Latest news as of 8/17/2025, 12:24:50 PM
The Hacker News
Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint
Dark Reading
Investing in building a human-centric defense involves a combination of adaptive security awareness training, a vigilant and skeptical culture, and the deployment of layered technical controls.
Bleeping Computer
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems. [...]
The Register
Devs told to exercise 'extreme caution' with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.…
Dark Reading
Random numbers are the cornerstone of cryptographic security — cryptography depends on generating random keys. As organizations adopt quantum-resistant algorithms, it's equally important to examine the randomness underpinning them
The Hacker News
Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties
The Hacker News
Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.
Bleeping Computer
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide. [...]
The Register
Founder miffed over prosecutors holding onto its Bitcoin The founder of a German mobile phone repair and insurance biz has begun insolvency proceedings for some operations in his company after struggling financially following a costly ransomware attack in 2023.…
The Hacker News
Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT didn’t just get democratized, its security got outpaced. Employees are onboarding apps faster than