service's online ticketing system, causing long queues at stations on Monday. Ukrainian officials have hinted that Ukraine railway...
Hong Kong has passed a cybersecurity law aimed at strengthening the city’s critical infrastructure against cyber threats. The new legislation, titled the Protection of Critical Infrastructures...
Authored by Dexter Shin Summary Cybercriminals are constantly evolving their techniques to bypass security measures. Recently, the McAfee Mobile Research... The post New Android Malware Campaigns...
In-game skins are more than just cosmetic upgrades, they’re a core part of gaming culture. Whether you’re looking…
A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500...
South Africa’s largest chicken producer lost more than $1 million due to a recent cyberattack that caused delivery delays and other issues.
Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser. The native data security control is designed to prevent...