‘SessionShark’ ToolKit Evades Microsoft Office 365 MFA – Dark Reading
The creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates it’s anything but. – Read More
Cyber
Digital Twins Bring Simulated Security to the Real World – Dark Reading
By simulating business environments or running software, while incorporating real-time data from production systems, companies can model the impact of software updates, exploits, or disruptions. – Read More
Max-Severity Commvault Bug Alarms Researchers – Dark Reading
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers. – Read More
NFC-Powered Android Malware Enables Instant Cash-Outs – Dark Reading
Researchers at security vendor Cleafy detailed a malware known as “SuperCard X” that uses the NFC reader on a victim’s own phone to steal credit card funds instantly. – Read…
Gig Worker Platforms at Risk for Data Breaches, Fraud, Account Takeovers – Dark Reading
Fraudsters are targeting high-turnover workforces and compromising accounts that are associated with frequent payouts. – Read More
Phishing Kit Darcula Gets Lethal AI Upgrade – Dark Reading
Recently added artificial intelligence capabilities on the Chinese-language Darcula phishing-as-a-service platform make phishing attacks easy for even the least technical hackers. – Read More
FBI: Cybercrime Losses Rocket to $16.6B in 2024 – Dark Reading
The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according…
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware – The Hacker News
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea’s…
Navigating Regulatory Shifts & AI Risks – Dark Reading
By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage. – Read More
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools – The Hacker News
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a “major blind…
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure – The Hacker News
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. “We continue to see…
Trotz Back-Up: 86 Prozent der Unternehmen zahlen Lösegeld – CSO Online
80 Prozent der Cyberangriffe beginnen mit kompromittierten Zugangsdaten und einem Active Directory. Andrey_Popov – shutterstock.com Cybertools um sich gegen Angriffe zu wappnen, werden genauso wie Kampagnen zur Sensibilisierung gegen Phishing…
GitHub secrets: Deleted files still pose risks – CSO Online
Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to look. Cybersecurity researcher Sharon Brizinov…
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals – The Hacker News
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. “This addition lowers the technical barrier for…
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign – The Hacker News
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an…