Tag: cyber
-
Fake CAPTCHA Attacks Exploit Key Entry Point for LummaStealer Malware
Fake CAPTCHA attacks are now a key entry point for a new wave of LummaStealer infections, with CastleLoader loaders turning simple web clicks into full system compromise. Less than a year after a major law-enforcement takedown, the infostealer’s operators have rebuilt at scale and are again harvesting credentials, crypto wallets, and personal data worldwide. LummaStealer…
-
Promptware Hackers Exploit Google Calendar Invites to Stealthily Stream Victim’s Camera via Zoom
A new era of AI vulnerability has arrived, and it is far more dangerous than simply tricking a chatbot into saying something rude. New research released this week demonstrates how attackers can weaponize everyday tools such as Google Calendar and Zoom to spy on users without ever prompting them to click a link. In a…
-
Cybercriminals Exploit Employee Monitoring and SimpleHelp Tools in Ransomware Attacks
Tags: attack, control, corporate, cyber, cybercrime, exploit, monitoring, network, ransomware, threat, toolThreat actors are abusing legitimate remote monitoring tools to hide inside corporate networks and launch ransomware attacks. Net Monitor for Employees Professional is a commercial workforce monitoring tool by NetworkLookout that offers remote screen viewing, full remote control, file management, shell command execution, and stealth deployment. While intended for productivity oversight, these rich administrative capabilities make it…
-
Apple 0-Day Flaw Actively Exploited in Targeted Cyberattacks on Individuals
Apple has released emergency security updates for iOS and iPadOS to fix a critical >>zero-day<>extremely sophisticated<< cyberattacks targeting specific individuals. The Critical Flaw: CVE-2026-20700 The vulnerability […] The post Apple 0-Day Flaw Actively Exploited in Targeted Cyberattacks on Individuals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on…
-
DHS Funding Lapse Would Sideline Federal Cyber Staff
Acting Chief Tells Lawmakers Most Staff Would Be Furloughed Amid Partial Shutdown. More than half of the U.S. cyber defense agency’s workforce would be furloughed under a DHS funding lapse, the agency’s acting chief warned Wednesday, pausing incident reporting rulemaking, security assessments and proactive cyber programs while significantly limiting operations. First seen on govinfosecurity.com Jump…
-
Singapore Mounts Largest-Ever Coordinated Cyber Defense
Singapore Signals Heightened Vigilance Against State-Linked Threat Actors. Singapore conducted a yearlong, multi-agency cyber defense operation to expel UNC3886 from all four major telecom providers after the advanced threat actor accessed segments of critical communications infrastructure and extracted limited technical data without disrupting services. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/singapore-mounts-largest-ever-coordinated-cyber-defense-a-30737
-
Sophos Targets Compliance and Risk With Arco Cyber Purchase
UK Rollout to Link Arco’s Cybersecurity Assurance With Sophos’s Threat Intelligence. Sophos acquired Arco to expand into cybersecurity assurance and compliance, launching a new CISO Advantage capability. The company plans a phased rollout starting in the U.K., integrating Arco’s risk and regulatory mapping platform with Sophos Central and its global threat intelligence operations. First seen…
-
Interim CISA chief: ‘When the government shuts down, cyber threats do not’
A shutdown would “degrade our capacity to provide timely and actionable guidance to help partners defend their networks,” acting CISA Director Madhu Gottumukkala told the House Appropriations Homeland Security subcommittee. First seen on therecord.media Jump to article: therecord.media/interim-cisa-chief-tells-congress-threats-continue-during-shutdown
-
Interim CISA chief: ‘When the government shuts down, cyber threats do not’
A shutdown would “degrade our capacity to provide timely and actionable guidance to help partners defend their networks,” acting CISA Director Madhu Gottumukkala told the House Appropriations Homeland Security subcommittee. First seen on therecord.media Jump to article: therecord.media/interim-cisa-chief-tells-congress-threats-continue-during-shutdown
-
Interim CISA chief: ‘When the government shuts down, cyber threats do not’
A shutdown would “degrade our capacity to provide timely and actionable guidance to help partners defend their networks,” acting CISA Director Madhu Gottumukkala told the House Appropriations Homeland Security subcommittee. First seen on therecord.media Jump to article: therecord.media/interim-cisa-chief-tells-congress-threats-continue-during-shutdown
-
The Security Interviews: Mick Baccio, Splunk
Mick Baccio, global security advisor at Splunk SURGe and Cisco Foundation AI, reveals how the experience of running cyber on a dime for a US presidential campaign has informed how he does security, and why the basics still matter First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638842/The-Security-Interviews-Mick-Baccio-Splunk
-
Proactive strategies for cyber resilience with Wazuh
Cyber resilience means anticipating threats, detecting them early, and recovering fast when incidents occur. Wazuh shows how its open source SIEM and XDR unify visibility, detection, and automated response to strengthen proactive defense. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/proactive-strategies-for-cyber-resilience-with-wazuh/
-
Google Warns of ‘Relentless’ Cyber Siege on Defense Industry
Nation State Hackers Escalating Attacks on US Defense Industrial Base, Report Says. A new report from Google Threat Intelligence Group warns that state-backed hackers are escalating attacks on the defense industrial base, shifting from classic espionage to supply-chain compromise, workforce infiltration and battlefield-adjacent cyber operations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/google-warns-relentless-cyber-siege-on-defense-industry-a-30729
-
Cyber Command, NSA nominee Rudd advances to Senate floor
