Category Security

Feb 04, 2025Ravie LakshmananVulnerability / Cyber Espionage A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW)…

Infostealers continued to grow in popularity on the cybercrime underground last year, with credentials from password stores appearing in 29% of malware samples analyzed by Picus Security. The security vendor’s Red Report 2025 examined over one million malware samples and…

Feb 04, 2025The Hacker NewsThreat Detection / Cloud Security As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities…

Texas Governor Greg Abbott has announced plans to create a Texas Cyber Command, designed to combat a “dramatic” rise in cyber-attacks targeting the US state. Abbott unveiled the Cyber Command as an emergency item during his State of the State…

Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek’s Artificial Intelligence (AI) platform, citing security risks. “Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security,” according to a…

Visitors to at least 17 e-commerce sites including Casio UK may have had their credit card details stolen by web skimmer malware, researchers have warned. Jscrambler said that the casio.co.uk infection was active January 14-24, but was remediated by the…

Feb 04, 2025Ravie LakshmananVulnerability / Mobile Security Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS…

Feb 04, 2025The Hacker NewsVulnerability / Cloud Security Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The…

Feb 04, 2025Ravie LakshmananVulnerability / SharePoint Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user’s credentials and stage follow-on attacks.…

Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems…