“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools [email protected] (The Hacker News)
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a “major blind spot in Linux runtime security tools,” ARMO said. “This mechanism allows a user application to perform various actions without using system calls,” the company said…
-
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals [email protected] (The Hacker News)
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. “This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a new report shared with The Hacker News. “Read…
-
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign [email protected] (The Hacker News)
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sectorRead More
-
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely [email protected] (The Hacker News)
A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028, carries a CVSS score of 9.0 out of a maximum of 10.0. “A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute…
-
DLP vs. DSPM: What’s the difference?
Data loss prevention and data security posture management tools give organizations powerful features to protect data in the cloud and on-premises.Read More
-
Change is in the wind for SecOps: Are you ready?
Attackers have historically had time on their side, outpacing defenders who have struggled to keep up. Agentic AI appears poised to change the game.Read More
-
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads [email protected] (The Hacker News)
WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users to block participants from sharing the contents of a conversation in traditional chats and groups. “This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy,”…
-
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack [email protected] (The Hacker News)
Multiple threat activity clusters with ties to North Korea (aka Democratic People’s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. “The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North…
-
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign [email protected] (The Hacker News)
The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber espionage-related operations. The intrusion set is said to have distributed…
-
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices [email protected] (The Hacker News)
Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software. “The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs,”…
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova