IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers. […]
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the trusted Google platform ‘Google Apps Script’ to host phishing pages, making them appear legitimate and eliminating the risk of them getting flagged by security tools. […]
Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries
Active since at least 2023 and tracked as Earth Lamia, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors.
The post Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries appeared first on SecurityWeek.
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple’s Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. […]
Unbound Raises $4 Million to Secure Gen-AI Adoption
Security startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly.
The post Unbound Raises $4 Million to Secure Gen-AI Adoption appeared first on SecurityWeek.
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools
Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and Lucky_Gh0$t ransomware families, and a new malware dubbed Numero.
“CyberLock ransomware, developed using PowerShell, primarily focuses on encrypting specific files on the victim’s system,” Cisco Talos researcher Chetan
“CyberLock ransomware, developed using PowerShell, primarily focuses on encrypting specific files on the victim’s system,” Cisco Talos researcher Chetan
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans. […]
GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability
Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans.
The post GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability appeared first on SecurityWeek.
Cybercriminals exploit AI hype to spread ransomware, malware
Threat actors linked to lesser-known ransomware and malware projects now use AI tools as lures to infect unsuspecting victims with malicious payloads. […]
Attackers are mapping your attack surface—are you?
Attackers are mapping your infrastructure before you even realize what’s exposed. Sprocket ASM flips the script — giving you the same recon capabilities they use, plus change detection and actionable insights to close gaps fast. See your attack surface the way hackers do and beat them to it. […]