Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
Sat, 14 Jun 2025 08:15:00 +0530
A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan.
“Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined the ClickFix
https://thehackernews.com/2025/06/discord-invite-link-hijacking-delivers.html
Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
Fri, 13 Jun 2025 19:42:00 +0530
Cybersecurity researchers are calling attention to a “large-scale campaign” that has been observed compromising legitimate websites with malicious JavaScript injections.
According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an “esoteric and educational programming style” that uses only a limited set of characters to write and execute code.
https://thehackernews.com/2025/06/over-269000-websites-infected-with.html
In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost
Fri, 13 Jun 2025 13:31:07 +0000
Noteworthy stories that might have slipped under the radar: Cloudflare outage not caused by cyberattack, Dutch police identified 126 users of Cracked.io, the Victoria’s Secret cyberattack has cost $10 million.
The post In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-cloudflare-outage-cracked-io-users-identified-victorias-secret-cyberattack-cost/
TeamFiltration Abused in Entra ID Account Takeover Campaign
Fri, 13 Jun 2025 12:10:32 +0000
Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts.
The post TeamFiltration Abused in Entra ID Account Takeover Campaign appeared first on SecurityWeek.
https://www.securityweek.com/teamfiltration-abused-in-entra-id-account-takeover-campaign/
Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday
Fri, 13 Jun 2025 11:36:55 +0000
Industry professionals comment on the Trump administration’s new executive order on cybersecurity.
The post Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek.
https://www.securityweek.com/industry-reactions-to-trump-cybersecurity-executive-order-feedback-friday/
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
Fri, 13 Jun 2025 16:32:00 +0530
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider.
“This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp
https://thehackernews.com/2025/06/ransomware-gangs-exploit-unpatched.html
SimpleHelp Vulnerability Exploited Against Utility Billing Software Users
Fri, 13 Jun 2025 10:37:39 +0000
CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers.
The post SimpleHelp Vulnerability Exploited Against Utility Billing Software Users appeared first on SecurityWeek.
https://www.securityweek.com/simplehelp-vulnerability-exploited-against-utility-billing-software-users/
CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
Fri, 13 Jun 2025 16:00:00 +0530
Introduction: Security at a Tipping Point
Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based thinking, known threats, and manageable alert volumes. But today’s threat landscape doesn’t play by those rules. The sheer volume of telemetry, overlapping tools, and automated alerts has pushed traditional SOCs to the edge. Security teams are overwhelmed,
https://thehackernews.com/2025/06/ctem-is-new-soc-shifting-from.html
Fog Ransomware Attack Employs Unusual Tools
Fri, 13 Jun 2025 10:04:55 +0000
Multiple legitimate, unusual tools were used in a Fog ransomware attack, including one employed by Chinese hacking group APT41.
The post Fog Ransomware Attack Employs Unusual Tools appeared first on SecurityWeek.
https://www.securityweek.com/fog-ransomware-attack-employs-unusual-tools/
Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking
Fri, 13 Jun 2025 08:29:34 +0000
Mitel has announced patches for a MiCollab path traversal vulnerability that can be exploited remotely without authentication.
The post Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking appeared first on SecurityWeek.
https://www.securityweek.com/critical-vulnerability-exposes-many-mitel-micollab-instances-to-remote-hacking/
Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption
Fri, 13 Jun 2025 08:02:55 +0000
Trend Micro patches critical-severity Apex Central and Endpoint Encryption PolicyServer flaws leading to remote code execution.
The post Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption appeared first on SecurityWeek.
https://www.securityweek.com/critical-vulnerabilities-patched-in-trend-micro-apex-central-endpoint-encryption-policyserver/
ZeroRISC Raises $10 Million for Open Source Silicon Security Solutions
Fri, 13 Jun 2025 07:22:35 +0000
ZeroRISC has raised $10 million in seed funding for production-grade open source silicon security, built on OpenTitan designs.
The post ZeroRISC Raises $10 Million for Open Source Silicon Security Solutions appeared first on SecurityWeek.
https://www.securityweek.com/zerorisc-raises-10-million-for-open-source-silicon-security-solutions/
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Fri, 13 Jun 2025 12:33:00 +0530
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks.
The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1,
https://thehackernews.com/2025/06/apple-zero-click-flaw-in-messages.html
WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
Thu, 12 Jun 2025 23:17:00 +0530
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that’s designed to distribute malicious content.
“VexTrio is a group of malicious adtech companies that distribute scams and harmful software via
https://thehackernews.com/2025/06/wordpress-sites-turned-weapon-how.html
Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones
Thu, 12 Jun 2025 15:24:15 +0000
Citizen Lab publishes forensic proof that spyware maker Paragon can compromise up-to-date iPhones. Journalists in Europe among victims.
The post Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones appeared first on SecurityWeek.
https://www.securityweek.com/paragon-graphite-spyware-linked-to-zero-click-hacks-on-newest-iphones/
The AI Arms Race: Deepfake Generation vs. Detection
Thu, 12 Jun 2025 14:07:56 +0000
AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up.
The post The AI Arms Race: Deepfake Generation vs. Detection appeared first on SecurityWeek.
https://www.securityweek.com/deepfakes-and-the-ai-battle-between-generation-and-detection/
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
Thu, 12 Jun 2025 19:22:00 +0530
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change.
“The TokenBreak attack targets a text classification model’s tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented
https://thehackernews.com/2025/06/new-tokenbreak-attack-bypasses-ai.html
AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
Thu, 12 Jun 2025 18:36:00 +0530
AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying attention.
Behind every AI agent, chatbot, or automation script lies a growing number of non-human identities — API keys, service accounts, OAuth tokens — silently operating in the background.
And here’s
https://thehackernews.com/2025/06/ai-agents-run-on-secret-accounts-learn.html
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Thu, 12 Jun 2025 16:41:00 +0530
A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 (M365) Copilot’s context sans any user interaction.
The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been
https://thehackernews.com/2025/06/zero-click-ai-vulnerability-exposes.html
Non-Human Identities: How to Address the Expanding Security Risk
Thu, 12 Jun 2025 16:30:00 +0530
Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a very different world when it comes to Non-human identities also referred to as machine identities. GitGuardian’s end-to-end NHI security platform is here to close the gap.
Enterprises are Losing Track of Their Machine Identities
Machine identities–service
https://thehackernews.com/2025/06/non-human-identities-how-to-address.html