Category: Uncategorized
-

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks [email protected] (The Hacker News)
The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. “MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts,” Recorded Future’s Insikt Group said in a report shared with The Hacker News. “The malware employs sandbox and virtual machine evasion techniques, a domainRead…
-

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support [email protected] (The Hacker News)
A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. “Brand new Microsoft accounts will now be ‘passwordless by default,’” Microsoft’s Joy Chik and Vasu Jakkal said. “New users will have…
-
15 of the biggest ransomware attacks in history
From attacks on private organizations and manufacturers to healthcare organizations and even entire countries, ransomware has done extensive damage in recent years.Read More
-

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers [email protected] (The Hacker News)
Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. “Pinging functionality that can report back to a…
-
RSAC 2025: The time for crypto-agility adoption is now
An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography.Read More
-
4 lessons in the new era of AI-enabled cybercrime
Cyberattacks have evolved rapidly as GenAI use has become more widespread. An RSAC Conference 2025 panel shared what they’ve learned over the past two years.Read More
-

Why top SOC teams are shifting to Network Detection and Response [email protected] (The Hacker News)
Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,Read More
-

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign [email protected] (The Hacker News)
Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an “influence-as-a-service” operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating aRead…
-

New Research Reveals: 95% of AppSec Fixes Don’t Reduce Risk [email protected] (The Hacker News)
For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its place, a new reality took hold—one defined…
-

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics [email protected] (The Hacker News)
Russian companies have been targeted as part of a large-scale phishing campaign that’s designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said. The activity is assessed to be the work…
