🖋️ ⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely onand in some cases, they started attacking before a fix was even ready. Below, we list the urgent updates you need to install right now to stop these active threats. Threat of the Week Apple and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ A Browser Extension Risk Guide After the ShadyPanda Campaign 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale. A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them run clean for years to build trust and gain millions of installs, then suddenly flipping them into.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🤯1
🖋️ Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMountISO by Seqrite Labs, has primarily singled out finance and accounting entities, with those in the procurement, legal, payroll.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The proRussian hacktivist group known as CyberVolk aka GLORIAMIST has resurfaced with a new ransomwareasaservice RaaS offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee. According to SentinelOne, VolkLocker aka CyberVolk 2.x emerged in August 2025 and is capable of targeting both Windows.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Asahi Groups CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company
📔 Top 25 Most Dangerous Software Weaknesses of 2025 Revealed 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs
📔 NCSC Playbook Embeds Cyber Essentials in Supply Chains 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The UKs National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
NCSC Playbook Embeds Cyber Essentials in Supply Chains
The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers
🖋️ FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Multiple security vulnerabilities have been disclosed in the opensource private branch exchange PBX platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below CVE202561675 CVSS score 8.6 Numerous.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📢 Cyber resilience in the UK: learning to take the punches 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
UK law now puts resilience at the centre of cybersecurity strategies but is legislation simply catching up with enterprise understanding that resilience is more than just an IT issue?.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Cyber resilience in the UK: learning to take the punches
UK law now puts resilience at the centre of cybersecurity strategies – but is legislation simply catching up with enterprise understanding that resilience is more than just an IT issue?
📔 Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A new phishing campaign has been identified, delivering the Phantom informationstealing malware via an ISO attachment.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment
📔 Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case
A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts
🖋️ Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence AIpowered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, xAI Grok, Meta AI, and Perplexity. The extension in question is Urban VPN Proxy, which has a 4.7 rating on the Google Chrome.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🤔2❤1😱1
🖋️ Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy aka Prince of Persia, nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. "The scale of Prince of Persia's activity is more significant than we originally anticipated," Tomer Bar, vice president of security research at SafeBreach, said.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤3
🖋️ U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Department of Justice DoJ this week announced the indictment of 54 individuals in connection with a multimillion dollar ATM jackpotting scheme. The largescale conspiracy involved deploying malware named Ploutus to hack into automated teller machines ATMs across the U.S. and force them to dispense cash. The indicted members are alleged to be part of Tren de Aragua TdA, Spanish for.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤1
📢 UK government confirms October cyber breach: Everything we know so far 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Details around Foreign Office hack remain sparse and government says it's unclear who is behind the attack.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
UK government confirms October cyber breach: Everything we know so far
Details around Foreign Office hack remain sparse and government says it's unclear who is behind the attack
📢 Warning issued as surge in OAuth device code phishing leads to M365 account takeovers 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Successful attacks enable full M365 account access, opening the door to data theft, lateral movement, and persistent compromise.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Warning issued as surge in OAuth device code phishing leads to M365 account takeovers
Successful attacks enable full M365 account access, opening the door to data theft, lateral movement, and persistent compromise
📢 What Palo Alto Networks' $10bn deal with Google Cloud means for customers 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
The extension of an existing partnership between Palo Alto Networks and Google Cloud is designed to boost security amid rise in AI.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
What Palo Alto Networks' $10bn deal with Google Cloud means for customers
The extension of an existing partnership between Palo Alto Networks and Google Cloud is designed to boost security amid rise in AI
📢 Amazon CSO Stephen Schmidt says the company has rejected more than 1,800 fake North Korean job applicants in 18 months – but one managed to slip through the net 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Analysis from Amazon highlights the growing scale of North Koreanbacked "fake IT worker" campaigns.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Amazon CSO Stephen Schmidt says the company has rejected more than 1,800 fake North Korean job applicants in 18 months – but one…
Analysis from Amazon highlights the growing scale of North Korean-backed "fake IT worker" campaigns
📢 CRINK attacks: which nation state hackers will be the biggest threat in 2026? 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
The past year has seen a number of attacks performed by China, Russia, Iran and North Korea CRINK.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
CRINK attacks: which nation state hackers will be the biggest threat in 2026?
The past year has seen a number of attacks performed by China, Russia, Iran and North Korea (CRINK)
🦿 Price Drop: This Complete Ethical Hacking Bundle is Now $33 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. This bundle is just 32.97 for a limited time. The post Price Drop This Complete Ethical Hacking Bundle is Now 33 appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. This bundle is just $32.97.
🖋️ Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker's device to a victim's WhatsApp account. The package, named "lotusbail," has been downloaded over 56,000 times since it was first uploaded to the registry by a user named ".📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity