Blog – Page 117 – Cyber Mike

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors.
Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched.

The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek.

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month. […]

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation.

Read the full technical breakdown in the Security Intelligence Brief. Download now →
The “First-Hop Bias” Blind Spot
Most&

Cisco Patches Critical Vulnerabilities in Webex, ISE

The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS.

The post Cisco Patches Critical Vulnerabilities in Webex, ISE appeared first on SecurityWeek.

Ransomware Hits Automotive Data Expert Autovista

The automotive analysis and data company is working with external experts to investigate the attack.

The post Ransomware Hits Automotive Data Expert Autovista appeared first on SecurityWeek.

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’.

The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.

US nationals behind DPRK IT worker ‘laptop farm’ sent to prison

Two U.S. nationals have been sent to prison for helping North Korean remote information technology (IT) workers to pose as U.S. residents and get hired by over 100 companies across the country, including many Fortune 500 firms. […]

Microsoft: April Windows Server 2025 update may fail to install

Microsoft is investigating an issue causing this month’s KB5082063 security update to fail to install on some Windows Server 2025 systems. […]

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp.
The activity, which was observed between March and April

Cyber News