Latest news as of 6/9/2025, 10:43:14 AM
The Hacker News
A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International. "NoviSpy allows for capturing sensitive personal data from a target's phone after infection and provides the ability to turn on the phone's microphone or camera remotely," the
The Hacker News
With the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and compliance. As we enter the age of artificial intelligence (AI), the importance of robust pipeline governance has only intensified. With that said, we’ll explore the concept of CI/CD pipeline governance and why it's vital, especially as AI becomes
The Hacker News
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked Winnti (
The Hacker News
Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring famous personalities, ultimately leading to financial and data loss. "The main goal of the fraudsters is to lead victims to phishing websites and forms that harvest
Check Point Research
For the latest discoveries in cyber research for the week of 16th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Romanian National Cybersecurity Directorate (DNSC) has disclosed a ransomware attack conducted by Lynx ransomware gang on the country’s energy provider Electrica Group, which provides services to more than 3.8M people across […] The post appeared first on . 16th December – Threat Intelligence Report Check Point Research
The Hacker News
The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games." Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv. These groups, per the agency,
The Register
Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more There's a problem of titanic proportions brewing for users of the Prometheus open source monitoring toolkit: hundreds of thousands of servers and exporters are exposed to the internet, creating significant security risks and leaving organizations vulnerable to attack.… Infosec in brief
Bleeping Computer
The Chinese Winnti hacking group is using a new PHP backdoor named 'Glutton' in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. [...]
Bleeping Computer
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...]
Have I Been Pwned
In August 2024, . The breach exposed the personal information of 2.1M subscribers to the service . The data included email addresses, names and salted SHA-256 password hashes. data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher which was marketed under a series of different brand names