Data Security News
The Hacker News
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Luresby [email protected] (The Hacker News)
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring […]
- New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Frameworkby [email protected] (The Hacker News)
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file […]
- Why NHIs Are Security's Most Dangerous Blind Spotby [email protected] (The Hacker News)
When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the […]
- Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Serversby [email protected] (The Hacker News)
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable […]
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacksby [email protected] (The Hacker News)
Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw […]
- Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malwareby [email protected] (The Hacker News)
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation […]
- Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Toolsby [email protected] (The Hacker News)
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called […]
- Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesignby [email protected] (The Hacker News)
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational […]
Graham Cluley Blog
- Hackers access sensitive SIM card data at South Korea’s largest telecoms companyby Graham Cluley
Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack […]
- Smashing Security podcast #414: Zoom.. just one click and your data goes boom!by Graham Cluley
Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, […]
- The AI Fix #47: An AI is the best computer programmer in the worldby Graham Cluley
In episode 47 of The AI Fix, o3 becomes the best competitive programmer in the world, hacked California crosswalks speak with the voice of Elon Musk […]
- Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezosby Graham Cluley
"Stop, look, and listen" is the standard advice we should allow follow when crossing the road - but pedestrians in some parts are finding that they […]
- Smashing Security podcast #413: Hacking the hackers… with a credit card?by Graham Cluley
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And over in Nigeria, even […]
- Insurance firm Lemonade warns of breach of thousands of driving license numbersby Graham Cluley
A data breach at insurance firm Lemonade left the details of thousands of drivers' licenses exposed for 17 months. According to the company, on […]
- RansomHouse ransomware: what you need to knowby Graham Cluley
RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical […]
- The AI Fix #46: AI can read minds now, and is your co-host a clone?by Graham Cluley
In episode 46 of The AI Fix, China trolls US tariffs, a microscopic pogoing flea-bot makes a tiny leap forward for robotics, Google unveils the […]
Infosecurity Magazine
- Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes
Increased law enforcement pressure has forced ransomware groups like DragonForce and Anubis to move away from traditional affiliate models
- SAP Fixes Critical Vulnerability After Evidence of Exploitation
A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors
- M&S Shuts Down Online Orders Amid Ongoing Cyber Incident
British retailer M&S continues to tackle a cyber incident with online orders now paused for customers
- Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input
Researchers have found a Chrome extension that can act on the user’s behalf by using a popular AI agent orchestration protocol
- US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures
Panaseer's latest cybersecurity study revealed that US companies have paid $155M in data breach lawsuit settlements over just six months
- Popular LLMs Found to Produce Vulnerable Code by Default
Backslash Security found that naïve prompts resulted in code vulnerable to at least four of the of the 10 most common vulnerabilities across popular […]
- ELENOR-corp Ransomware Targets Healthcare Sector
ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities
- Blue Shield of California Data Breach Affects 4.7 Million Members
A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads
Dark Reading News
- Mobile Applications: A Cesspool of Security Issuesby Robert Lemos, Contributing Writer
An analysis of more than a half-million mobile apps find encryption problems, privacy issues, and known vulnerabilities in third-party code. What can […]
- How Organizations Can Leverage Cyber Insurance Effectivelyby Erich Kron
By focusing on prevention, education, and risk transfer through insurance, organizations — especially SMEs — can protect themselves from the […]
- Vehicles Face 45% More Attacks, 4 Times More Hackersby Nate Nelson, Contributing Writer
Two kinds of attacks are in high gear: ransomware attacks against OEMs and compromised electric vehicle chargers, according to data from Q1 2025.
- Phishing Kit Darcula Gets Lethal AI Upgradeby Becky Bracken
Recently added artificial intelligence capabilities on the Chinese-language Darcula phishing-as-a-service platform make phishing attacks easy for […]
- [Virtual Event] Anatomy of a Data Breach: And what to do if it happens to you
- 'SessionShark' ToolKit Evades Microsoft Office 365 MFAby Kristina Beek, Associate Editor, Dark Reading
The creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates […]
- Digital Twins Bring Simulated Security to the Real Worldby Robert Lemos, Contributing Writer
By simulating business environments or running software, while incorporating real-time data from production systems, companies can model the impact […]
- Max-Severity Commvault Bug Alarms Researchersby Jai Vijayan, Contributing Writer
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, […]
