ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. […]
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024.
“The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,'” Cisco Talos researchers Azim Khodjibaev, Chetan
“The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,'” Cisco Talos researchers Azim Khodjibaev, Chetan
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. […]
Chinese hackers target Russian govt with upgraded RAT malware
Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. […]
7 Steps to Take After a Credential-Based cyberattack
Hackers don’t break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike. […]
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. […]
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader.
“Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.
The
“Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.
The
In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged
Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US.
The post In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged appeared first on SecurityWeek.
Cy4Data Labs Raises $10 Million to Secure Data in Use
Data protection firm Cy4Data Labs has raised $10 million in a Series A funding round led by Pelion Venture Partners.
The post Cy4Data Labs Raises $10 Million to Secure Data in Use appeared first on SecurityWeek.
Live Events Giant Legends International Hacked
Legends International says the personal information of employees and customers was compromised as a result of a cyberattack.
The post Live Events Giant Legends International Hacked appeared first on SecurityWeek.