A Ukrainian national has been extradited from Spain to the United States to face charges over allegedly conducting Nefilim ransomware attacks against companies. […]
Harrods the next UK retailer targeted in a cyberattack
London’s iconic department store, Harrods, has confirmed it was targeted in a cyberattack, becoming the third major UK retailer to report cyberattacks in a week following incidents at M&S and the Co-op. […]
Malicious PyPI packages abuse Gmail, websockets to hijack systems
Seven malicious PyPi packages were found using Gmail’s SMTP servers and WebSockets for data exfiltration and remote command execution. […]
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers
Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin.
The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code.
“Pinging functionality that can report back to a command-and-control (C&C) server
The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code.
“Pinging functionality that can report back to a command-and-control (C&C) server
Canadian Electric Utility Hit by Cyberattack
Nova Scotia Power and Emera are responding to a cybersecurity incident that impacted IT systems and networks.
The post Canadian Electric Utility Hit by Cyberattack appeared first on SecurityWeek.
Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools
The advantages AI tools deliver in speed and efficiency are impossible for developers to resist. But the complexity and risk created by AI-generated code can’t be ignored.
The post Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools appeared first on SecurityWeek.
More Details Come to Light on Commvault Vulnerability Exploitation
Commvault has shared indicators of compromise associated with the exploitation of a vulnerability by state-sponsored hackers.
The post More Details Come to Light on Commvault Vulnerability Exploitation appeared first on SecurityWeek.
Why top SOC teams are shifting to Network Detection and Response
Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,
Chinese APT’s Adversary-in-the-Middle Tool Dissected
ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.
The post Chinese APT’s Adversary-in-the-Middle Tool Dissected appeared first on SecurityWeek.
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an “influence-as-a-service” operation to engage with authentic accounts across Facebook and X.
The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating a
The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating a