June 2025 – Page 13

Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials.
Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code written in JavaScript on the Outlook login page –

Those that save collected data to a local file

Between Buzz and Reality: The CTEM Conversation We All Need

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it.
Let me introduce them.
Alex Delay, CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead, Director of Cybersecurity at Avidity

Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives

The future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk.

The post Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives appeared first on SecurityWeek.

Prometei Botnet Activity Spikes

Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet.

The post Prometei Botnet Activity Spikes appeared first on SecurityWeek.

Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network

Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments.
“Attackers are exploiting misconfigured Docker APIs to gain access to containerized environments, then using Tor to mask their activities while deploying crypto miners,” Trend Micro researchers Sunil Bharti and Shubham Singh said in an

Chinese APT Hacking Routers to Build Espionage Infrastructure

A Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure.

The post Chinese APT Hacking Routers to Build Espionage Infrastructure appeared first on SecurityWeek.

Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play

Newly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices.

The post Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play appeared first on SecurityWeek.

U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns.
The development was first reported by Axios.
The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app’s security.
“The Office of Cybersecurity has deemed WhatsApp a high-risk to users

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two new malware families dubbed BEARDSHELL and COVENANT.
BEARDSHELL, per CERT-UA, is written in C++ and offers the ability to download and execute PowerShell scripts, as well as upload the results of the

Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams

Tech support scammers are using sponsored ads and search parameter injection to trick users into calling them.

The post Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams appeared first on SecurityWeek.

Month: June 2025