Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
Sat, 05 Jul 2025 11:42:00 +0530
Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China.
The alert comes following an inspection of these apps carried out in coordination with the Ministry of Justice Investigation Bureau (MJIB) and the Criminal
https://thehackernews.com/2025/07/taiwan-nsb-alerts-public-on-data-risks.html
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS
Sat, 05 Jul 2025 11:14:00 +0530
Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts.
“The attacker used a modified version of XMRig with a hard-“coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders,” Wiz researchers Yaara Shriki and Gili
https://thehackernews.com/2025/07/alert-exposed-jdwp-interfaces-lead-to.html
NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors
Fri, 04 Jul 2025 18:29:00 +0530
Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China.
According to QiAnXin’s RedDrip Team, the threat actor has been active since 2023 and has switched network
https://thehackernews.com/2025/07/nighteagle-apt-exploits-microsoft.html
In Other News: Hacker Helps Kill Informants, Crylock Developer Sentenced, Ransomware Negotiator Probed
Fri, 04 Jul 2025 10:30:39 +0000
Noteworthy stories that might have slipped under the radar: drug cartel hires hacker to identify FBI informants, prison time for Russian ransomware developer, ransomware negotiator investigated.
The post In Other News: Hacker Helps Kill Informants, Crylock Developer Sentenced, Ransomware Negotiator Probed appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-hacker-helps-kill-informants-crylock-developer-sentenced-ransomware-negotiator-probed/
Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It
Fri, 04 Jul 2025 15:01:00 +0530
Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom GenAI workflows are creating new, hidden ways for sensitive enterprise data to leak—and most teams don’t even realize it.
If you’re building, deploying, or managing AI systems, now is the time to ask: Are your AI agents exposing confidential data
https://thehackernews.com/2025/07/your-ai-agents-might-be-leaking-data.html
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
Fri, 04 Jul 2025 15:00:00 +0530
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines.
A brief description of the vulnerabilities is below –
CVE-2025-32462 (CVSS score: 2.8) – Sudo before 1.9.17p1, when used with a sudoers file that specifies a host
https://thehackernews.com/2025/07/critical-sudo-vulnerabilities-let-local.html
Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission
Fri, 04 Jul 2025 12:47:00 +0530
Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users’ cellular data when they were idle to passively send information to the company.
The verdict marks an end to a legal class-action complaint that was originally filed in August 2019.
In their lawsuit, the plaintiffs argued that Google’s Android operating system
https://thehackernews.com/2025/07/google-ordered-to-pay-314m-for-misusing.html
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
Thu, 03 Jul 2025 21:32:00 +0530
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN.
The identified apps were designed to load out-of-context ads on a user’s screen and hide their icons from the device home screen launcher, making it harder for victims to remove them, per the company’s Satori Threat Intelligence and Research Team. The apps have
https://thehackernews.com/2025/07/mobile-security-alert-352-iconads-fraud.html
Undetectable Android Spyware Backfires, Leaks 62,000 User Logins
Thu, 03 Jul 2025 11:29:39 +0000
A vulnerability in the Catwatchful spyware allowed a security researcher to retrieve the usernames and passwords of over 62,000 accounts.
The post Undetectable Android Spyware Backfires, Leaks 62,000 User Logins appeared first on SecurityWeek.
https://www.securityweek.com/undetectable-android-spyware-backfires-leaks-62000-user-logins/
Cisco Warns of Hardcoded Credentials in Enterprise Software
Thu, 03 Jul 2025 11:26:02 +0000
Hardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root.
The post Cisco Warns of Hardcoded Credentials in Enterprise Software appeared first on SecurityWeek.
https://www.securityweek.com/cisco-warns-of-hardcoded-credentials-in-enterprise-software/
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
Thu, 03 Jul 2025 16:23:00 +0530
Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ digital assets at risk.
“These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox
https://thehackernews.com/2025/07/over-40-malicious-firefox-extensions.html
The Hidden Weaknesses in AI SOC Tools that No One Talks About
Thu, 03 Jul 2025 16:00:00 +0530
If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, not all AI is created equal. Many solutions rely on pre-trained AI models that are hardwired for a handful of specific use cases. While that might work for yesterday’s SOC, today’s reality is different.
Modern security operations teams face a
https://thehackernews.com/2025/07/the-hidden-weaknesses-in-ai-soc-tools.html
North Korean Hackers Use Fake Zoom Updates to Install macOS Malware
Thu, 03 Jul 2025 10:19:02 +0000
SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor.
The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek.
https://www.securityweek.com/north-korean-hackers-use-fake-zoom-updates-to-install-macos-malware/
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
Thu, 03 Jul 2025 14:55:00 +0530
The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices.
The campaign, detected at the beginning of
https://thehackernews.com/2025/07/chinese-hackers-exploit-ivanti-csa-zero.html
Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response
Wed, 02 Jul 2025 13:40:28 +0000
Ransomware is a major threat to the enterprise. Tools and training help, but survival depends on one thing: your organization’s muscle memory to respond fast and recover stronger.
The post Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response appeared first on SecurityWeek.
https://www.securityweek.com/like-ransoming-a-bike-organizational-muscle-memory-drives-the-most-effective-response/
US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’
Wed, 02 Jul 2025 13:26:28 +0000
The United States has warned of continued Iranian cyberattacks following American strikes on Iran’s nuclear facilities.
The post US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’ appeared first on SecurityWeek.
https://www.securityweek.com/us-calls-reported-threats-by-pro-iran-hackers-to-release-trump-tied-material-a-smear-campaign/
Cybersecurity M&A Roundup: 41 Deals Announced in June 2025
Wed, 02 Jul 2025 12:25:54 +0000
Forty-one cybersecurity merger and acquisition (M&A) deals were announced in June 2025.
The post Cybersecurity M&A Roundup: 41 Deals Announced in June 2025 appeared first on SecurityWeek.
https://www.securityweek.com/cybersecurity-ma-roundup-41-deals-announced-in-june-2025/
Kelly Benefits Data Breach Impacts 550,000 People
Wed, 02 Jul 2025 11:09:36 +0000
As Kelly Benefits’s investigation into a recent data breach progressed, the number of impacted individuals continued to grow.
The post Kelly Benefits Data Breach Impacts 550,000 People appeared first on SecurityWeek.
https://www.securityweek.com/kelly-benefits-data-breach-impacts-550000-people/
Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover
Wed, 02 Jul 2025 10:08:35 +0000
A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites.
The post Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover appeared first on SecurityWeek.
https://www.securityweek.com/forminator-wordpress-plugin-vulnerability-exposes-400000-websites-to-takeover/
CISA Warns of Two Exploited TeleMessage Vulnerabilities
Wed, 02 Jul 2025 08:55:03 +0000
CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild.
The post CISA Warns of Two Exploited TeleMessage Vulnerabilities appeared first on SecurityWeek.
https://www.securityweek.com/cisa-warns-of-two-exploited-telemessage-vulnerabilities/