Security
Headlines
HeadlinesLatestCVEs

Latest News

Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System

After an attack on Iran’s Sepah bank, the hyper-aggressive Israel-linked hacker group has now destroyed more than $90 million held at Iranian crypto exchange Nobitex.

Wired
Open in Source
#web#google#intel
Fake bank ads on Instagram scam victims out of money

Several Instagram ads have been found impersonating banks, including the usage of deepfake videos to defraud consumers.

1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub

A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network. "The campaigns resulted in a multi-stage attack chain targeting Minecraft users specifically," Check Point researchers Jaromír Hořejší and Antonis Terefos said in a report shared with The Hacker News. "The malware was

The importance of managing your SEO strategy in a safe way

As SEO leans towards AI, site owners are more in need of third-party tools, and agencies and updating…

How CISOs Can Govern AI & Meet Evolving Regulations

Security teams are no longer just the last line of defense — they are the foundation for responsible AI adoption.

Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks

An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.

GHSA-crvv-6w6h-cv34: Grafana long dashboard title or panel name causes unresponsives

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

WormGPT Makes a Comeback Using Jailbroken Grok and Mixtral Models

Cato CTRL uncovers new WormGPT variants on Telegram powered by jailbroken Grok and Mixtral. Learn how cybercriminals jailbreak top LLMs for uncensored, illegal activities in this latest threat research.

FedRAMP at Startup Speed: Lessons Learned

For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is reserved for the well-resourced enterprise. But that’s changing. In this post, we break down how fast-moving startups can realistically achieve FedRAMP Moderate authorization without derailing

Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign

Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. "The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence on infected systems," Trend Micro researchers Jovit Samaniego, Aira Marcelo, Mohamed