ASUS Urges Users to Patch AiCloud Router Vuln Immediately – Dark Reading
The vulnerability is only found in the vendor’s router series and can be triggered by an attacker using a crafted request — all of which helps make it a highly…
Cyber
Nation-State Threats Put SMBs in Their Sights – Dark Reading
Cyberthreat groups increasingly see small and medium businesses, especially those with links to larger businesses, as the weak link in the supply chain for software and IT services. – Read…
Microsoft SFI update: Five of 28 security objectives nearly complete – CSO Online
Microsoft says five of the 28 objectives it set for overhauling the way it designs, builds, tests, and operates products and services to improve security are nearing completion, although there…
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks – The Hacker News
A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking…
The Global AI Race: Balancing Innovation and Security – Dark Reading
The AI security race is on — and it will be won where defenders come together with developers and researchers to do things right. – Read More
ASUS patches critical router flaw that allows remote attacks – CSO Online
ASUS is urging customers with AiCloud enabled on their ASUS routers to immediately upgrade firmware against a critical vulnerability that allows unauthorized activities by remote actors. Tracked as CVE-2025-2492, the…
5 Reasons Device Management Isn’t Device Trust – The Hacker News
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report…
AI in incident response: from smoke alarms to predictive intelligence – CSO Online
For years, cybersecurity incident response was a bit like listening for smoke alarms in a mansion–if you heard a beep, you knew something was on fire. Signature-based detection did the…
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More – The Hacker News
Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside…
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery – The Hacker News
Cybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity,…
Two ways AI hype is worsening the cybersecurity skills crisis – CSO Online
AI was supposed to make security teams more efficient, but instead, it’s making their jobs harder. Security professionals are being pulled in two directions: they’re being expected to govern their…
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures – The Hacker News
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that’s targeting diplomatic entities across Europe with a new variant of WINELOADER and a…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems – The Hacker News
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in…
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware – The Hacker News
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as…
Could Ransomware Survive Without Cryptocurrency? – Dark Reading
Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene. – Read More