🖋️ Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort has targeted the following domains www.cracked.io www.nulled.to www.mysellix.io www.sellix.io www.starkrdp.io Visitors to these websites are now greeted by a seizure banner that says they were confiscated.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in a.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Syncjacking Attack Enables Full Browser and Device Takeover 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
SquareX researchers warn that browser syncjacking could lead to full browser and device hijacking.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Syncjacking Attack Enables Full Browser and Device Takeover
SquareX researchers warn that browser syncjacking could lead to full browser and device hijacking
📔 DeepSeek Exposed Database Leaks Sensitive Data 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Researchers at Wiz uncovered a publicly accessible database belonging to Chinese GenAI provider DeepSeek that leaked sensitive data, including chat history.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
DeepSeek Exposed Database Leaks Sensitive Data
Researchers at Wiz uncovered a publicly accessible database belonging to Chinese GenAI provider DeepSeek that leaked sensitive data, including chat history
👏1
🦅 DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Overview DeepSeek is a Chinese artificial intelligence company that has developed opensource large language models LLMs. In January 2025, DeepSeek launched its first free chatbot app, DeepSeek AI Assistant, which rapidly became the most downloaded free app on the iOS App Store in the United States, surpassing even OpenAIs ChatGPT. However, with rapid growth comes new riskscybercriminals are exploiting DeepSeeks reputation through phishing campaigns, fake investment scams, and malware disguised as DeepSeek. This analysis seeks to explore recent incidents where Threat Actors TAs have impersonated DeepSeek to target users, highlighting their tactics and how readers can secure themselves accordingly. Recently, Cyble Research and Intelligence Labs CRIL identified multiple suspicious...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Deepseeks' Growing Influence: Surge In Frauds & Phishing Attacks
Explore how Deepseeks' growing influence is driving a surge in frauds and phishing attacks. Learn the impact on cybersecurity and how to stay protected
👍1
🕵️♂️ New Jailbreaks Allow Users to Manipulate GitHub Copilot 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Whether by intercepting its traffic or just giving it a little nudge, GitHub's AI assistant can be made to do malicious things it isn't supposed to.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
New Jailbreaks Allow Users to Manipulate GitHub Copilot
Whether by intercepting its traffic or just giving it a little nudge, GitHub's AI assistant can be made to do malicious things it isn't supposed to.
🖋️ Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence AI technology powered by Google to further enable their malicious cyber and information operations. "Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities," Google Threat.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Attackers Increase Use of HTTP Clients for Account Takeovers 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
HTTP client tools used to compromise Microsoft 365 environments with 78 of tenants targeted in 2024.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Attackers Increase Use of HTTP Clients for Account Takeovers
HTTP client tools used to compromise Microsoft 365 environments with 78% of tenants targeted in 2024
👍1
♟️ Infrastructure Laundering: Blending in with the Cloud ♟️
📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit a sprawling network tied to Chinese organized crime gangs and aptly named "Funnull" highlights a persistent whacamole problem facing cloud services.📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
Krebs on Security
Infrastructure Laundering: Blending in with the Cloud
In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such…
📔 Google Blocked 2.36 Million Policy-Violating Apps 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Google Play blocked 2.36 million policyviolating apps and banned 158,000 harmful developer accounts in 2024.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Google Blocked 2.36 Million Policy-Violating Apps
Google Play blocked 2.36 million policy-violating apps and banned 158,000 harmful developer accounts in 2024
👎1
🦿 DeepSeek Locked Down Public Database Access That Exposed Chat History 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Research Firm Wiz Research began investigating DeepSeek soon after its generative AI took the tech world by storm.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
DeepSeek Locked Down Public Database Access That Exposed Chat History
Research Firm Wiz Research began investigating DeepSeek soon after its generative AI took the tech world by storm.
🕵️♂️ Healthcare Sector Charts 2 More Ransomware Attacks 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Healthcare Sector Charts 2 More Ransomware Attacks
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.
🖋️ Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain elevated access or obtain sensitive information. The list of identified flaws, which impact versions 8.x of the software, is below CVE202522218 CVSS score 8.5 A malicious actor with View Only Admin.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦅 Dark Web Activity January 2025: A New Hacktivist Group Emerges 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Overview Cyble dark web researchers investigated more than 250 dark web claims by threat actors in January 2025, with more than a quarter of those targeting U.S.based organizations. Of threat actors TAs on the dark web targeting U.S. organizations during the month, 15 were ransomware groups claiming successful attacks or selling data from those attacks. Ransomware group claims accounted for about 40 of the Cyble investigations. Most of the investigations examined threat actors claiming to be selling data stolen from organizations, or selling access to those organizations networks. Several investigations focused on cyberattacks orchestrated by hacktivist groups including a new Russian threat group identified here for the first time. Sector 16 Teams Up With Russian Hackti...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
📔 DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cyber reports exposed major security flaws in DeepSeeks R1 LLM.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities
Cyber reports exposed major security flaws in DeepSeek’s R1 LLM
📔 International Operation Dismantles Cracked and Nulled Cybercrime Hubs 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
International Operation Dismantles Cracked and Nulled Cybercrime Hubs
A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services
🦅 Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Overview Cybles weekly vulnerability insights to clients cover key vulnerabilities discovered between January 22 and January 28, 2025. The findings highlight a range of vulnerabilities across various platforms, including critical issues that are already being actively exploited. Notably, the Cybersecurity and Infrastructure Security Agency CISA added two vulnerabilities to their Known Exploited Vulnerability KEV catalog this week. Among these, the zeroday vulnerability CVE202523006 stands out as a critical threat affecting SonicWalls SMA1000 appliances. In this weeks analysis, Cyble delves into multiple vulnerabilities across widely used software tools and plugins, with particular attention to SimpleHelp remote support software, Ivantis Cloud Services Appliance, and issues wit...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Cyble's Weekly Vulnerability Update: Critical SonicWall Zero-Day
Cyble’s weekly report highlights key vulnerabilities discovered from Jan 22-28, 2025, including critical SonicWall zero-day and active exploits targeting major platforms.
📢 Two of the world's largest cyber crime forums knocked offline 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Two cyber crime forums, Cracked and Nulled, have been taken down as part of a police operation involving international partners.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
ITPro
Two of the world's largest cyber crime forums knocked offline
Europol, the US Justice Department, and other agencies have seized Cracked and Nulled
📢 Data sovereignty a growing priority for UK enterprises 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Many firms view data sovereignty as simply a compliance issue.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Data sovereignty a growing priority for UK enterprises
Many firms view data sovereignty as simply a compliance issue
🧠 AI decision-making: Where do businesses draw the line? 🧠
📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
A computer can never be held accountable, therefore a computer must never make a management decision. IBM Training Manual, 1979 Artificial intelligence AI adoption is on the rise. According to the IBM Global AI Adoption Index 2023, 42 of enterprises have actively deployed AI, and 40 are experimenting with the technology. Of those using The post AI decisionmaking Where do businesses draw the line? appeared first on Security Intelligence.📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
Security Intelligence
AI decision-making: Where do businesses draw the line?
As AI takes a greater role in our lives, it begs an important question: If AI makes a mistake with serious consequences, who takes the blame?
🖋️ CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Food and Drug Administration FDA have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN120 patient monitors. The vulnerability, tracked as CVE20250626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity