Latest news as of 7/13/2025, 3:21:20 AM
The Register
A reason to celebrate SANS and its 35 years of cyber security training Cybercrime never sleeps. As threats continue to evolve and attack surfaces become broader and harder to defend, it has never been more important for the good guys to keep their skills sharp and their knowledge up to date.… Sponsored Post
The Hacker News
A 59-year-old U.S. citizen who immigrated from the People's Republic of China (PRC) has been sentenced to four years in prison for conspiring to act as a spy for the country and sharing sensitive information about his employer with China's principal civilian intelligence agency. Ping Li, 59, of Wesley Chapel, Florida, is said to have served as a cooperative contact for the Ministry of State
The Hacker News
Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality,
Bleeping Computer
The Tor Project has put out an urgent call to the privacy community asking volunteers to help deploy 200 new WebTunnel bridges by the end of the year to fight government censorship. [...]
Graham Cluley
What makes Mimic particularly unusual is that it exploits the API of a legitimate Windows file search tool ("Everything" by Voidtools) to quickly locate files for encryption. Find out more about the threat in my article on the Tripwire State of Security blog.
The Register
Systems are isolated and pulled offline, while scheduled procedures are canceled The ongoing cybersecurity incident affecting a North West England NHS group has forced sites to fall back on pen-and-paper operations, according to a statement.…
The Hacker News
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is
The Hacker News
Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems. The package, named @0xengine/xmlrpc, was originally published on October 2, 2023 as a JavaScript-based XML-RPC
Bleeping Computer
Major UK healthcare provider Wirral University Teaching Hospital (WUTH), part of the NHS Foundation Trust, has suffered a cyberattack that caused a systems outage leading to postponing appointments and scheduled procedures. [...]
The Hacker News
A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems since at least June 2024. "Cybercriminals have been taking advantage of Godot Engine to execute crafted GDScript code which triggers malicious commands and delivers malware," Check Point said in a new analysis published Wednesday. "The technique