The Senate Armed Services Committee, which shares jurisdiction over the nomination due to the “dual-hat” leadership structure that governs both entities, approved Rudd by voice vote last month. First seen on therecord.media Jump to article: therecord.media/cyber-command-nsa-nominee-rudd-advances-to-senate
-
Writing Ransomware Using AI to Get Rich? Don’t Bet the Farm
Attackers that want to use artificial intelligence tools to build ransomware or help run their cyber operations risk getting much less than they bargained for, said security expert Candid Wuest, in part because they’ll still rely on known tactics that can be readily spotted and blocked. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/writing-ransomware-using-ai-to-get-rich-dont-bet-farm-i-5523
-
Vega raises $120M Series B to rethink how enterprises detect cyber threats
Vega Security raised $120 million, bringing its valuation to $700 million, in a round led by Accel. The company aims to rethink how enterprises detect cybersecurity threats. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/10/vega-raises-120m-series-b-to-rethink-how-enterprises-detect-cyber-threats/
-
New Cybercrime Group 0APT Accused of Faking Hundreds of Breach Claims
Researchers reveal the new 0APT cyber group is fabricating attacks on large organisations. Learn how they use fake data to trick companies into paying. First seen on hackread.com Jump to article: hackread.com/cybercrime-group-0apt-faking-breach-claims/
-
Singapore telcos breached in China-linked cyber espionage campaign
Singapore’s four major telecommunications companies were hit by a coordinated cyber espionage campaign last year, the country’s Cyber Security Agency (CSA) has revealed. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/10/singapore-telecommunications-unc3886-cyber-espionage/
-
Singapore spent 11 months booting China-linked snoops out of telco networks
Operation Cyber Guardian involved 100-plus staff across government and industry First seen on theregister.com Jump to article: www.theregister.com/2026/02/10/singapore_telco_espionage/
-
Hackers Weaponize 7-Zip Downloads to Turn Home PCs Into Proxy Nodes
A fake website impersonating the popular 7-Zip file archiver has been distributing malicious software that secretly converts infected computers into residential proxy nodes. The counterfeit site has been operating undetected for an extended period, exploiting user trust in what appears to be legitimate software. The scam begins when users accidentally visit 7zip[.]com instead of the…
-
React2Shell Vulnerability Exploited in the Wild, Analysts Warn
React2Shell (CVE-2025-55182) is a critical, pre-auth remote code execution weakness in React Server Components that impacts multiple React versions used across the React 19 ecosystem. WXA Internet Abuse Signal Collective (WXA IASC) is inaugurating To Cache A Predator, a threat research series that correlates global telemetry, enrichment datasets, and honeypot observations to map attacker infrastructure and…
-
SAP Security Patch Day Fixes Critical Code Injection Flaw in SAP CRM and S/4HANA
SAP said the February 10, 2026 Patch Day delivered fixes across multiple SAP products and urged customers to apply patches with priority via the Support Portal to protect their SAP landscape. The highest-risk item highlighted this month is CVE-2026-0488, described as a code injection vulnerability affecting SAP CRM and SAP S/4HANA (Scripting Editor) and tracked…
-
Socelars Malware Targets Windows Systems to Steal Sensitive Data
Security researchers are tracking Socelars, an information-stealing Trojan aimed at Windows users that focuses on quietly harvesting browser-based access rather than damaging files. The malware is designed to collect authenticated session data and other system identifiers that can let attackers reuse a victim’s existing “logged-in” state to reach online services.”‹ Public reporting has linked Socelars to…
-
APT36 Targets Linux Systems With New Tools Designed to Disrupt Services
Critical infrastructure worldwide faces mounting threats from sophisticated, state-sponsored >>espionage ecosystems.<< These well-funded organizations deploy various tools designed to disrupt essential services and gather intelligence. Some launch denial-of-service (DDoS) attacks against transport hubs and supply chains. In contrast, others seek geopolitical advantage by mining sensitive information and bypassing traditional security measures. For over a decade,…
-
Threat Actors Weaponize Bing Ads for Azure Tech Support Scams
A sophisticated tech support scam campaign has emerged, exploiting malicious advertisements on Bing search results to redirect victims to fraudulent websites hosted on Microsoft’s Azure Blob Storage platform. The attack, first detected on February 2, 2026, affected users across 48 organizations in the United States within hours, demonstrating the effectiveness of weaponizing legitimate advertising channels…
-
Singapore Takes Down Chinese Hackers Targeting Telco Networks
Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/singapore-takes-down-china-hackers/
-
TeamPCP Turns Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform
Tags: api, attack, cloud, cyber, cybercrime, data-breach, docker, group, infrastructure, kubernetes, malware, threat, vulnerabilityTeamPCP, operating under aliases including PCPcat, ShellForce, and DeadCatx3, emerged in late 2025 as a cloud-native cybercrime operation that transforms misconfigured infrastructure into automated attack platforms. Unlike traditional malware groups, this threat actor doesn’t break into systems they walk through doors left open by exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell-vulnerable…
-
VoidLink Linux C2 Uses LLM-Generated Malware with Kernel-Level Stealth
VoidLink represents a concerning evolution in malware development: a sophisticated Linux command-and-control framework that shows clear signs of being built with AI assistance. This Linux malware operates as a modular implant designed for long-term access to compromised systems. It doesn’t discriminate between cloud providers, actively harvesting credentials from AWS, Google Cloud Platform, Microsoft Azure, Alibaba Cloud, and…
-
NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ncsc-warning-severe-cyberattacks/