brangberg – Page 387

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly efficient attack pipeline” in recent phishing campaigns, according to new findings from ReliaQuest.
“Axios user agent activity surged 241% from June to August 2025, dwarfing the 85% growth of all other flagged user agents combined,” the cybersecurity company said in a

Exposed Docker APIs Likely Exploited to Build Botnet

Hackers mount the host’s file system into fresh containers, fetch malicious scripts over the Tor network, and block access to the Docker API.

The post Exposed Docker APIs Likely Exploited to Build Botnet appeared first on SecurityWeek.

How External Attack Surface Management helps enterprises manage cyber risk

Shadow assets don’t care about your perimeter. EASM finds every internet-facing asset, surfaces unknowns, and prioritizes real risks—so you can fix exposures before attackers do. See how Outpost24 makes it easy. […]

SAP Patches Critical NetWeaver Vulnerabilities

The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation.

The post SAP Patches Critical NetWeaver Vulnerabilities appeared first on SecurityWeek.

Microsoft: Anti-spam bug blocks links in Exchange Online, Teams

Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs and quarantine some of their emails. […]

Ransomware Losses Climb as AI Pushes Phishing to New Heights

Based on real-world insurance claims, Resilience’s midyear report shows vendor risk is declining but costly, ransomware is evolving with triple extortion, and social engineering attacks are accelerating through AI.

The post Ransomware Losses Climb as AI Pushes Phishing to New Heights appeared first on SecurityWeek.

Ex-WhatsApp Security Chief Sues Meta Over Vulnerabilities, Retaliation

Attaullah Baig has filed a lawsuit against Meta and its executives, accusing them of retaliation over critical cybersecurity failures.

The post Ex-WhatsApp Security Chief Sues Meta Over Vulnerabilities, Retaliation appeared first on SecurityWeek.

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. […]

160,000 Impacted by Wayne Memorial Hospital Data Breach

In May 2024, hackers stole names, Social Security numbers, financial information, and protected health information from the hospital’s systems.

The post 160,000 Impacted by Wayne Memorial Hospital Data Breach appeared first on SecurityWeek.

RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities

A new Android malware called RatOn evolved from a basic tool capable of conducting Near Field Communication (NFC) attacks to a sophisticated remote access trojan with Automated Transfer System (ATS) capabilities to conduct device fraud.
“RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality – making it a uniquely powerful threat,” the Dutch mobile

Author: brangberg