🖋️ U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Justice Department DoJ on Monday announced the seizure of a web domain and database that it said was used to further a criminal scheme designed to target and defraud Americans by means of bank account takeover fraud. The domain in question, web3adspanels.org, was used as a backend web panel to host and manipulate illegally harvested bank login credentials. Users to the website are.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked as CVE202568613, carries a CVSS score of 9.9 out of a maximum of 10.0. The package has about 57,000 weekly downloads, according to statistics on npm. "Under certain.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Federal Communications Commission FCC on Monday announced a ban on all drones and critical components made in a foreign country, citing national security concerns. To that end, the agency has added to its Covered List Uncrewed aircraft systems UAS and UAS critical components produced in a foreign country, and all communications and video surveillance equipment and services pursuant.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚀 Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
Revisiting CVE‑2025‑50165: A critical flaw in Windows Imaging Component
ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation.
📔 Nissan: Thousands Impacted By Red Hat Breach 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Nissan has revealed that over 20,000 customers have had personal information compromised in a thirdparty data breach.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Nissan: Thousands Impacted By Red Hat Breach
Nissan has revealed that over 20,000 customers have had personal information compromised in a third-party data breach
📔 Hundreds of Arrests as Operation Sentinel Recovers $3m 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Operational Sentinel helps to crack down on cybercrime across 19 African countries in a monthlong campaign.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Hundreds of Arrests as Operation Sentinel Recovers $3m
Operational Sentinel helps to crack down on cybercrime across 19 African countries in a month-long campaign
🖋️ INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A law enforcement operation coordinated by INTERPOL has led to the recovery of 3 million and the arrest of 574 suspects by authorities from 19 countries, amidst a continued crackdown on cybercrime networks in Africa. The coordinated effort, named Operation Sentinel, took place between October 27 and November 27, 2025, and mainly focused on business email compromise BEC, digital extortion, and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Passwd: A walkthrough of the Google Workspace Password Manager 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and businessfocused secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasizes practicality over feature overload, aiming to provide a reliable system for teams that already rely.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤1
🦅 The Week in Vulnerabilities: More Than 2,000 New Flaws Emerge 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble Vulnerability Intelligence researchers tracked 2,415 vulnerabilities in the last week, a significant increase over even last weeks very high number of new vulnerabilities. The increase signals a heightened risk landscape and expanding attack surface in the current threat environment. Over 300 of the disclosed vulnerabilities already have a publicly available ProofofConcept PoC, significantly increasing the likelihood of realworld attacks. A total of 219 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 47 received a critical severity rating based on the newer CVSS v4.0 scoring system. Even after factoring out a high number of Linux kernel and Adobe vulnerabilities chart below, new vulnerabilities reported in the last week were still very ...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
IT Vulnerabilities Surge As ICS Flaws Push Weekly Record
IT vulnerabilities and ICS flaws surged past 2,000 in one week, with critical bugs, PoCs, and dark web activity raising risk for enterprises.
📔 Top Ransomware Trends of 2025 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity has selected some of the key ransomware statistics for 2025.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Top Ransomware Trends of 2025
Infosecurity has selected some of the key ransomware statistics for 2025
🦿 SEC Targets Crypto Platforms in Social Media Scam Crackdown 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
The Securities and Exchange Commission launched an enforcement wave targeting three purported cryptocurrency trading platforms and four investment clubs. The post SEC Targets Crypto Platforms in Social Media Scam Crackdown appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
SEC Targets Crypto Platforms in Social Media Scam Crackdown
The Securities and Exchange Commission launched an enforcement wave targeting three purported cryptocurrency trading platforms and four investment clubs.
❤1
🖋️ Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. The extensions are advertised as a "multilocation network speed test plugin" for developers and foreign trade personnel. Both the browser addons are available for download as of.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦅 RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Following our earlier reporting on RTOthemed threats, CRIL observed a renewed phishing wave abusing the eChallan ecosystem to conduct financial fraud. Unlike earlier Android malwaredriven campaigns, this activity relies entirely on browserbased phishing, significantly lowering the barrier for victim compromise. During the course of this research, CRIL also noted that similar fake eChallan scams have been highlighted by mainstream media outlets, including Hindustan Times, underscoring the broader scale and realworld impact of these campaigns on Indian users. The campaign primarily targets Indian vehicle owners via unsolicited SMS messages claiming an overdue traffic fine. The message includes a deceptive URL resembling an official eChallan domain. Once accessed, victims are presented...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
RTO Scam Wave Continues
CRIL Uncovers a New Wave of Browser-Based e-Challan Phishing Powered by Shared Fraud Infrastructure.
📢 US small businesses are fighting off a wave of cyber attacks 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
While threats are rising, many small business owners are trying to manage the risk themselves.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
US small businesses are fighting off a wave of cyber attacks
While threats are rising, many small business owners are trying to manage the risk themselves
🦿 Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
La Poste described the situation as a major network incident that affected all of its information systems. The post Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France
La Poste described the situation as “a major network incident” that affected all of its information systems.
🦿 UK Government Urged to Review Palantir Contracts After Swiss Security Report 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
The report warned that sensitive military data shared with Palantir could potentially be accessed by US government bodies, including intelligence services. The post UK Government Urged to Review Palantir Contracts After Swiss Security Report appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
UK Government Urged to Review Palantir Contracts After Swiss Security Report
The report warned that sensitive military data shared with Palantir could potentially be accessed by US government bodies, including intelligence services.
🖋️ Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Apple has been fined 98.6 million 116 million by Italy's antitrust authority after finding that the company's App Tracking Transparency ATT privacy framework restricted App Store competition. The Italian Competition Authority Autorit Garante della Concorrenza e del Mercato, or AGCM said the company's "absolute dominant position" in app distribution allowed it to "unilaterally impose".📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚀 A brush with online fraud: What are brushing scams and how do I stay safe? 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
A brush with online fraud: What are brushing scams and how do I stay safe?
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.
📔 Reworked MacSync Stealer Adopts Quieter Installation Process 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A newly discovered macOS malware mimics legitimate apps codesigned and notarized by Apple.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Reworked MacSync Stealer Adopts Quieter Installation Process
A newly discovered macOS malware mimics legitimate apps code-signed and notarized by Apple
📔 Clop Ransomware Group Linked to 3.5m University of Phoenix Breach 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A University of Phoenix data breach affecting nearly 3.5 million individuals has been claimed by the Clop ransomware collective.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Clop Ransomware Group Linked to 3.5m University of Phoenix Breach
A University of Phoenix data breach affecting nearly 3.5 million individuals has been claimed by the Clop ransomware collective
📔 La Poste Still Offline After Major DDoS Attack 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
French postal service warns of major network incident just before Christmas.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
La Poste Still Offline After Major DDoS Attack
French postal service warns of “major network incident” just before Christmas