Eurail has confirmed that the stolen data is up for sale, but it’s still trying to determine how many individuals are impacted.
The post Hackers Offer to Sell Millions of Eurail User Records appeared first on SecurityWeek.
What 5 Million Apps Revealed About Secrets in JavaScript
Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery – until now. Intruder’s research team built a new secrets detection method and scanned 5 million applications specifically looking for secrets hidden in JavaScript bundles. Here’s what we learned. […]
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. […]
API Threats Grow in Scale as AI Expands the Blast Radius
New research shows attackers increasingly abusing APIs at machine speed as AI-driven systems widen exposure and amplify impact.
The post API Threats Grow in Scale as AI Expands the Blast Radius appeared first on SecurityWeek.
Man Linked to Phobos Ransomware Arrested in Poland
Polish police said they found evidence of cybercrime on the 47-year-old suspect’s devices.
The post Man Linked to Phobos Ransomware Arrested in Poland appeared first on SecurityWeek.
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC.
“The threat actors cloned a legitimate Oura MCP Server – a tool that connects AI assistants to Oura Ring health data – and built a deceptive
“The threat actors cloned a legitimate Oura MCP Server – a tool that connects AI assistants to Oura Ring health data – and built a deceptive
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster
Cloud attacks move fast — faster than most incident response teams.
In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins.
Cloud forensics is fundamentally
In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins.
Cloud forensics is fundamentally
Poland arrests suspect linked to Phobos ransomware operation
Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware group and seized computers and mobile phones containing stolen credentials, credit card numbers, and server access data. […]
My Day Getting My Hands Dirty with an NDR System
My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now?
My objective
As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (
3 Threat Groups Started Targeting ICS/OT in 2025: Dragos
Industrial cybersecurity firm Dragos has published its 9th Year in Review OT/ICS Cybersecurity Report.
The post 3 Threat Groups Started Targeting ICS/OT in 2025: Dragos appeared first on SecurityWeek.