Iran-Nexus Threat Actor UNC1549 Takes Aim at Aerospace – Dark Reading
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia. – Read More
Cyber
Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar – The Hacker News
The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such offerings and further…
More work for admins as Google patches latest zero-day Chrome vulnerability – CSO Online
For the third time in recent months, Google has found itself scrambling to fix a potentially serious zero-day flaw in the Chrome browser’s V8 JavaScript engine. Addressed on Monday as…
How We Ditched the SaaS Status Quo for Time-Series Telemetry – Dark Reading
Free the logs! Behind the scenes at InfluxData, which turned to its own in-house security monitoring platform, DiSCO, to protect its supply chain after its third-party tool was breached. –…
Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam – Dark Reading
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade. – Read…
Bug Bounty Programs Rise as Key Strategic Security Solutions – Dark Reading
Bug bounty programs create formal channels for organizations to leverage external security expertise, offering researchers legal protection and financial incentives for ethical vulnerability disclosure. – Read More
Meta Expands WhatsApp Security Research with New Proxy Tool and $4M in Bounties This Year – The Hacker News
Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively…
Energiesektor im Visier von Hackern – CSO Online
Energieversorger müssen ihre Systeme vor immer raffinierteren Cyberangriffen schützen. vectorfusionart – shutterstock.com Die Energieversorgung ist das Rückgrat moderner Gesellschaften. Stromnetze, Gaspipelines und digitale Steuerungssysteme bilden die Grundlage für Industrie, Transport…
Researchers Detail Tuoni C2’s Role in an Attempted 2025 Real-Estate Cyber Intrusion – The Hacker News
Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as…
Stadtwerke Detmold von Hackerangriff betroffen – CSO Online
Auf der Website der Stadtwerke Detmold befindet sich aktuell ein Banner mit einem Hinweis zu einer IT-Störung. Stadtwerke Detmold – Screenshot Die Stadtwerke Detmold informieren ihre Kunden aktuell über einen…
Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks – The Hacker News
Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense industries in the Middle…
Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild – CSO Online
Security researchers are warning about two critical vulnerabilities in Fortinet’s FortiWeb appliances, now tracked under CVE-2025-64446, being actively exploited in the wild. According to findings published by watchTowr, one flaw…
Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale – The Hacker News
You’ve probably already moved some of your business to the cloud—or you’re planning to. That’s a smart move. It helps you work faster, serve your customers better, and stay ahead.…
Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower – CSO Online
Azure has blocked its largest DDoS attack to date, a 15.72 Tbps strike linked to the Aisuru IoT botnet that also surged to nearly 3.64 billion packets per second and…
Beyond IAM Silos: Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities – The Hacker News
Identity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access management (AM), privileged access management (PAM), and…