Category: Uncategorized
-

Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection [email protected] (The Hacker News)
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users’ personal location and maintaining their facial recognition data without consent. The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states.…
-

Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data [email protected] (The Hacker News)
Germany’s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency…
-
SAP Netweaver Zero-Day Attack
What is the Attack?A zero-day SAP vulnerability, CVE-2025-31324, with CVSS score of 10.0 is being actively exploited in the wild. This vulnerability affects SAP Visual Composer, allowing unauthenticated threat actors to upload arbitrary files, resulting in full compromise of the targeted system that could significantly affect the confidentiality, integrity, and availability of the targeted system.The…
-
News brief: AI security risks highlighted at RSAC 2025
Check out the latest security news from the Informa TechTarget team.Read More
-

BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation [email protected] (The Hacker News)
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill…
-

OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities [email protected] (The Hacker News)
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have “actively and continuously” updated the malware, introducing versions v3 and…
-

Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials [email protected] (The Hacker News)
Cybersecurity researchers are warning of a new campaign that’s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. “The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox,” Cisco…
-

Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business [email protected] (The Hacker News)
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask: Are they secure? AI agents work with…
-

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials [email protected] (The Hacker News)
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. “Disguised as developer tools offering ‘the cheapest Cursor API,’ these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor’sRead More
-

Beyond Vulnerability Management – Can You CVE What I CVE? [email protected] (The Hacker News)
The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinctRead More
