An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. […]
Spain arrests hackers who targeted politicians and journalists
The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country’s government. […]
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics.
“Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol,”
“Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol,”
Cisco warns that Unified CM has hardcoded root SSH credentials
Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. […]
Citrix warns of login issues after NetScaler auth bypass patch
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances. […]
Forminator plugin flaw exposes WordPress sites to takeover attacks
The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks. […]
Microsoft fixes ‘Print to PDF’ feature broken by Windows update
Microsoft has fixed a known bug that breaks the ‘Print to PDF’ feature on Windows 11 24H2 systems after installing the April 2025 preview update. […]
Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response
Ransomware is a major threat to the enterprise. Tools and training help, but survival depends on one thing: your organization’s muscle memory to respond fast and recover stronger.
The post Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response appeared first on SecurityWeek.
US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’
The United States has warned of continued Iranian cyberattacks following American strikes on Iran’s nuclear facilities.
The post US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’ appeared first on SecurityWeek.
Dozens of fake wallet add-ons flood Firefox store to drain crypto
More than 40 fake extensions in Firefox’s official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data. […]