Chinese Hackers Allegedly Pose as US Lawmaker – Dark Reading
Chinese state-backed threat actors are suspected of posing as Michigan congressman John Moolenaar in a series of spearphishing attacks. – Read More
September 2025
Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems – The Hacker News
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme. “This multi-stage…
Neues Phishing-Framework umgeht Multi-Faktor-Authentifizierung – CSO Online
Phishing 2.0 nutzt Subdomain-Rotation und Geoblocking. janews – Shutterstock.com Eine kürzlich aufgedeckte Phishing-Kampagne steht in Verbindung mit Salty2FA, einem Phishing-as-a-Service-(PhaaS-)Framework. Es soll entwickelt worden sein, um Multi-Faktor-Authentifizierung (MFA) zu umgehen.…
The Quiet Revolution in Kubernetes Security – Dark Reading
As Kubernetes becomes the foundation of enterprise infrastructure, the underlying operating system must evolve alongside it. – Read More
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems – The Hacker News
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows…
Cursor’s autorun lets hackers execute arbitrary code – CSO Online
Oasis Security has uncovered a flaw in the widely used AI-powered code editor Cursor that lets malicious repositories silently execute code the moment a developer opens them. According to a…
Ransomware upstart ‘The Gentlemen’ raises the stakes for OT‑heavy sectors – CSO Online
A new threat actor, The Gentlemen, has emerged as a fast-moving ransomware group that has rapidly expanded its activity across Asia Pacific, South America, the US, and the Middle East.…
Dormant macOS Backdoor ChillyHell Resurfaces – Dark Reading
With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols. – Read More
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs – The Hacker News
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the…
What the Salesloft Drift breaches reveal about 4th-party risk – CSO Online
The recent SalesLoft Drift breaches revealed an uncomfortable truth that keeps me up at night, and should keep every CISO awake, too. Organizations weren’t breached through their vendor. They weren’t…
Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety – The Hacker News
Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement (MIE) that’s built into its newly introduced iPhone models, including iPhone 17 and iPhone Air. MIE, per the…
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations – The Hacker News
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC)…
The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services – The Hacker News
Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance…
How AI is transforming law firms & legal practice – Legal Futures
OneAdvanced look into how AI is enhancing efficiency in legal operations, including limitations, challenges and how to manage risks. The post How AI is transforming law firms & legal practice…
Dye & Durham enhances AML compliance with Credas Integration in its Unity Practice Management – Legal Futures
Dye & Durham UK has announced the integration of a new suite of Anti-Money Laundering (AML) and Know Your Customer (KYC) tools into its Unity Practice Management platform. The post…